We are looking for an PCI DSS Auditor to particiapte in a project for one of our clients.

Primary Responsibilities:
 
Provide direction and compliance oversight as applicable to information systems including liaising with finance, other internal stakeholders, internal and external auditors

• Identify risks and key controls in conjunction with business process and IT owners
• Reviews results of tests of design and tests of operating effectiveness for key controls and assesses the significance of potential findings
• Assist with the remediation of key control failures with process owners to evaluate root causes for the failure and to determine potential solutions to improve the internal control environment
• Maintain the repository of key controls and testing results to facilitate periodic reporting to senior management.

Develop, implement and monitor a global, strategic and comprehensive enterprise information systems compliance program:

• Ensure compliance to the Payment Card Industry / DSS standard as applicable.
• Ensure compliance all facets of information systems.

Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices 

• Create and manage a unified and flexible control framework to integrate and normalize the wide variety and ever-changing requirements resulting from global laws, standards and regulations.
• Ensure that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
• Provide support to corporate audit team during periodic audits
• Proactively work with the Pall functional groups (e.g. Legal, Compliance, Finance, HR), and business units to implement practices that meet defined policies and standards for information security.
• Enable all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information to be in compliance with the organization's information security policies.

Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.

• Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers 
• Perform related duties and fulfill responsibilities as required.

Must have

• Knowledge and understanding of relevant legal and regulatory requirements, such as the PCI/DSS Standard.
• ·In depth understanding and hands-on experience with managing Information Systems Compliance.
• A working knowledge of current information security technologies.
• A track record of working in collaboration with cross-functional teams to manage compliance.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.

Qualifications

• Relevant Qualification
• 6+ years of experience in Information Systems Compliance related roles.