PCI Analyst (Payment Card Industry)
Coventry Store Support Centre - Ansty Park and Home
Working in the PCI team within Data Governance & Information Security (DGIS), your primary role will be to assist with managing PCI compliance and assessments across a wide range of brands, channels and technology. You will also support the Senior PCI Analyst and Policy, Risk and PCI Manager to ensure the scope of PCI assets, is kept up to date and reporting is timely and accurate.
You should be comfortable working in a fast moving, team driven environment and have the skills to communicate and influence stakeholders at all levels of the business. Some presentation skills would be useful as would the ability to chair meetings and calls.
The successful candidate will be given the opportunity to take true ownership of their workload in a high performing team where career development is high on the agenda, this is a great opportunity to be part of a growing team at an important time.
What you need to do
Engage and build relationships with all types of stakeholders, technical, operational, internal and external
Collate and review evidence of compliance with the PCI DSS
Present evidence to, and be confident liaising with QSAs
Assist with maintaining the PCI DSS asset register, compliance dashboard and assessment calendar
Assist with maintaining compliance metrics and assist with internal and external reporting
Assist with preparation and presenting updates to the PCI Steering Group and other governance forums
Manage own workload and be self-motivated
Be comfortable working in a fast-moving, team driven environment
Be able to travel to different sites to engage with stakeholders and undertake compliance assessments
Provide regular, clear and timely updates to management
What you need to know and show
Strong stakeholder management skills to ensure SMEs, internal and external stakeholders are engaged and kept up-to-date
How to build relationships and influence stakeholders
Passion for Information Security and an eye for detail
Strong knowledge of the PCI DSS, particularly in a retail environment
Key strategies for protecting card holder data
Awareness of core Info Sec controls in a commercial environment
Project management and planning techniques and strategies
The ability to think methodically and logically, and communicate well using the spoken and written word
Certifications such PCIP, ISA, CompTIA Sec+ or CISSP are desirable, but not essential
Support we will provide
Your line manager will provide support and guidance
Access to the GRC, Data Governance & Infosec teams who have a wide array of skills & knowledge
Access to QSAs for guidance and support
Extensive support and training materials available
Other resources as required