Job Title: IT Security Officer (PCI Compliance)
Whilst the last couple of years have been a tough time for everyone personally, we’ve adapted our strategy and continued our impressive growth. In that timeframe we’ve hired and integrated close to 150 new starters and grown our revenues significantly as a business.
We have adapted our ways of working to ensure that new starters that join feel part of one big virtual team. From regular town halls to coffee mornings and dedicated mental health days, we want to ensure we put the needs of our employees first. Feedback from our new hires has been positive, they love our onboarding programme and how much it makes them feel integrated into Trust from the start. Trust Payments recently received a ‘Best Companies’ 2* accreditation from TM Group, which recognises exemplary levels of workplace engagement, leadership and wellbeing within the company. Winning accolades in three other categories include being One of Financial Services top 30 companies, one of London’s top 75 large companies, and one of Wales top 30 companies to work for.
Trust Payments is a global unified payment technology group that was formed in 2019 bringing together technology and financial services into an omnichannel solution. The new business model has enabled Trust Payments to establish itself as a leading Fintech Payments group. The company has undertaken a major culture reset and now operates as a fast-paced inclusive organisation with talented people at it’s very heart. In 2019 the business expanded it’s product offering from Gateway and Acquiring to POS and Mobile Loyalty, creating true omnichannel processing capabilities and now provides over 30 unique products to merchants of all sizes. Business revenue has grown significantly in the last 2 years and as such we are expanding into even more products, markets and geographies and are hiring people at all levels.
Main purpose of the job:
As an IT Security Officer (PCI Compliance), you will be working with the IT Security team ensuring we support the product and development teams in any IT Security related matters, as well as fulfilling our PCI compliance duties.
You will be expected to have excellent knowledge in IT Security with focus on compliance functions. Previous experience with PCI is a must.
The successful candidate will be working closely with the rest of the IT Security team as well as the Product and Development teams.
Duties and responsibilities:
• Work with PCI assessors (QSA’s) ensuring company products are correctly assessed and remain PCI DSS compliant.
• Work with various stakeholders within the business ensuring any PCI related deliverables are undertaken and completed.
• Work with the development teams in understanding their SDLC and support with IT Security and PCIDSS guidelines.
• Conduct annual PCI assessments.
• Ensure ongoing PCI related activities are undertaken and completed in a timely fashion (such as the quarterly ASV and vulnerability scans, as well as the required penetration tests).
• Ensure the business remains current with all relevant PCI DSS related requirements. Including presenting changes in requirements to relevant stakeholders.
• Contribute to the ongoing secure software development training provided (OWASP).
• Review daily IT Security events and respond to IT Security alerts.
• Document IT Security event handling playbooks.
• Identify and remediate security risks.
• Conduct risk assessments and maintain the IT Security risk register.
• Help manage the company’s IT Security policies.
Experience and Qualifications:
• The candidate must have a minimum of 4 years’ experience working in an IT Security role.
• The candidate must have experience in PCI related activities, such as PCI DSS, PA-DSS/SSF, PCI 3DS.
• The candidate must have proven IT Security qualifications, for example CISSP, CISM.
• Working knowledge of OWASP Top Ten and the SANS Top 25.
• Awareness of common ICT vulnerabilities and methods of mitigation.
• It will be advantageous if the candidate has experience and certifications in cloud-based SaaS solutions (AWS, Azure), as well as containerisation such as Kubernetes, ECR and Docker.
• Good written and verbal communication is essential. The candidate must be able to presents solutions to both technical and non-technical audience.
• The candidate should be a good team player with a “can do” approach. The candidate should be comfortable working independently and as part of a larger team.
• The candidate should have excellent problem-solving skills and must be able to meet deadlines and be able to work under pressure.
Benefits (subject to local office benefits policy):
• Opportunity to be part of a rapidly scaling and market leading Fintech business.
• Flexible homeworking
• Health and Wellbeing ethos including regular wellness sessions, fitness and nutrition and other events as well as supported by internally qualified mental health first aiders
• Family friendly enhanced benefits/policies
• Pension, Healthcare, Life Assurance
• Social events and team building
We understand the value that a diverse and inclusive working environment brings to Trust Payments. We celebrate the differences that people can bring through their cultures, backgrounds and perspectives. We are committed to equal employment opportunity regardless of race, colour, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or any other protected characteristic.
To submit your CV for this exciting IT Security Officer (PCI Compliance) opportunity, please click ‘Apply’ now