Consulting Security Risk Controls Engineer PCI

Consulting Security Risk Controls Engineer PCI

Job location : Nashville, TN (if applicable) – details provided by employer. 1 day ago Be among the first 25 applicants.

Overview

We are seeking a Consulting Security Risk Controls Engineer for our team to ensure that we continue to provide all patients with high quality, efficient care.

Responsibilities

• Assess / Review Service Providers for PCI-DSS Compliance.
• Collect the top IT security risks (regulatory, security of critical enterprise applications and infrastructure, vendors, etc.), analyze, monitor, and derive strategic decisions that balance risk with operational and economic costs of protective measures.
• Conduct interviews with company senior management and business owners to confirm anticipated business effects resulting from identified enterprise security risks.
• Maintain an inventory of key vendors, applications, processes, and infrastructure items and their impact on top IT security risks; map items to appropriate security risks.
• Lead activities to identify key controls (policy, procedure, practice, or organizational structure) to provide reasonable assurance that security objectives are achieved and undesired events are prevented or detected and corrected.
• Lead activities to review, develop, and implement security controls plans, vendor security agreements, and security exceptions to control standards.
• Lead activities to conduct technical security reviews and assessments of vendors, applications, processes, and IT infrastructure.
• Lead activities to analyze data from security reviews to determine current state of security risk across the company.
• Lead activities to develop remediation plans and assign remediation responsibilities, actions, and priorities with management.
• Monitor and track remediation activities to address weaknesses identified through security reviews or audits.
• Develop strategies to ensure compliance with security standards and regulatory / audit requirements.
• Provide periodic reporting including assessment findings and recommendations to executive management, facility leadership, and governance committees.
• Identify security-related regulatory requirements (e.g., PCI-DSS, SOX, HIPAA) and interact with internal and external assessors and auditors to ensure ongoing compliance.

Qualifications

PCI QSA Certified

Security Technologies / Methodologies

Physical Demands / Working Conditions

Employment Details

We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

If you find this opportunity compelling, we encourage you to apply for our Consulting Security Risk Controls Engineer opening. We promptly review all applications. Highly qualified candidates will be directly contacted by a member of our team. We are interviewing - apply today!

J-18808-Ljbffr