IT Security Methodology, Policy and Procedures Analyst -Policy Writer-Developer

City
Ottawa
Country
Canada
Application deadline
Friday, February 22, 2019
Reference number
009
Apply now
Tasks and Activities
  • Review, analyze, and apply the best practices, national or international computer law and ethics, IT Security architecture, and IT Security Risk Management Methodology related to PCI compliance;
  • Provide strategic assessments on technology trends and emerging technologies related to PCI compliance;
  • Evaluate and assist in the selection of enterprise-wide technology tools related to PCI compliance;
  • Review payment system security postures and assessing its compliance according to PCI standards;
  • Analyze cardholder data flows (business and application data flows) and identify the risks associated to cardholder data;
  • Perform compliance management testing and validation to proactively identify compliance criteria issues;
  • Plan, coordinate, and execute Information Security Compliance initiatives related to PCI standards;
  • Evaluate security control designs to protect assets in cloud environments;
  • Perform PCI assessment scoping, planning, and remediation consulting;
  • Review cloud deployment to evaluate accuracy of deployment-based PCI DSS requirements;
  • Define and document evidence collection requirements and review processes to produce evidence to support PCI DSS requirements;
  • Complete compliance reports such as PCI Self-Assessment Questionnaire;
  • Evaluate controls and configurations aligned with security policies and legal, regulatory and audit requirement;
  • Design, enhance, and operate processes for PCI-DSS compliance activities;
  • Request and review evidence provided for validation of compliance;
  • Provide updates/status reporting to project team management as required.
Skills and Experience
  • You must hold a valid Government of Canada Secret security clearance.
  • You must be legally able to work in Canada.
  • You must have an advanced university degree or post-secondary diploma in Information Technology, Computer Science.
  • You have 6-8 years demonstrated professional work experience analyzing cardholder data (business and application data flows) and identifying the associated risks.
  • You have 6-8 years demonstrated professional work experience performing PCI compliance management testing and validation to identify issues.
  • You have demonstrated professional work experience performing the following functions for Information Security Compliance initiatives: Planning/ Coordinating/ Executing
One file only.
10 MB limit.
Allowed types: txt pdf odt doc docx.