Location: New York,NY, USA
As part of the Global Cybersecurity Technology Controls team, the PCI Product Specialist Lead is responsible for overseeing evidence capture approach in support of LOB Business Assessment Lead in assessment readiness efforts. The PCI Product Specialist Lead acts as the Subject Matter Expert for their functional area, partnering with control owners and advising on issue remediation to ensure compliance with PCI DSS. Key Responsibilities: Oversee PCI assessments within firm Standards & Procedures according to methodology. Capture, review and analysis of PCI required documentation, ensuring readiness for firm-wide assessments. Works with Business Assessment Lead & control owners to define functional scope (tools, processes, etc.) Proactively monitor Key Risk Parameters to identify non-compliance and assist in remediation with compensating controls to address security, risk and control gaps. Provide guidance on remediation activities as it pertains to functional area, ensuring appropriate resolution of issues, action plans, breaks and remedies and support the closure verification process Aid in training and spreading technology risk and control awareness within the organization for the applicable function area. Develop and maintain strong business and technology relationships, becoming a trusted partner to these groups. Communicate risk and other control findings with key stakeholders, develop recommendations and provide accurate metrics and management reports on a timely basis. Qualifications Basic Qualifications:Candidates with a minimum 5 years of experience in technology risk and controls, risk based consulting, risk assessments, audit and regulatory activities, preferably in the PCI Data Security Standards. Bachelor's degree in Computer Science, Management Information Systems, Accounting Information Systems, or a related field. Experience within financial services areas is preferred. Knowledge and prior experience in all domains of Technology Infrastructure. Experience with implementation and oversight of technology risk and controls, coordination of activities for audits and assessing an IT controls environment. Detail oriented self-starter with strong conceptual, analytical, decision making, planning, time management and prioritization skills. Ability to communicate oral and written ideas in a clear, concise manner, at all levels of the organization and influence without authority. Prior experience in planning, coordination and implementation and the ability to work across teams and functions to execute and deliver. Aptitude to upskill and learn new technologies based on dynamic requirements. Must have cloud knowledge and experience Preferred Skills: Prior QSA or OSA expereince Able to review, understand, and rely on technical and software documentation and apply that knowledge into practice. Experience operating in environments that are heavily governed under compliance, regulatory, or risk reduction controls. Advanced understanding of best practices and company policies. Knowledge of process-focused methodologies for IT related activities (Change Management, Incident Management, and SDLC). Exposure to Risk and Process frameworks: COSO, COBIT, NIST, Cybersecurity Horizontal reviews, ITIL. IT