SOX/PCI Compliance Analyst

Location: Birmingham, Alabama
Date Posted: 09-01-2017
About Seneca Resources:
Seneca Resources is client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry.  Seneca Resources is a leading IT services provider with offices in Reston, Virginia, Alabama and Columbia, Maryland that service clients throughout the United States.  The key to our success lies within our strong corporate culture which drives our business.  We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement.  In turn, we look for only the best and brightest to join our team.
We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.
Position Title: SOX/PCI Compliance Analyst
Location: Birmingham, AL
Position Status: Contract to Hire
Position Description:
Our client is looking for SOX/PCI Compliance Analyst candidates for a position located in Birmingham, AL.  Seeking qualified individuals to support Enterprise Security Strategies, as well as support the Information Protection strategic project (including Data Loss Prevention (DLP) capabilities), and to ensure the organization’s production environment remains SOX and PCI compliant based on the access controls, tools, policies, and procedures implemented.
  • Support the implementation and on-going support & administration of the Symantec DLP (Data Loss Protection) System environment
  • Support the implementation and on-going support & administration of DB2 Security & Configuration Management system
  • Assess procedures to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access, modification or destruction.  Make improvement recommendations
  • Ensure compliance with organizational security rules and standards
  • Ensure compliance with internal application security controls
  • Conduct research to keep abreast of latest security issues
  • Prioritize remediation of gaps based on internal and external audits
  • Prepare security and compliance reports by collecting, analyzing, and summarizing data
  • Support SOX & PCI compliance through support of GPC Enterprise Security Strategy initiatives
  • Support SOX & PCI Compliance by review of key controls and monitoring
  • Support of SOX Audit and PCI by collecting and tracking requested evidence by Moore Colson and EY
  • Assist in planning and execution of vulnerability testing for application systems and the network environment
  • Assist in providing support of the enterprise vulnerability management program
  • Assist in providing support of the Security Operations Center (SOC)
Required Education:
4-Year college degree required
Required Skills:
  • Minimum of five (5) years of experience in information technology and at least two (2) years in information security and/or IT governance/compliance related roles
  • Strong analytical, technical, and problem solving skills
  • Willingness to work outside of regular business hours as required which can include evenings, weekends, and holidays
  • Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
  • Ability to interpret information security data and processes to identify potential compliance issues
  • Ability to quickly understand security systems in order to identify and validate security requirements
  • Experience in performing vulnerability scans and assessments as well as computer forensics
  • Knowledge of Information Security best practices and common processes
  • Knowledge of Windows and Linux vulnerabilities and exploits
  • Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment
  • Ability to perform network protocol analysis and raw data capture
  • Self-motivated, self-directed and shows attention to detail while working
  • Maintains confidentiality of information and uses information appropriately
Desired Skills:
  • Experience with DLP technologies strongly desired/preferred
  • Experience with DB2 environments preferred
  • Knowledge of OWASP and PCI-DSS a plus
this job portal is powered by CATS