-
GRC Risk Analyst
1 week ago
SHEIN Technology LLC Los Angeles, United StatesJob Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at ...
-
Privacy Intern
1 week ago
SHEIN Technology LLC Los Angeles, United StatesJob Title: Privacy Intern · Reports to: Chief Privacy Officer · Job Location: Los Angeles, CA · Hours: Fulltime · Internship Duration: June 17, 2024 – August 23, 2024 · About SHEIN · SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and produ ...
-
GRC Risk Analyst
2 weeks ago
SHEIN Technology LLC Los Angeles, United StatesJob Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-demand manufacturin ...
-
Sharepoint Administrator
2 weeks ago
eTeam Los Angeles, United StatesTitle: Web and Digital Senior Applications Analyst · Minimum wage rate: $52.94 on w2 · Work location: 1500 Warburton Ave Santa Clara, CA / Hybrid (3 days on-site) · Work hours: 8-5 M-F · Contract to Hire · UPDATE: · SharePoint administration · experience IS · NOW REQUIRED · ...
-
Privacy Intern
2 weeks ago
SHEIN Technology LLC Los Angeles, United StatesJob Title: Privacy Intern · Reports to: Chief Privacy Officer · Job Location: Los Angeles, CA · Hours: Fulltime · Internship Duration: June 17, 2024 – August 23, 2024 · About SHEIN · SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion acce ...
-
GRC Risk Analyst
2 days ago
SHEIN Technology LLC Los Angeles, United StatesJob Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, a ...
-
Lead IT Risk Analyst
9 hours ago
City National Bank Los Angeles, United StatesOverview: · LEAD IT RISK ANALYST WHAT IS THE OPPORTUNITY? · The Lead IT Risk Controls Analyst is a subject-area specialist with specialized training, methods, and analytic techniques to create recommendations and directions for IT risk mitigation in a complex technical environm ...
-
Cloud Solutions Architect
2 weeks ago
Jada Systems Los Angeles, United StatesJob Description · Job Description · Jada Systems has a need for a Cloud Solutions Architect who will be responsible for evaluating, identifying, and delivering the Cloud Infrastructure Architecture and operational processes. The Architect will develop related standards and guide ...
-
Technical Security Consultant
1 day ago
Epik Solutions Los Angeles, United StatesJob Title: Technical Security Consultant · Duration: Long Term · Pay Range: $60-$80 per hour · The tasks for the Security Analyst include, but are not limited to, the following: · Proactively identify and assess threats to Clients users, network and data · Monitor and respond to ...
-
Tik Tok Los Angeles, United StatesResponsibilities · About TikTok U.S. Data Security · TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. U.S. Data Security ("USDS") is a subsidiary of TikTok in the U.S. This new, security-first division was create ...
-
Director of Treasury
1 day ago
County of Orange Los Angeles, United StatesDirector of Treasury · (Fiscal Deputy Director) · SALARY INFORMATION · This position is scheduled to receive salary range increases on the following dates: · Effective June 28, 2024: 4.25% increase · Effective June 27, 2025: 4.00% increase · Salary may be negotiable within th ...
-
GRC Risk Analyst
2 weeks ago
SHEIN Technology LLC Los Angeles, United States Full timeAbout the job · Job Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-de ...
-
Information Security Engineer
2 days ago
Mantek Solutions Montebello, United StatesJob Description · Job DescriptionOur Client is in need of an Information Security Engineer for a full time position in Montebello, CA. · May require travel to sites. · Job Summary: · The IT Security Engineer is responsible to identify, evaluate, and implement technical security c ...
-
Senior IT Risk
1 week ago
ISACA LA San Marino, United StatesSenior IT Risk & Compliance Analyst · Job ID · Category Information Technology · Position Type Full-Time · Introduction · Since 1973, East West Bank has served as a pathway to success. With over 120 locations across the U.S. and Asia, we are the premier financial bridge betwee ...
-
InsideHigherEd Hawthorne, United States· Manager, Physical Plant & Environmental Safety Products · University of California Los Angeles · Department Summary · The Technology Operations team oversees the design, development, implementation, maintenance, enhancement, and operations of IT platforms, systems, and applica ...
-
IAM Engineer/Analyst
1 week ago
HIKINEX Orange, United StatesWe're looking for an Information Security Engineer/Analyst to bolster our IAM team, supporting access management and PAM security functions. This role focuses on continuous improvement of IAM and PAM processes, emphasizing Identity and Access control system implementation, and sa ...
-
IAM EngineerAnalyst
2 weeks ago
HIKINEX Orange, United StatesWe're looking for an Information Security Engineer/Analyst to bolster our IAM team, supporting access management and PAM security functions. This role focuses on continuous improvement of IAM and PAM processes, emphasizing Identity and Access control system implementation, and sa ...
-
IT Business Analyst
1 week ago
Holland America Group Santa Clarita, United StatesJob Description · Princess Cruises, Holland America Line, and Seabourn offer world-renown vacations at sea to travelers around the globe. This is an opportunity to join a dynamic, unified organization as part of their highly experienced team in our corporate office. · We're loo ...
-
Information Technology Security Analyst
2 weeks ago
HR Pals Arcadia, United StatesJob Description · Job DescriptionSummary: · Under the general direction of the CIO, the Information Technology Security Analyst is responsible for the support, maintenance and implementation of the company's IT security systems and infrastructure. This includes security system de ...
-
Sr. Information Security Analyst
1 week ago
Wescom Credit Union Anaheim, United StatesPlease use Firefox or Chrome internet browser to complete this application · Current Wescom Employees: Please visit the Career Center in Workday to search and apply for a current job opening. · We value and rely on the unique talents and contributions of our employees to absolut ...
GRC Analyst, PCI - Los Angeles, United States - NBCUniversal
Description
We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our theme parks and consumer experiences.
We own and operate leading entertainment and news brands, including NBC, NBC News, MSNBC, CNBC, NBC Sports, Telemundo, NBC Local Stations, Bravo, USA Network, and Peacock, our premium ad-supported streaming service.
We produce and distribute premier filmed entertainment and programming through Universal Filmed Entertainment Group and Universal Studio Group, and have world-renowned theme parks and attractions through Universal Destinations & Experiences.
NBCUniversal is a subsidiary of Comcast Corporation.Here you can be your authentic self. As a company uniquely positioned to educate, entertain and empower through our platforms, Comcast NBCUniversal stands for including everyone. Our Diversity, Equity and Inclusion
initiatives, coupled with our Corporate Social Responsibility
work, is informed by our employees, audiences, park guests and the communities in which we live. We strive to foster a diverse, equitable and inclusive culture where our employees feel supported, embraced and heard. Together, we'll continue to create and deliver content that reflects the current and ever-changing face of the world.
Job Description
We are seeking an experienced team member to join the Cyber Security - GRC Organization.
The GRC PCI Analyst will be responsible for day-to-day execution of programs and services aimed at meeting PCI DSS compliance requirements and reducing risk.
The Analyst will manage the discovery process for new internal PCI clients and work with business PCI Coordinators to complete remediation of items identified as being non-compliant.
Once compliance is achieved, the PCI Analyst will track that compliance is maintained and will be responsible for ensuring PCI Coordinators monitor their control owners on the gathering, approval, and storage of PCI evidence used as input to the PCI Report on Compliance (RoC) and Self-Assessment Questionnaire (SAQ) processes.
Key Qualifications:
Understanding of the concepts of information risks and the different elements that make up risk. In addition, understand fundamental concepts of information security.
Experience with Payment Card Industry Data Security Standard (PCI DSS) or equivalent experience in Governance, Risk or Compliance, in a global environment.
Self-starter who can function independently with limited direction.Strong communication and planning skills.
Responsibilities:
Support NBCU businesses in PCI DSS Self-Assessment (SAQ) and Report on Compliance (RoC) activities
Work with PCI Coordinators as the PCI SME on assigned projects and offer council regarding the intent of PCI requirements
Undertake research as needed when PCI questions arise
Manage PCI Discovery/Gap Analysis initiatives and coordinate with various NBCU functional groups to determine compliance status for assigned clients
Work with QSAs to manage process of providing all necessary evidence during PCI assessments
Track status of PCI DSS issues on assigned projects to ensure that all PCI issues are being addressed
Anticipate PCI-related issues and escalate as appropriate
Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders
Educate and raise awareness on payment processing risks and controls
Assist stakeholders with control design and enhancements
Monitor completeness and sustainability of remediation efforts
Liaise with risk champions, application owners, control owners, QSA's, risk SMEs such as Cyber Security, Internal Audit and specialized risk management teams
Contribute to enterprise IT Risk and Control awareness efforts
Maintain deep understanding of organization wide objectives, interactions, issues and risks
Stay abreast of current and emerging information risks, including current or proposed cyber legislation or control frameworks.
Qualifications
Basic Requirements:
Bachelor's degree or equivalent experience
2+years of experience in IT Governance, Risk or Compliance functions
Knowledge of Payment Card Industry Data Security Standard (PCI DSS)
Knowledge of IT Risk Frameworks such as NIST, ISO, CSA, etc.
Knowledge of IT platforms, web, middleware, cloud
services (IaaS, PaaS, SaaS), database, operating systems, infrastructure, routers, firewalls, virtualization, tokenization
An understanding of payment industry participants and basic payments terminology
Ability to work independently and in cross functional teams
Strong analytic skills for problem analysis and resolution
Experience with the MS office suite – Excel, PowerPoint, Word etc.
Strong written/verbal communication and organizational skills
Desired Characteristics:
Security certification such as PCIP, ISA, QSA CISSP, CISM or CISA
Generalist understanding of Network, Cloud, Application and Server Security standards and best practices
Experience evaluating transactions flows and making determinations on how and when to use Self-Assessment Questionnaires
Experience working with third party service providers to ensure data is maintained in a secure and compliant manner
Experience in designing and documenting compensating controls
Experience in Project Management
Ability to prioritize activities based on business criticality, audits, threats, vulnerabilities, and regulatory requirements
Experience supporting enterprise-wide technology initiatives and creating a risk-aware culture
Ability to understand the big picture by aligning activities to business objectives and partnering with other IT GRC functions to align on strategies and enterprise priorities
Additional Requirements:
Fully Remote:
This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee's residence.
This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks.
Learn more about the benefits offered by NBCUniversal by visiting the Benefits pageof the Careers website
Salary range:
$75,000 - $95,000
Application window is anticipated to close on:
06/13/24.
Additional Information
NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.
NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.
If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or as a result of your disability.
You can request reasonable accommodations by .Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.