Über
About NRT
NRT is one of the 50 Best Managed Companies, and we're looking for a dynamic candidate who is motivated and passionate about working for a FinTech leader
NRT provides next-generation commerce and information-enabling experiences for enterprise customers around the world. Our solutions include secure payment systems, specialized financial and marketing kiosks, AML compliance tracking and reporting tools, digital gamification and mobile experiences, intelligent table game platforms, credit/marker information services and electronic marker solutions. We work with hundreds of casinos throughout North and South America, Asia and beyond.
We offer a competitive salary, group benefits (health, vision, dental and life insurances), career advancement opportunities, and an exciting environment. Individual and creative contributions to our company objectives are highly encouraged and recognized. You can read more about us at:
Reporting directly to SVP, IT Infrastructure and their designates, the Internal Audit & Compliance Specialist will be a key member of Security and Compliance team to analyze, assess and design effective security controls to help achieve PCI compliance, privacy compliance, and to improve enterprise-wide security.
Core Responsibilities
Develop methods to monitor and measure risk, compliance, and assurance efforts
Develop specifications to ensure risk, compliance, and assurance efforts conform with security, resilience, and dependability requirements at the software application, system, and network environment level
Draft statements of preliminary or residual security risks for system operation
Maintain information systems assurance and accreditation materials (PA-DSS, PCI-DSS, SOC, ISO27001 etc.)
Monitor and evaluate a system's compliance with information technology (IT) security, resilience, and dependability requirements
Assess the effectiveness of security controls
Perform reviews, identify gaps in software architecture, and develop a risk management plan
Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change
Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks
Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations
Qualifications
5+ years' experience in Information Security and performing compliance assessments
Master's degree in information security or equivalent
5+ years' experience of Level-1 assessment experience with solid understanding of PCI-DSS and PA-DSS
Proven experience with Information Security Management System (SOC2 Type 2, ISO 27001)
Experience with Cryptography
One of the certifications: CSSLP, CASE, GSSP, GWEB, CEH, OSCP, PenTest+ or GPEN
Experience with network architectures and network device (Firewalls/ Switches/ Routers/ IDS/IPS/ Load Balancers etc.) and Servers/ Virtualization Devices configurations
Experience with audit experience for cloud computing environments (e.g., AWS, MS Azure, Google Cloud)
Experience with IT security principles and methods (e.g., firewalls, DMZ, encryption)
Experience with cyber defense and vulnerability assessment tools, including open source tools, and their capabilities (Nexpose, Nessus etc.)
Hands-on experience with penetration testing tools (Metasploit, Nessus etc.)
Knowledge of Risk Management Framework (RMF) requirements
Ability to work collaboratively with key stakeholders and other team members
Excellent time management, written documentation, and oral presentation skills
Certifications (at least one from each group below)
Current PCI-QSA or PCI-ISA qualification
Information Security: CISSP, CISM, ISO 27001 LI, RISS, CRISC
Audit: CISA, GSNA, ISO 27001 LA/IA, IRCA ISMS Auditor, IIA CIA
This is an existing vacancy. The base salary range for this role listed is based on market indicators to determine compensation, and an offer will consider various factors including experience, qualifications, skills, and training. Our comprehensive and competitive benefits package includes medical, dental and vision insurance for employees and their family, paid time off, and a variety of other perks.
NRT is an equal opportunity employer and does not use AI within its hiring process in most cases. In a case where AI is utilized to assess a candidate during the process, an advanced notice will be provided. It is NRT's policy to recruit and select applicants for employment solely on the basis of their qualifications, with emphasis on selecting the best-qualified person for the job. NRT does not discriminate against applicants based on race, color, religion, sex, sexual orientation, national origin, or disability or any other status or condition protected by applicable law. NRT welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.
NRT would like to thank all applicants for applying, but only those applicants best suited for the position will be contacted.
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.