Information Security Analyst - Pci Dss Specialist

Information Security Analyst (PCI DSS Specialist)

Location: Remote First, Bristol Office up to 2x Days a Month

Type: Full-time

Salary: £50,000 + Client Benefits Package (inclusive of 10% company bonus, up to 11% company pension, 26 days holiday, income protection, life assurance, healthcare cash plans, Gympass + others)

InfoSec People are partnered with a leading financial services provider, who have an Information Security Analyst opportunity. The core responsibilities will be to implement PCI DSS Version 4 for the client in house, so experience within financial services and working with PCI-DSS is essential for this opportunity.

Responsibilities:

• Assisting in meeting compliance requirements, such as PCI-DSS and in line with frameworks such as SWIFT CSCF, CSA CCM and NIST.
• Monitoring of scheduled compliance activities such as Firewall rule reviews, developer security training, colleague policy attestations and collecting and collating evidence of such activities to assist in audit and assessment activities.
• Security Compliance oversight of transformation initiatives and cloud security compliance activities.
• Collating and compiling Management Information to provide assurance to the Head of Infosec and CISO of ongoing security compliance.
• Assisting in creating, reviewing, and updating key ISMS documentation including standards and process documents ensuring reviews are carried out on time and take into account any changes in compliance and framework requirements.
• Working with risk functions to complete security controls testing and alignment of controls with industry frameworks, performing gap analysis and assisting with remediation activities.
• Maintaining the program of remediation for audit and assessment findings, including updating of task status, reporting of progress and escalation of issues and identifying opportunities for improvement.

Role-specific knowledge and expertise

• Experience in a Security Compliance or Information Security role with a strong technical background.
• Exposure to compliance and risk management in a NIST CSF or ISO27001-aligned environment, along with PCI-DSS and SWIFT.
• Ideally experience must have been gained within a regulated environment with experience of securing cloud environments such as AWS & Azure and understanding compliance requirements for cloud environments.

For further details, please send the most current version of your CV and a good time to speak to Beccaat InfoSec People.

As dedicated recruitment professionals, we prioritise confidentiality. InfoSec People values diversity, equity, and inclusion (ED&I). Please share any information or accessibility needs to aid your process; we’ll do our best to cater for specific requirements.