Search for More Jobs
Forward job to a friend
Apply without Registering
Apply by creating/using an account
Please enter your registered email address, and we'll email you a link to reset your password right away.
Designs, plans, and coordinates work teams. Follows standard project management industry practices such as the PMI's framework. Understands business and technical objectives of a project and works closely with project sponsor.
Skills, Experience and Qualification Areas for Audit, Assurance and Compliance Projects
• 5 to 10 years or more experience working in regulated financial industry or in a financial organization / department. Examples:?
o FDIC or IRS
o ?Federal / State / Large Local Government Treasury Departments
o University or Research organization which operates under PCI, IRS, FERPA, GLBA, or similar regulations.
• 5 years+ IT Compliance, IT Security or IT Audit Experience involving?the following technology areas:?technology architecture, data center controls, databases and data management, application life cycle, encryption and key management, server management, networking, vulnerability management, incident management, business continuity and disaster recovery.?
• Ability to research, appropriately interpret and apply complex regulations, technical standards and guidance. Examples:
o IRS Tax Code – IRS IRC 61016 and?IRS Publication 1075
o NIST Technical Series Publications
o Payment Card Industry Data Security Standards (PCI DSS)
o Federal Information Security Management Act (FISMA)
o Sarbanes Oxley 404 -? General IT Controls
o Open Web Application Security Project (OWASP)
• Working knowledge of PCI DSS, IRS Safeguards Reviews, and / or other regulatory or compliance type reviews, attestation engagements, etc.
• General understanding of penetration testing, host vulnerability scanning, network security and application (code) scanning.
• Demonstrated ability to assess risk, with a general understanding of compensating and mitigating controls.
• Ability to understand the audit lifecycle, system development lifecycle and IT project lifecycle.?
• Demonstrated ability to summarize technical information in a manner appropriate for executives.
• Demonstrated ability to successfully lead and coach teams comprised of both functional and technical personnel.? Demonstrated ability to work across a complex network of stakeholders, technology teams, business teams, vendors /other supporting external parties.
• Contract Management Experience. (May need to work with vendors who are operating under various, different SOM contracts. May need to contribute to / provide project management skills for Pen Test Statement of Work, PCI QSA Statement of Work and other SOWS for remediation.)
Responsibilities for PCI and IRS Program / Project Manager:
• Manage cyber security, infrastructure teams, agency application teams, vendors, third-party auditors, and client sponsor team to earn the annual Report on PCI Compliance and the triennial IRS Safeguards Review Engagement. Team sizes of ~ 100 to 250 members across 16 agencies.
• Work with the sponsors to coordinate the annual PCI on-site assessment and triennial IRS Safeguards On-Site Review. Provide metrics to demonstrate resource need.
• Lead and / or participate in PCI?Core Team Meetings and IRS Safeguards Review Core Team Meetings
• Lead / Co-Lead PCI Steering Committee Meetings and IRS Safeguards Review Steering Committee
• Manage quarterly data loss prevention / inspection activates
• Manage and escalate issues where PCI compliance may be at risk.
• Working with the Treasury Sponsor, track and report on the PCI compliance status of payment processes and applications so that enterprise level compliance can be determined.
• Track and report on the remediation plans and timelines associated with PCI gaps / vulnerabilities.
• Coordinate the delivery of annual PCI Application Training for developers
• Working with the Agency and Technology Sponsors and PCI Core Team host the annual PCI Kick-Off Meeting
• Working with the Agency and Technology Sponsors, to plan for and host the IRS Safeguards On-site Review
• Track effort and costs associated with the Compliance Projects (e.g., PCI and IRS Safeguards)
• Prepare status reports for various audiences (general stakeholders, technical participants, business/functional participants and executives)
• Collect, organize and analyze evidence demonstrating PCI Compliance
• Lead sessions to develop compensating controls and risk management plans
Preferred Desired Skills
• Technical Security Certification preferred.? Examples: CISSP, CSX, or CISA.
Project Management Certifications required: PMP
Apply by creating/using an account
About LanceSoft Inc
Lancesoft is one of fastest growing and largest clinical staffing firm in the U.S. and an employer-of-choice for over 1000+ consultants - this may be your opportunity to join us!
We recruit top-notch talent for Healthcare, Pharmaceutical, Technology, Telecom, Retail and Distribution, Energy & Utilities, Banking/ Finance, Manufacturing, Automobile, Media, Transportation, and Government clients coast-to-coast across the US, Canada and India. We are one of the fastest-growing companies in the industry and
Want to read more about LanceSoft?
Click here to visit our website - www.lancesoft.com
Minorities/ Females/ Disabled/ Veterans/ Gender Identity/ Sexual Orientation