PCI Professional Position Available In Cobb, Georgia
Tallo's Job Summary: The PCI Professional at GoHealth Urgent Care in Atlanta, GA plays a critical role in ensuring compliance with PCI DSS and IT security regulations. This position requires a Bachelor's degree in IT or related field, 5+ years of IT security experience, and PCIP certification. Responsibilities include PCI DSS compliance, IT security audits, risk management, policy development, training sessions, incident response, reporting, and vendor management.
Job Description
PCI Professional 2.4 2.4 out of 5 stars Atlanta, GA 30342 JOB SUMMARY At GoHealth Urgent Care, we place the needs of our patients first – by providing an effortless patient experience, a welcoming culture of care and seamless integration with market-leading health systems and our communities. The PCI and IT Security Compliance Professional plays a critical role in ensuring that the organization adheres to Payment Card Industry Data Security Standards (PCI DSS) and other relevant IT security compliance regulations. This position involves monitoring, evaluating, and maintaining security measures to protect sensitive data and manage risks effectively. The expectations of this role are individuals who have been trained and certified by the PCI SSC to understand and implement PCI DSS requirements. The Professional will partner with an external QSA to ensure the organization SAQ’s are meeting industry standards and to obtain an independent validation from a QSA. This role will also be responsible for implementing, and managing an ASV program, including the management and remediation of findings adhering to the organizations patch management policy and
PCI DSS ASV
compliance requirements. This role requires strong written and oral communication skills, as well as the ability to communicate complex technical concepts in a manner comprehensible by individuals at varying degrees of experience and skill level. The role requires the ability to speak confidently in front of large groups and with leaders, vendors, audit, legal, and service providers. They must also be organized, work independently across multiple functions throughout the enterprise.
JOB REQUIREMENTS
Education Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field Work Experience Minimum of 5 years of experience in IT security and compliance, with a focus on PCI-DSS required Minimum of 5 years of hands-on technical experience including networking, cloud infrastructure administration, systems administration, software development required Previous experience as a Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) preferred Required Licenses/Certifications PCI Professional (PCIP) required CISSP preferred CISA preferred Additional Knowledge, Skills and Abilities Required Proficiency in security tools and technologies, vulnerability assessment techniques, and risk management frameworks. Strong analytical and problem-solving abilities to identify and address security risks effectively. Excellent verbal and written communication skills to convey complex security concepts to both technical and non-technical audiences. Meticulous attention to detail to ensure thorough compliance checks and accurate reporting. Ability to work collaboratively with cross-functional teams and manage relationships with external vendors. Familiarity with PCI-DSS standards and requirements. Ability to communicate complex technical concepts to non-technical stakeholders.
Additional Knowledge, Skills, and Abilities Preferred N/A Essential Functions PCI DSS Compliance:
Ensure the organization complies with all PCI DSS requirements, including regular assessments and audits. Technical and architecture understanding of implementing and operating a vulnerability scanning program to ensure on-going ASV’s are conducted and followed across the organization. Proficiency in Web application design and security controls related to PCI DSS. Being able to explain to the auditors and software developers the technical controls found on the website and its relation to PCI Compliance. Must have strong technical background in Security Assessments, risk management, vulnerability scanning, data encryption standards, firewall management and regulatory compliance. Must have previously conducted a comprehensive PCI DSS assessments for various clients and implementing security controls and measures to protect cardholder data Must have provided and developed guidance and training to clients on PCI DSS requirements and best practices, while developing and maintaining documentation for compliance audits.
IT Security Audits:
Conduct internal and external IT security audits to identify vulnerabilities and ensure compliance with industry standards.
Risk Management:
Develop risk management strategies and implement controls to mitigate security risks.
Policy Development:
Create and maintain policies and procedures related to IT security and PCI compliance.
Training and Awareness:
Conduct training sessions and awareness programs to educate staff on security best practices and compliance requirements.
Incident Response:
Develop and manage incident response plans to address security breaches and other emergencies.
Reporting:
Generate compliance reports and present findings to management and regulatory bodies.
Vendor Management:
Work with third-party vendors to ensure their compliance with security standards.
Note:
This job description is not inclusive of all the duties of the position. You may be asked by leaders to perform other duties. Management reserves the right to revise this position description at any time.
