This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
CubeSmart - Malvern, PA
posted 2 months ago
Full-time - Senior
Remote - Malvern, PA
Real Estate
About the position
The Security Compliance Program Manager at CubeSmart is responsible for ensuring the organization adheres to compliance guidelines such as PCI DSS and SOX. This hybrid role involves managing documentation, preparing for audits, monitoring compliance, and collaborating with various teams to identify and remediate security gaps. The position also includes leading incident response exercises and ensuring data privacy compliance.
Responsibilities
- Identify, report, and remediate security and compliance gaps across all technology systems.
- Gather, maintain, and organize all required documentation for PCI DSS and SOX audits.
- Assist in the preparation for PCI and SOX audits by providing relevant documentation and addressing auditor requests.
- Monitor compliance with PCI DSS and SOX requirements, reviewing policies, procedures, and documentation.
- Assess and ensure third-party vendors meet PCI DSS, SOX, and other relevant compliance requirements.
- Collaborate with business stakeholders to assess and document risks and identify areas for improvement.
- Support internal control testing efforts for SOX and PCI compliance, ensuring all security controls are operating effectively.
- Track and document compliance issues or deficiencies, coordinating with relevant teams for timely resolution.
- Develop and lead incident response tabletop exercises focused on PCI DSS and SOX scenarios.
- Ensure compliance with data protection and privacy laws in collaboration with legal and data governance teams.
- Generate and submit periodic compliance reports to management detailing the organization's compliance posture.
- Assist in creating training materials and conducting awareness sessions on PCI and SOX compliance requirements.
- Coordinate and track the IT change management program.
Requirements
- Bachelor's degree in information security, Information Technology, Accounting, or a related field.
- Minimum of 5-8 years of experience in IT security, compliance, or audit roles, preferably with a focus on PCI DSS and SOX compliance.
- Strong understanding of PCI DSS and SOX compliance frameworks, IT General Controls (ITGCs), and security best practices.
- Familiarity with regulatory compliance, risk management, and auditing methodologies.
- Proficiency with compliance management tools, audit software, and reporting tools.
- Excellent verbal and written communication skills, with the ability to clearly explain complex compliance requirements.
- Strong organizational and time-management skills, with attention to detail.
Nice-to-haves
- Relevant security or audit certification (e.g., CISSP, CISA, CISM, CRISC).
- Experience in developing and conducting incident response exercises.
- Knowledge of data privacy regulations (e.g., GDPR, CCPA).
- PCI Qualified Security Assessor or Internal Security Assessor experience.
Benefits
- Hybrid work environment (2 days remote, 3 days in-office).
- Collaborative and supportive company culture.
