Get new jobs for this search by email

US - UPS TECHNOLOGY HEADQUARTERS & DATACENTER (NJRAR), United States

UPS

Discover fast, reliable global shipping and logistics solutions with UPS. Explore our shipping and tracking services and streamline your supply chain today.

Job Description:

The Senior Information Security Analyst will be part of a team responsible for the oversight of the UPS Payment Card Industry (PCI) compliance program. He/she will manage PCI compliance of PCI in-scope systems, ensuring that PCI DSS (Payment Card Industry Data Security Standard) requirements/security controls are being met for all PCI in-scope systems. He/she will manage compliance of end-to-end payment channels, identifying all locations where account data is stored, processed, and transmitted, ensuring that PCI requirements/security controls are being met/validated. He/she will be responsible for understanding and managing PCI compliance of the various payment stages (for example, authorization, capture settlement, chargebacks, and refunds) and acceptance channels (for example, card-present, card-not-present, and e-commerce).

Job Duties and Responsibilities:

1. Maintains Information Security Compliance: Gathers and organizes evidence of compliance with management directives to review and evaluate the effectiveness of security functions, processes, products, and services. Reports on controls’ effectiveness to mitigate exposure potential of identified risks and to identify and communicate control gaps. Implements and monitors the integration of enterprise risk management procedures to reduce service losses and to maintain optimal security controls. Contributes to the development of security installation procedures and standards to maintain optimal security controls.
2. Conducts I.S. Information Security Projects Activities: Conducts advanced information security analyses to identify and initiate action items. Participates in the development of project plans to ensure that projects are completed on time and according to specifications. Performs assigned functions and tasks to meet project requirements. Investigates issues and escalates as appropriate to support effective resolutions. Reviews multiple assignments to ensure I.S. governance, standards, and policies compliance. Participates in team meetings and discussions to communicate findings and ensure knowledge is shared among respective business partners.

Professional Experience/Skills:

Experience - Must have four or more years of demonstrable, professional, Information Security experience, with 3 years or more experience in IT compliance/IT audit or IT risk management.

Regulatory Compliance – Experience assessing for regulatory compliance, performing validation against security controls, analyzing attestations and evidence gathering. Experience in the development of assessment processes for regulatory compliance, along with management of regulatory assessments yearly, preferably to meet the requirements of the Payment Card Industry (PCI) Data Security Standard (DSS).

Technical Skills - Very strong technical, analytical, and troubleshooting skills including ability to analyze a problem/technical solution quickly and accurately to meet regulatory compliance requirements.

Knowledge of cloud compliance solutions provided by at least one of the cloud vendors (Azure, AWS, Google) and cloud/container security.

Knowledge of Security Controls Frameworks.

Coding, scripting knowledge and/or data analysis a plus.

Education:

The Senior Information Security Analyst position requires a Bachelor’s degree in Computer Science, Information Assurance or Risk Management, Cybersecurity, Information Systems, or a related field.

Industry Certifications (PCI Compliance):

• Must possess one or more of the following information security certifications, or be in the process of obtaining within 60 days:
• Payment Card Industry – Professional (PCI-P)
• Payment Card Industry – Internal Security Assessor (PCI ISA)

Industry Certifications (Information Security):

• Must possess one or more of the following information security certifications or have another certification or advanced degree in information security or a related field:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Security Controls (CRISC)
• Certified Information Systems Auditor (CISA)
• Cloud Security Certification such as Google Professional Cloud Security Engineer Certification
• GIAC Certification

Preferred qualifications:

• Experience with compliance risk remediation.
• Familiar with Payment Card Industry (PCI) regulatory requirements.

Other Criteria:

Job Grade: 20H

Location Flexible: Candidate must be located within the following locations, or willing to self-relocate: Alpharetta, GA, Mahwah, NJ, Parsippany, NJ, Louisville, KY, Maryland, MD.

Last day to apply is 02/27/2025 11:59pm.

Employee Type: Permanent

UPS is committed to providing a workplace free of discrimination, harassment, and retaliation.

Basic Qualifications:

Must be a U.S. Citizen or National of the U.S., an alien lawfully admitted for permanent residence, or an alien authorized to work in the U.S. for this employer.