JobsEQ by Chmura Logo

Governance Risk and Controls, Assessments and Assurance - PCI Specialist

JP Morgan Chase & Co
Location: Tampa, Florida
Type: Non-Remote
Posted on: January 26, 2021
This job is no longer available from the source.
Desc
As part of the Cybersecurity Technology Controls Global Regulatory Assessments team, the PCI Specialist is responsible for overseeing evidence capture and suitability in support of the JPMC Multi-Level PCI readiness efforts. The PCI Specialist acts as the PCI Subject Matter Expert partnering with control and application owners and advising on issue remediation to ensure compliance with PCI DSS.
The PCI Specialist may be called upon to lead a full PCI assessment with a Qualified Security Assessor.
This role requires a wide variety of strengths and capabilities, including:
• Oversee PCI audit readiness and assessments within firm Standards & Control Procedures according to methodology.
• Capture, review and analysis of PCI required documentation, ensuring readiness for PCI assessments.
• Works with Business Leads & control owners to define scope (tools, processes, etc.)
• Proactively monitor Key Risk Parameters to identify non-compliance and assist in remediation including potential compensating controls to address security, risk and control gaps.
• Provide guidance on remediation activities as it pertains to  area,  ensuring appropriate resolution of issues, action plans, breaks and remedies and support the closure verification process
• Aid in training and spreading technology risk and control awareness within the organization for the applicable function area.
• Develop and maintain strong business and technology relationships, becoming a trusted partner.
• Communicate risk and other control findings with key stakeholders, develop recommendations and provide accurate metrics and management reports on a timely basis.
• Experience operating in environments that are heavily governed under compliance, regulatory, or risk reduction controls.
• Advanced understanding of best practices and company policies.
• Knowledge of process-focused methodologies for IT related activities (Change Management, Incident Management, and SDLC).
• Exposure to IT Risk and Process frameworks: COSO, COBIT, NIST, Cybersecurity Horizontal reviews, ITIL.
RequisitionType Professional JobSchedule Full time