- Contributes to response to external (e.g., PCI, FDIC, SSAE16, and SOX) and internal audits working with all areas of IT and the business as required and in support of company policies, standards, and current audit and compliance requirements.
Knowledge, Skills & Abilities:
Solid in-depth understanding of data processing and related data security concepts
- A degree in Business, Computer Science or equivalent combination of education and relevant experience.
- Minimum of three (5) years’ experience in data security on mainframe, UNIX, mini-computer and networked environments.
- Experience maintaining support for multiple security technologies including firewalls, multiple-level security applications, security assessment, and monitoring of activity
- Demonstrates "expert user" knowledge for all company technology, standard applications, and custom and third party business applications, within his/her group’s area of responsibility to ensure user satisfaction and productivity.
- In depth knowledge of Sarbanes/Oxley sections 404, PCI-DSS, FFIEC, and ISO 27001/2.
-Vulnerability Management (network and application vulnerability scanning, penetration testing) experience
- Ability to work under stressful conditions.
- Excellent communication skills.
- CISSP and/or CISM certifications, a plus.