Search for University Jobs in Staff & Non-Managerial Professionals
Senior Analyst - PCI Security
Utah Valley University
Senior Analyst - PCI Security
: Staff - Full-Time
If you're a highly motivated security professional with the discipline and initiative to consistently perform at the top of your game, we have a fantastic opportunity for you to join our team as a Senior Analyst PCI Security to support our mission at Utah Valley University.
Key roles and responsibilities of this position:
- Maintain Security Information and Even Management (SIEM), Web Application Firewall, Application Whitelisting, Secure Active Directory Domain, File Integrity Monitoring Agents, Network Firewall, Network IDS/IPS, and other security systems. Support campus merchants in PCI audits and self-assessments. Conduct reviews of internally generated PCI compliance documents and make recommendations.
- Daily monitor and review logs and alerts from Point of Sale (POS) systems, firewalls, and other security systems. As well as monitor and enforce patching of systems within PCI scope.
- Manage external consultants and service providers and support 3rd party reviews and assessment. Provide ongoing guidance and consultation to the organization to promote a progressive and sustainable PCI compliance initiative. Track mitigation steps and ensure that risks are managed appropriately and in a timely manner and develop metrics to report and demonstrate PCI compliance status. Assist with integrating PCI compliance requirements into the organization's processes and life cycle activities. Test for adherence to PCI controls, policies, procedures and standards. Communicate PCI risk posture and compliance effectiveness to Management on a scheduled basis.
- Document and present PCI-DSS findings to leadership and the Campus Compliance Committee and educate staff at campus merchants on PCI security standards and best practices. Keep current copies of PCI applicable documents for each merchant including any Self-Assessment Questionnaire (SAQ), Attestation of Compliance (AOC), Report on Compliance (ROC), Approved Scanning Vendor (ASV). Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures have been achieved.
- Prepare and test Incident Response Plans for PCI and Campus systems, and respond to security events as outlined in the Incident Response Plans. Maintain current security training & certifications applicable to security functions at the institution.
- Manage quarterly internal and external scans, penetration testing, issue resolution and documentation of remediation for all campus merchants. Perform periodic gap analyses and implement controls to ensure security and compliance; scan Reports, and PCI PA-DSS Reports of Validation (ROV); support in the preparation of weekly and monthly status reporting of PCI Program and perform other job related duties as assigned.
Graduation from an accredited institution with a masters degree in Information Technology, computer science, Accounting or technology-related field, plus two years of experience; OR any combination of education and experience totaling seven years.
Knowledge, Skills and Abilities:
- Knowledge of current trends and developments in the PCI-DSS and PCI PA-DSS.
- Knowledge of audit methodologies and security assessment tools.
- Knowledge and experience with information technology security issues and best practices.
- Understanding of information systems and network diagrams.
- Working knowledge of Network Firewall, Host Firewalls, VPNs, Security Information and Event Management (SIEM).
- Working knowledge of Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS).
- Experience evaluating the security infrastructure for enterprise
- Strong technical understanding of a broad range of security concepts and countermeasures including workstation security, perimeter security, account management, application security, cryptography, and network security.
- Problem solving and decision making skills.
- Excellent written and oral communication skills, can express thoughts clearly.
- Ability to collaborate with others and work in a team environment as a team player.
- Ability to work independently without supervision.
- Ability to learn and implement new technology.
Industry certifications are preferred but not required such as CISSP, CISA, and CISM or SANS certifications.
Must be able to sit for extended periods of time and walk long distances from one work site to another. Must be able to lift up to 25 pounds. Must have close visual acuity to perform a variety of tasks.
UVU offers an excellent benefits package which includes a generous leave policy, 12 paid holidays, affordable medical and dental insurance options, life and AD&D insurance, tuition waiver (undergraduate resident) for employee and dependents and substantial employer contribution to a retirement plan.
$65,873 - $94,225 DOE
Finance and Business Svcs.
Review Start Date:
Open Until Filled:
Special Instructions to Applicant:
Priority consideration will be given to those applicants who apply on or before the Review Start Date." This job advertisement may close at any time after the review date.
Please list a minimum of three business references. References may be contacted at some point during the screening and selection process for a letter of recommendation.
To apply, visit: https://www.uvu.jobs/postings/15100
Employment decisions are made on the basis of an applicants qualifications and ability to perform the job without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, gender expression, age (40 and over), disability, veteran status, pregnancy, childbirth, or pregnancy-related conditions, genetic information, or other bases protected by applicable federal, state, or local law.
Please reference AcademicKeys.com in your cover letter when
applying for or inquiring about this job announcement.
Please see the job description for contact details
pertaining to this university job announcement.
Refer this job to a friend or colleague!
New Search |