Job Description
What you will be responsible for:
- Identifying and creating P&C for PCI-DSS compliant (Physical)
- Support GRC gap assessments against PCI-DSS, ISO 270001 and other relevant frameworks/standards
- Support the implementation of PCI-DSS, ISO 27001 or other contracted related frameworks/standards engagements for their multiple offices
- Support the Head of Security in leading policy, procedure, governance focus
- Assist in writing proposals, presentations, running workshops and engagements for the business.
- Excellent interpersonal, communication, and presentation skills, including formal report writing experience;
- Experience conducting internal and external penetration testing, configuration review and standard code review; and
- Information security-related training or certifications such as CISA, CISSP, CRISC (highly regarded)
- The ability to develop security standards and guidelines based on best practices and industry standards;
- Demonstrated experience responding to, analyzing, and communicating information security incidents;
- Demonstrated experience performing information security audits or risk assessments;
- A background in IT auditing might be helpful
- Certifications related to GRC, e.g. ISO compliance accreditations