IT Compliance Analyst

Are you looking to Optimize your life? Start your exciting path to a rewarding career today!
We are Optimum, a leader in the fast-paced world of connectivity, and we're on the hunt for enthusiastic professionals to join our team! We understand that connectivity isn't just a luxury anymore - it's a necessity that empowers lives, fuels businesses, and drives innovation. A career at Optimum means you'll be enabling progress and enhancing lives by providing reliable, high-speed connectivity solutions that keep the world connected. We owe our success to our amazing product, commitment to our people and the connections we make in every community.
If you are resourceful, collaborative, team-oriented and passionate about delivering consistent excellence, Optimum is the Company for you!
We are Optimum!
Job Summary
The IT Compliance Analyst will perform assessments of our internal company compliance with the Payment Card Industry Data Security Standard (PCI DSS) version 4. This individual will have extensive interactions relating to technical, procedural, and documentation controls with a wide range of technology and business functions that are required to be compliant. Activities may include assessing, managing, driving and tracking all PCI compliance-related activities, including the identification of compliance gaps, the development of remediation plans, monitoring compliance status, and ultimate completion of Reports of Compliance (RoC), Self-Assessment Questionnaires (SAQ), and Attestations of Compliance (AoC) consistent with all PCI Standards Security Council (SSC) requirements and specifications.
The individual is expected to possess superior skills in security, risk and multiple technologies, problem-solving, project management, compliance/risk analysis, knowledge of information security processes and technology, technical report writing, and strong client handling and consultative skills. This professional should also have experience in more than one of the following skills: performing security assessments of networks, systems, policies, and processes; applying information security and risk-related frameworks (e.g., ISO/IEC 27001/2, NIST 800-53, OWASP, etc.).
Responsibilities

• Conduct PCI DSS compliance assessment, resulting in a Report on Compliance, Self-Assessment Questionnaires, and the corresponding Attestation of Compliance for either
• Conduct PCI DSS readiness assessment, providing guidance and recommendations in preparation for formal compliance assessment
• Interact with various customer technical groups, business groups, subject matter experts, and key stakeholders to conduct interviews and identify and collect evidence required for the assessment
• Perform other (non-PCI) Security Assessments focused on security infrastructure technology, people and processes vs. requirements defined in common or proprietary security frameworks
• Identify areas requiring remediation (i.e., issues or gaps) or potential areas of improvement within the compliance process
• Demonstrate critical thinking and creative analysis techniques in executing tests and distilling test results, and providing actionable recommendations for mitigation of gaps and improvements or enhancements to existing processes and procedures
• Maintain and regularly communicate project status for stakeholder and management review
• Create and deliver reports that effectively capture, explain, and communicate the results of assessments to varying technical and business audiences

Qualifications

• 5+ years' experience in Information Security and performing security assessments
• 1+ years' experience as a certified ISA or QSA (version 3.2.1 of the PCI DSS)
• Strong background in Information Technology Infrastructure
• Maintain a current security certification (i.e., CISSP, CISM, ISO 27001 Lead Implementor, METI - Registered Information Security Specialist)
• Ability to work collaboratively with key customer stakeholders (e.g., process owners, technical resources ) and other team members
• Excellent communication skills, both written and verbal, and the ability to communicate complex security concepts to technical and non-technical audiences, including senior leadership
• Demonstrable time and technical project management skills
• Experience with Microsoft Office products and the ability to develop clear, concise presentation materials and reports using PowerPoint, Word, and Excel
• Experience or familiarity with Cloud environments and or Cloud Security
• Experience or familiarity with Application Security
• Experience or familiarity with Information Systems security
• Experience or familiarity with Network, design, configuration, and security
• Experience or familiarity with conducting Risk Assessments

Additional Desired Qualifications and Skills:

• Current ISA or QSA Certification with demonstrable PCI DSS v4 experience
• Current audit certification (i.e., CISA, GIAC GSNA, ISO 27001 Lead Auditor, IRCA ISMS LeadPrincipal Auditor, IIA Certified Internal Auditor)
• Familiarity with multiple security frameworks (NIST, ITIL, CobiT, ISO) and regulatory (HIPAA, GLBA, SOX, etc.)
• College degree in technical discipline desired
• Additional PCI SSC certifications (e.g., ASV, QPA, ISA, P2PE Assessor 3DES Assessor, etc.)

At Optimum, we're fueled by our four core pillars: Taking Ownership, Upholding Transparency, Creating Community, and Demonstrating Expertise. Our commitment to empowering employees to take responsibility and embrace proactive problem-solving underpins Taking Ownership. Upholding Transparency is at the core of our culture, with open and honest communication fostering trust among our dedicated team and loyal customers. Creating Community is more than a goal; it's our daily commitment to fostering an environment of collaboration, innovation, and positivity. Demonstrating expertise is a promise we uphold through continuous learning and engagement with our customers to consistently deliver top-quality products and services. These pillars not only shape our culture but define Optimum as a place of excellence, trustworthiness, and thriving community, and we invite you to be a part of our journey.
If you have the drive to succeed and are ready to embark on a thrilling career, seize this opportunity today, and join our winning team, so together, we'll shape the future of connectivity.
All job descriptions and required skills, qualifications and responsibilities for a particular position are subject to modification by the Company from time to time, in the Company's discretion based on business necessity.
We are an Equal Opportunity Employer committed to recruiting, hiring and promoting qualified people of all backgrounds regardless of gender, race, color, creed, national origin, religion, age, marital status, pregnancy, physical or mental disability, sexual orientation, gender identity, military or veteran status, or any other basis protected by federal, state, or local law.
The Company collects personal information about its applicants for employment that may include personal identifiers, professional or employment related information, photos, education information and/or protected classifications under federal and state law. This information is collected for employment purposes, including identification, work authorization, FCRA-compliant background screening, human resource administration and compliance with federal, state and local law.
Applicants for employment with The Company will never be asked to provide money (even if reimbursable) as part of the job application or hiring process. Please review our Fraud FAQ for further details.
Pay is competitive and based on a number of job-related factors, including skills and experience. The starting pay rate/range at time of hire for this position in the posted location is $77,112.00 - $126,684.00 / year. The rate/range provided herein is the anticipated pay at the time of hire, and does not reflect future job opportunity.
Nearest Major Market: Long Island
Nearest Secondary Market: New York CIty