Security Compliance Analyst (PCI)– Ancestry
- 1300 W Traverse Pkwy, Lehi, UT 84043, USA
We are looking for an Security Compliance Analyst who will be reporting directly to the Director of Risk and Compliance, the Senior Compliance Analyst will primarily be responsible for the Payment Card Industry (PCI) compliance program and for completing the annual report on controls. The Senior Analyst will liaise with various teams to provide timely, up-to-date guidance and ensure the PCI program is a success. In addition, the position will act as a project manager and/or technical lead on initiatives related to secure software implementation, security audits, training, quarterly scans and policy/procedure definitions. This position is located in Lehi, Utah and will require some travel.
What You Will Do
- You will serve as the technical point of contact for all things PCI
- You will complete the annual PCI DSS ROC.
- You will monitor and submit quarterly ASV scans.
- You will monitor PCI compliance tasks throughout the year.
- You will participate in security improvement/optimization initiatives.
- You will maintain up-to-date documentation of security infrastructure, changes, and security strategies.
- You will get to drive automation of IT controls and also ad-hoc security related projects as needed
- You will Interact with all: security, development, architecture and operations as necessary to understand, apply, and enforce security requirements.
- You will proactively identifies/makes recommendations on potential security issues and solutions.
- Interact with and develop a productive working relationship with all levels of management, process owners and outside auditors.
- You will periodically participate in the execution of GDPR and SOX IT compliance activities by gathering information on control effectiveness.
- Bachelor's degree in related field required.
- Bachelor’s Degree or higher strongly preferred with experience in IT Audit or Advisory, IT Risk & Compliance, or Information Security
- Minimum 3-5 years of work related experience with PCI and information technology compliance
- Current PCI QSA or ISA certification a plus.
- Demonstrate knowledge of technology processes, risks, infrastructure, information security, SDLC and platform services
- Capable of identifying, evaluating and mitigating significant risks within an enterprise
- Experience with cloud computing a plus
- Ability to document and explain risks and vulnerabilities to both business and technical stakeholder
- Influencing, negotiating, and relationship building skills are all needed for this role
- Strong oral and written communication
- Willingness to take on side projects within security operations
- Self-governing, comfortable working with minimal oversight and unstructured tasks
- Possess strong analytical skills attention to detail
Helping people discover their story is at the heart of ours. Ancestry is the largest provider of family history and personal DNA testing, harnessing a powerful combination of information, science and technology to help people discover their family history and stories that were never possible before. Ancestry’s suite of products includes: AncestryDNA, AncestryProGenealogists, Fold3, Newspapers.com, Find a Grave, Archives.com, and Rootsweb.
We offer excellent benefits and a competitive compensation package. For additional information, regarding our benefits and career information, please visit our website at http://ancestry.com/careers. (REF993M)