Cyber Security Compliance Analyst

AAA Northern California, Nevada And Utah Insurance Exchange Walnut Creek , CA 94596

Posted 4 months ago

CYBER SECURITY COMPLIANCE ANALYST AAAwe're one of the largest Membership organizations in the country, but were so much more than our legendary roadside service. We call our club's vision, mission, values, and supporting pillars "Our House" because they are the foundation for all that we do.

We're working to transform AAA for the next century with a mission to create Members for life by unleashing the innovative spirit of our Team Members. We're community minded, and celebrate the growth, development and successes of our diverse Team Members. Whether youre just starting your journey or looking to grow your career, well support you every step of the way.

Why Work for us: Impact. Play a key role in innovating the future of auto repair while reinventing AAA and the value propositions we deliver to over 6 Million Members. Development. Our team is designed to grow business and business leaders.

We intend for you to demonstrate your capabilities and leadership skills and earn rapid advancement Recognition. We offer a competitive total compensation package including salary, performance bonus, benefits, and 401(k) company match and discretionary contributions. Lifestyle. We do honorable work, and we practice our values: humility, integrity, teamwork, and service.

Our Cyber Security Compliance Analyst supports all audit and assessments relative to cyber security, especially the Payment Card Industry Digital Security Standard (PCI-DSS) and our AAA National Technical Quality Standard #5. This position also serves as a key member of AAAs governance and risk team and maintains our compliance programs by working with internal groups and external auditors as necessary. Essential Functions Facilitate all governance and compliance audits relative to cybersecurity, especially the Payment Card Industry Digital Security Standard (PCI-DSS). Coordinating all aspects of our compliance program with management, internal business teams, and external audit firms.

Coordinates the work of the Qualified Security Assessor (QSA), as required. Perform or coordinate PCI-related technical penetration testing and ASV scans as part of continuous assessment of network, infrastructure, and applications. Leads effort to implement new versions of PCI-DSS including a review f our technology lifecycle and related impacts to AAA.

Influences engineering in areas such as firewalls, multiple operating systems, malware protection, IDS/IPS and various network monitoring and protection methods. Responds to alleged violations of PCI compliance policies, procedures, and standards by evaluating or recommending the initiation of investigative procedures. Prepare and document audit and compliance findings and observations, management responses, response due dates, and corrective action plans.

Deliver periodic compliance status reports to management, as directed or requested, utilizing tools to track planning, scheduling, issues, risks, and overall status of compliance efforts. Knowledge and Skills Exceptional aptitude, attitude, and work ethic. Excellent communication and organizational skills, including the ability to present options in business terms to both technical and business staff including executives.

Detailed knowledge and experience working with PCI DSS and NIST Control Standards would allow you to hit-the-ground running. Working knowledge of information security and computer network, server, database, and user access technologies. Education and Experience Bachelors degree or equivalent experience in a challenging field of study.

Two or more years of practical experience in IT audit or cyber security a plus. Position requires attending PCI ISA training and passing exam annually. Bonus if you have any industry certifications (PCI ISA, CISSP, etc.). #corporate



icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Vulnerability Engineer

AAA Northern California, Nevada And Utah Insurance Exchange

Posted 7 days ago

VIEW JOBS 10/9/2019 12:00:00 AM 2020-01-07T00:00 CYBER SECURITY VULNERABILITY ENGINEER AAA…we're one of the largest Membership organizations in the country, but we’re so much more than our legendary roadside service. We call our club's vision, mission, values, and supporting pillars "Our House" because they are the foundation for all that we do. We're working to transform AAA for the next century with a mission to create Members for life by unleashing the innovative spirit of our Team Members. We're community minded, and celebrate the growth, development and successes of our diverse Team Members. Whether you’re just starting your journey or looking to grow your career, we’ll support you every step of the way. Why Work for us: Impact. Play a key role in innovating the future of auto repair while reinventing AAA and the value propositions we deliver to over 6 Million Members. Development. Our team is designed to grow business and business leaders. We intend for you to demonstrate your capabilities and leadership skills and earn rapid advancement. Recognition. We offer a competitive total compensation package including salary, performance bonus, benefits, and 401(k) company match and discretionary contributions. Lifestyle. We do honorable work, and we practice our values: humility, integrity, teamwork, and service. This position conducts assessments of threats and tracks AAA vulnerabilities; determines deviations from acceptable configurations, enterprise or local policy; assesses the level of risk; and develops and/or recommends appropriate mitigation countermeasures in operational and nonoperational situations. A Cybersecurity Vulnerability Engineer will perform penetration tests following a systematic process to assess the ability of systems to withstand sophisticated adversaries who have knowledge of the AAA architecture and systems. This includes exploitation of configurations and pathways and interactions between systems that mimics the techniques employed by advanced adversaries. Your efforts will measure the effectiveness of our defense-in-depth architecture against known vulnerabilities. Essential Functions Conduct penetration testing and vulnerability assessment scans, exposing security vulnerabilities and risks, and recommending solutions to mitigate such vulnerabilities. Track public and privately released vulnerabilities and assist in the mitigation process including identification, criticality evaluation, remediation, planning, communications, and resolution. Conduct security assessments of across the environment from locally hosted servers to cloud hosted web-based applications. Work with the HUNT team to search for evidence of compromise. Work with the team for Incident Response. Knowledge and Skills Knowledge of secure configuration and hardening of systems. Ability to interpret, prioritize, and incorporate vulnerability scans results into remediation actions and tracking those actions through to completion. Ability to code custom tools or scripts to enumerate or exploit systems is a plus. Understanding of the risks associated with penetration testing and vulnerability scanning. Candidate must be knowledgeable about likely attack vectors and adversary techniques. Excellent problem solving, critical thinking, and analytical skills - ability to de-construct problems, figure out how things work, and propose countermeasures. Candidate must also have the ability to effectively communicate risks and advise on the implementation of security protections Education and Experience Bachelor’s degree or equivalent experience in cyber security or a challenging field of study. Advanced degree and/or advanced raining is a plus. Experience developing and administering am enterprise vulnerability management program. Experience in penetration testing of internal and external assets including (but not limited to) networks and servers, web applications, and physical structures. #corporate AAA Northern California, Nevada And Utah Insurance Exchange Walnut Creek CA

Cyber Security Compliance Analyst

AAA Northern California, Nevada And Utah Insurance Exchange