SWBC - San Antonio, TX
posted about 2 months ago
Full-time - Mid Level
San Antonio, TX
Insurance Carriers and Related Activities
About the position
The PCI Compliance Analyst is responsible for managing and overseeing the Enterprise PCI DSS program at SWBC, ensuring that all customer-facing products remain compliant with PCI standards. This role involves engaging with stakeholders, conducting risk assessments, managing compliance issues, and supporting various audits related to information security and compliance. The Analyst will collaborate with internal and external teams to maintain compliance across multiple products and services, while also fostering a culture of continuous improvement within the organization.
Responsibilities
- Ensure all customer-facing products remain PCI compliant through ongoing management and assessment of security controls.
- Perform risk assessments, track risks, and implement risk remediation strategies.
- Identify and manage security compliance issues related to payment systems and platforms.
- Collaborate with internal and external stakeholders to ensure adherence to PCI DSS requirements.
- Prepare internal and external presentations and reports to communicate compliance status and audit findings.
- Support client due diligence requests and proposals with accurate compliance-related information.
- Assist with ongoing Service Organization Controls (SOC) Audits and ensure compliance with NACHA and FFIEC standards.
- Maintain comprehensive documentation of compliance activities, including policies and audit findings.
- Develop and deliver PCI DSS training programs tailored to different business units.
- Identify opportunities for enhancing the PCI DSS compliance program and implement improvements.
Requirements
- Bachelor's Degree in Information Technology, Cybersecurity, or related field or equivalent experience.
- Minimum five (5) years of experience in Information Security.
- Minimum five (5) years of experience in Cybersecurity, specifically cloud security with public cloud providers.
- Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Internal Security Assessor (ISA) certification is highly desired.
- Proficient in Microsoft Office, including Word and Excel.
- Strong written and verbal communication skills.
- Strong problem resolution and interpersonal skills.
- Ability to multi-task and work effectively in a team environment.
Nice-to-haves
- Experience with compliance frameworks beyond PCI DSS, such as SOC, NACHA, and FFIEC.
- Familiarity with advanced security technologies and tactics in the financial services industry.
Benefits
- 401(k)
- Health insurance
- Wellness program
