Opening - Senior Analyst - PCI Security

Career Center ,

If you’re a highly motivated security professional with the discipline and initiative to consistently perform at the top of your game, we have a fantastic opportunity for you to join our team as a Senior Analyst PCI Security to support our mission at Utah Valley University.

Key roles and responsibilities of this position: *

  • Maintain Security Information and Event Management (SIEM), Web Application Firewall, Application Whitelisting, Secure Active Directory Domain, File Integrity Monitoring Agents, Network Firewall, Network IDS/IPS, and other security systems. Support campus merchants in PCI audits and self-assessments. Conduct reviews of internally generated PCI compliance documents and make recommendations.
  • Daily monitor and review logs and alerts from Point of Sale (POS) systems, firewalls, and other security systems. As well as monitor and enforce patching of systems within PCI scope.
  • Manage external consultants and service providers and support 3rd party reviews and assessments. Provide ongoing guidance and consultation to the organization to promote a progressive and sustainable PCI compliance initiative. T
  • Track mitigation steps and ensure that risks are managed appropriately and in a timely manner, and develop metrics to report and demonstrate PCI compliance status.
  • Assist with integrating PCI compliance requirements into the organization’s processes and life cycle activities. Test for adherence to PCI controls, policies, procedures, and standards. Communicate PCI risk posture and compliance effectiveness to Management on a scheduled basis.
  • Document and present PCI-DSS findings to leadership and the Campus Compliance Committee and educate staff at campus merchants on PCI security standards and best practices. Keep current copies of PCI applicable documents for each merchant including any Self-Assessment Questionnaire (SAQ), Attestation of Compliance (AOC), Report on Compliance (ROC), Approved Scanning Vendor (ASV). Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure appropriate remediation measures have been achieved.
  • Prepare and test Incident Response Plans for PCI and Campus systems, and respond to security events as outlined in the Incident Response Plans. Maintain current security training & certifications applicable to security functions at the institution.
  • Manage quarterly internal and external scans, penetration testing, issue resolution, and documentation of remediation for all campus merchants. Perform periodic gap analyses and implement controls to ensure security and compliance; scan Reports, and PCI PA-DSS Reports of Validation (ROV); support in the preparation of weekly and monthly status reporting of PCI Program and perform other job-related duties as assigned.

Learn more and apply