Compliance Analyst

About NCR NCR Corporation (NYSE: NCR) is a leader in transforming, connecting and running technology platforms for self-directed banking, stores and restaurants. NCR is headquartered in Atlanta, Ga., with 38,000 employees globally. NCR is a trademark of NCR Corporation in the United States and other countries. About NCR Atleos Corporation NCR Atleos Corporation (NYSE: ATL) is a global technology company leading how the world connects, interacts and transacts with business. NCR’s assisted- and self-service solutions and comprehensive support services address the needs of retail, financial, travel, healthcare, hospitality, entertainment, gaming and public sector organizations in more than 100 countries. NCR (www.ncr.com) is headquartered in Atlanta, Georgia. Information Security Engineer I This role is part of NCR’s Global Information Security team. This team is responsible for developing and implementing NCR’s corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management. The Information Security Engineer I shall be responsible for the day-to-day activities required to respond to Customer Questionnaire, Customer Audits, Compliance activities within Cyber security. The Information Security Engineer I shall work in a collaborative manner with all 3rd party Audit bodies, Account owners and control owners to facilitate control compliance, remediated and after-action review in accordance to corporate policy. The Information Security Engineer I shall work in a collaborative manner with team to make sure the vulnerabilities are communicated to control owners to remediate or provide compensating controls. The Information Security Engineer I is expected to contribute to weekly status calls and is On-Call which includes working off hours/weekends and respond to ad-hoc requests as part of this position. The Information Security Engineer I will work with stakeholders and team members to assist with improving Compliance processes that are aligned with the mission of the office of the CISO. Key Responsibilities Participate in Customer assessments to explain infosec posture, org structure, provide technical architecture overview, process understanding on security controls etc. Support multiple compliance activities – ISO27001, SOC1, SOC2, SOC3, PCI-DSS. Coordinate and partner with various functions within organization for maintaining the Compliance Package. Manage relationships with third-party auditors and facilitate auditor meetings including preparation and follow-up of actions. Work with internal teams for evidence collection and timely closure of audit findings. Assist team in review of Information Security controls in areas of Infrastructure and Network Security, Security tools, Privilege/ User identity and access management. Will require flexibility to work in the US hours, when required. Foster teamwork. Train and coach team members to ensure effective knowledge management activity. Skills and Qualifications Minimum of 2.5 -3 years of IT experience in Cybersecurity Compliance. Exposure in assessment and implementation of various Information Security Management System Framework such as ISO 27001, NIST CSF, NIST - 800 Series, PCI-DSS, etc. Should have excellent communication (written and verbal) skills and should be able to work with global teams independently with minimal supervision. Should exhibit good client service skill collaterals with a strong focus on building relationships. Knowledge of modern security tools and technologies such as SIEM, SOAR, SAST, DAST and Endpoint Detection and Response (EDR) solutions will be beneficial. Identify opportunities to automate repetitive tasks and help enhance quality of internal processes. Good knowledge of network, backend systems, operating systems, applications, and web services in a manner that allows for the interaction of all as it relates to security and services. Ability to prioritize work with multiple, simultaneous work assignments. Ability and willingness to learn new tools and processes. EEO Statement Integrated into our shared values is NCR's commitment to diversity. NCR is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. This concept encompasses but is not limited to human differences with regard to race, ethnicity, religion, gender, culture and physical ability. Every individual at NCR has an ongoing responsibility to respect and support a globally diverse environment. Offers of employment are conditional upon passage of screening criteria applicable to the job. Full time employee benefits include: Medical Insurance Dental Insurance Life Insurance Vision Insurance Short/Long Term Disability Paid Vacation 401k EEO Statement Integrated into our shared values is NCR's commitment to diversity and equal employment opportunity. All qualified applicants will receive consideration for employment without regard to sex, age, race, color, creed, religion, national origin, disability, sexual orientation, gender identity, veteran status, military service, genetic information, or any other characteristic or conduct protected by law. NCR is committed to being a globally inclusive company where all people are treated fairly, recognized for their individuality, promoted based on performance and encouraged to strive to reach their full potential. We believe in understanding and respecting differences among all people. Every individual at NCR has an ongoing responsibility to respect and support a globally diverse environment. Statement to Third Party Agencies To ALL recruitment agencies: NCR only accepts resumes from agencies on the NCR preferred supplier list. Please do not forward resumes to our applicant tracking system, NCR employees, or any NCR facility. NCR is not responsible for any fees or charges associated with unsolicited resumes. Help us run the world's top brands. At NCR, you’ll have meaningful and relevant work experiences, opportunities to learn and make a real contribution. Every day we build on our 130 year history to transform, connect and run our customers' technology platforms. A career here means embracing our innovative culture and shared values, always seeking new adventures and carving your own path.