PCI Compliance Security Analyst

Employer
Conduent
Location
Germantown, MD
Posted
Mar 20, 2017
Closes
Mar 21, 2017
Industry
Security
Hours
Full Time
Description: If you meet the requirements of this position and want to work for a world-class company with a great marketplace reputation, apply today. The Conduent Business Services, Inc.'s State and Local Solutions Group, has an opening for a Senior Application Security Analyst in its Germantown, Maryland Transportation Technology Center. This position is part of the Transportation team that is responsible for providing compliance and security services to state and local governments. The environment is fast paced and dynamic, requiring the ability to respond quickly to changing priorities across multiple projects. The successful candidate will have excellent verbal and written communication skills along with a demonstrated ability to meet schedules and multi-task. Duties and Responsibilities\: Provide PCI/DSS expertise and guidance to project teams. Work closely with project team members to document current IT control environments for state and local government entities. Instruct team members in appropriate control rationalization and test evidencing techniques. Ensure teams from development, IT and Operations are compliant and prepared for project assessments Post-audit work with project and IT teams, drive remediation of findings Be integral part of team through ownership; follow thru and effective communication with peers/management. Document and present issues and findings to leadership and provide status reports for consistent findings and proposed solutions. Provide guidance and support to clients in response to requests from external auditors, and provide guidance on internal control procedures to business process owners. Performing application vulnerability assessments and internal and external penetration testing. Coordinate certified PCI ASV scans, ensure passing scan for each quarter, and drive remediation of scans Other security-related projects that may be assigned according to skills Skills\: The successful candidate MUST meet the following requirements\: Strong ethics and understanding of ethics in business and information security Proficient English language written and oral communication skills Understanding and familiarity with common code review methods and standards Experience with vulnerability and web application vulnerability scanning tools Knowledge of OWASP tools and methodologies. Understanding of HTTP and web programming Knowledge of common security requirements within ASP.NET application Knowledge of standard SDLC practices Ability to complete tasks and deliver professionally written reports Familiarity with workflow and collaboration tools such as JIRA, SharePoint and Service Center Ability to present findings to technical staff and executives Demonstrated ability to manage multiple assignments and deadlines Excellent communication skills and significant attention to detail (both written and verbal) Ability to work independently and effectively with all levels of staff and management both internally and externally Qualifications\: BS in either Computer Engineering, Computer Science, or Information Systems Management Possess current security certifications (eg, CISSP, CEH, CRISC, etc.) 5+ years of related experience within application security testing and risk analysis 8+ years of related experience within professional services, IT internal/external security audit. Knowledge of PCI DSS and PA DSS is required. Knowledge of ISO standard such as ISO9001, ISO27001, and quality initiatives CMMI is preferred. Experience working in software development Strong technical and/or management background in IT technical systems/environments Must be currently eligible to work in the United States for any employer Must consent to and successfully clear all required pre-employment screenings (background and substance abuse) Must be available to travel up to 50% of time for implementation project work as required. NOTE\: This position is not eligible for reimbursements of expenses for relocation. Conduent, Incorporated is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, sex, marital status, sexual orientation, physical or mental disability, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by Federal or State law or local ordinance. People with disabilities who need a reasonable accommodation to apply or compete for employment with Conduent, Incorporated may request such accommodation(s) by sending an e-mail to accommodations@Conduent.com.