PCI and SWIFT Security Compliance Analyst

OPENTEXT - THE INFORMATION COMPANY

As the Information Company, our mission at OpenText is to create software solutions and deliver services that redefine the future of digital. Be part of a winning team that leads the way in Enterprise Information Management.

The Opportunity:

The Principal Security Compliance Analyst will have the opportunity to impact meaningfully and contribute to the OpenText Compliance Program by supporting the industry compliance portfolio. The Principal Security Compliance Analyst plays a key role in the continued development and maturity of an ever-growing Security Compliance Program that supports the delivery of the industry compliance portfolio certifications (PCI, Swift, CyberEssentials ) to support customer security requirements.In this role, you will be leading the planning/preparation/execution of audits, providing advisory/expertise, and working collaboratively with internal teams, SMEs, external customers, vendors, auditors and other stakeholders.

What You Are Great At:

• Setting strategic direction for audit readiness, managing compliance programs, driving continuous improvement activities, delivering dashboarding & reporting metrics.
• Interfacing with auditors, articulating control implementation and impact, and establishing considerations for applying security and compliance concepts to a technical cloud environment
• Effectively communicating compliance program results, including assessment status, workflow, remediation, and reporting, to a broad audience including peers and senior leaders.
• Supporting delivery of audit milestones to ensure audit timelines stay on target by proactively identifying and coordination resolution of roadblocks, compliance risk.
• Collaborating cross-functionally with technology and business stakeholders to drive, track, and resolve all aspects of compliance readiness and audit execution.
• Participating in, or potentially leading, gap assessment, compliance readiness, and compliance monitoring activities.
• Developing metrics and dashboards for reporting on assigned compliance programs.

What it takes to excel:

• 5 years of either PCI, SWIFT, or CyberEssentials experience, including technical knowledge, audit execution, and strong familiarity with payment security standards.
• 7 years of experience in IT audit and/or compliance, with a concentration on leading multiple, simultaneous audit engagements for a Cloud Service Provider, encompassing multiple frameworks
• Serve as a subject-matter expert to the organization, providing specialized knowledge and actionable guidance to the enterprise as it relates to current and future platforms/products
• Integrate requirements and evidence collection into the company's GRC platform and compliance program
• Interacts with internal/external stakeholders and auditors to ensure requirement are communicated clearly and audits are completed on-time
• Experience with vulnerability management tools, secure configurations, interpreting and reporting vulnerabilities, providing guidance for remediation
• Assist in the development of security remediation efforts/compensating controls and track them to completion
• Detailed understanding of evaluating the design and effectiveness of controls and experience working with auditors/regulators for compliance assessments
• Experience leading preparation for and/or managing assessment activities for assigned cloud services through assessment planning, assessment fieldwork, and final report delivery
• Experience building certification roadmaps based on customer requirements, compliance documentation, and ensuring that committed assessments are delivered on schedule.
• Experience with GRC Tools & Compliance Automation is a plus.
• Strong technical, analytical, interpersonal, communication and writing skills.
• Ability to work both independently and within a global team environment
• Demonstrated strength in working in a high change environment.
• Effective team collaboration plus the ability to coach and mentor others.
• Strong personal characteristics as demonstrated by the following: Owners mindset, achievement-oriented, self-controlled, self-confident, flexible, approachable, and dedicated.
• Industry standard certification (CISSP, CISA, ISO 27001 Lead Implementer/Auditor, QSA/ISA) or equivalent
• Bachelor's Degree in Information Technology, Business, or related vocations.

OpenText's efforts to build an inclusive work environment go beyond simply complying with applicable laws. Our Employment Equity and Diversity Policy provides direction on maintaining a working environment that is inclusive of everyone, regardless of culture, national origin, race, color, gender, gender identification, sexual orientation, family status, age, veteran status, disability, religion, or other basis protected by applicable laws. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please contact us at .