Jobs
>
Los Angeles

    GRC Analyst, PCI - Los Angeles, United States - NBCUniversal

    NBCUniversal
    NBCUniversal Los Angeles, United States

    1 week ago

    Default job background
    Description


    We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our theme parks and consumer experiences.

    We own and operate leading entertainment and news brands, including NBC, NBC News, MSNBC, CNBC, NBC Sports, Telemundo, NBC Local Stations, Bravo, USA Network, and Peacock, our premium ad-supported streaming service.

    We produce and distribute premier filmed entertainment and programming through Universal Filmed Entertainment Group and Universal Studio Group, and have world-renowned theme parks and attractions through Universal Destinations & Experiences.

    NBCUniversal is a subsidiary of Comcast Corporation.
    Here you can be your authentic self. As a company uniquely positioned to educate, entertain and empower through our platforms, Comcast NBCUniversal stands for including everyone. Our Diversity, Equity and Inclusion

    initiatives, coupled with our Corporate Social Responsibility

    work, is informed by our employees, audiences, park guests and the communities in which we live. We strive to foster a diverse, equitable and inclusive culture where our employees feel supported, embraced and heard. Together, we'll continue to create and deliver content that reflects the current and ever-changing face of the world.
    Job Description

    We are seeking an experienced team member to join the Cyber Security - GRC Organization.

    The GRC PCI Analyst will be responsible for day-to-day execution of programs and services aimed at meeting PCI DSS compliance requirements and reducing risk.

    The Analyst will manage the discovery process for new internal PCI clients and work with business PCI Coordinators to complete remediation of items identified as being non-compliant.

    Once compliance is achieved, the PCI Analyst will track that compliance is maintained and will be responsible for ensuring PCI Coordinators monitor their control owners on the gathering, approval, and storage of PCI evidence used as input to the PCI Report on Compliance (RoC) and Self-Assessment Questionnaire (SAQ) processes.


    Key Qualifications:
    Understanding of the concepts of information risks and the different elements that make up risk. In addition, understand fundamental concepts of information security.

    Experience with Payment Card Industry Data Security Standard (PCI DSS) or equivalent experience in Governance, Risk or Compliance, in a global environment.

    Self-starter who can function independently with limited direction.
    Strong communication and planning skills.

    Responsibilities:
    Support NBCU businesses in PCI DSS Self-Assessment (SAQ) and Report on Compliance (RoC) activities
    Work with PCI Coordinators as the PCI SME on assigned projects and offer council regarding the intent of PCI requirements
    Undertake research as needed when PCI questions arise
    Manage PCI Discovery/Gap Analysis initiatives and coordinate with various NBCU functional groups to determine compliance status for assigned clients
    Work with QSAs to manage process of providing all necessary evidence during PCI assessments
    Track status of PCI DSS issues on assigned projects to ensure that all PCI issues are being addressed
    Anticipate PCI-related issues and escalate as appropriate
    Contribute to overall program enhancements and drive automation with various IT and Cybersecurity stakeholders
    Educate and raise awareness on payment processing risks and controls
    Assist stakeholders with control design and enhancements
    Monitor completeness and sustainability of remediation efforts
    Liaise with risk champions, application owners, control owners, QSA's, risk SMEs such as Cyber Security, Internal Audit and specialized risk management teams
    Contribute to enterprise IT Risk and Control awareness efforts
    Maintain deep understanding of organization wide objectives, interactions, issues and risks
    Stay abreast of current and emerging information risks, including current or proposed cyber legislation or control frameworks.
    Qualifications


    Basic Requirements:
    Bachelor's degree or equivalent experience
    2+years of experience in IT Governance, Risk or Compliance functions
    Knowledge of Payment Card Industry Data Security Standard (PCI DSS)
    Knowledge of IT Risk Frameworks such as NIST, ISO, CSA, etc.
    Knowledge of IT platforms, web, middleware, cloud

    services (IaaS, PaaS, SaaS), database, operating systems, infrastructure, routers, firewalls, virtualization, tokenization
    An understanding of payment industry participants and basic payments terminology
    Ability to work independently and in cross functional teams
    Strong analytic skills for problem analysis and resolution
    Experience with the MS office suite – Excel, PowerPoint, Word etc.
    Strong written/verbal communication and organizational skills

    Desired Characteristics:
    Security certification such as PCIP, ISA, QSA CISSP, CISM or CISA
    Generalist understanding of Network, Cloud, Application and Server Security standards and best practices
    Experience evaluating transactions flows and making determinations on how and when to use Self-Assessment Questionnaires
    Experience working with third party service providers to ensure data is maintained in a secure and compliant manner
    Experience in designing and documenting compensating controls
    Experience in Project Management
    Ability to prioritize activities based on business criticality, audits, threats, vulnerabilities, and regulatory requirements
    Experience supporting enterprise-wide technology initiatives and creating a risk-aware culture
    Ability to understand the big picture by aligning activities to business objectives and partnering with other IT GRC functions to align on strategies and enterprise priorities

    Additional Requirements:

    Fully Remote:


    This position has been designated as fully remote, meaning that the position is expected to contribute from a non-NBCUniversal worksite, most commonly an employee's residence.

    This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts and perks.

    Learn more about the benefits offered by NBCUniversal by visiting the Benefits page

    of the Careers website


    Salary range:
    $75,000 - $95,000
    Application window is anticipated to close on:

    06/13/24.
    Additional Information


    NBCUniversal's policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.

    NBCUniversal will consider for employment qualified applicants with criminal histories in a manner consistent with relevant legal requirements, including the City of Los Angeles Fair Chance Initiative For Hiring Ordinance, where applicable.

    If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or as a result of your disability.

    You can request reasonable accommodations by .
    Explore more InfoSec / Cybersecurity career opportunities


    Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

    #J-18808-Ljbffr
  • SHEIN Technology LLC

    GRC Risk Analyst

    1 week ago

    SHEIN Technology LLC Los Angeles, United States

    Job Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at ...

  • SHEIN Technology LLC

    Privacy Intern

    1 week ago

    SHEIN Technology LLC Los Angeles, United States

    Job Title: Privacy Intern · Reports to: Chief Privacy Officer · Job Location: Los Angeles, CA · Hours: Fulltime · Internship Duration: June 17, 2024 – August 23, 2024 · About SHEIN · SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and produ ...

  • SHEIN Technology LLC

    GRC Risk Analyst

    2 weeks ago

    SHEIN Technology LLC Los Angeles, United States

    Job Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-demand manufacturin ...

  • eTeam

    Sharepoint Administrator

    2 weeks ago

    eTeam Los Angeles, United States

    Title: Web and Digital Senior Applications Analyst · Minimum wage rate: $52.94 on w2 · Work location: 1500 Warburton Ave Santa Clara, CA / Hybrid (3 days on-site) · Work hours: 8-5 M-F · Contract to Hire · UPDATE: · SharePoint administration · experience IS · NOW REQUIRED · ...

  • SHEIN Technology LLC

    Privacy Intern

    2 weeks ago

    SHEIN Technology LLC Los Angeles, United States

    Job Title: Privacy Intern · Reports to: Chief Privacy Officer · Job Location: Los Angeles, CA · Hours: Fulltime · Internship Duration: June 17, 2024 – August 23, 2024 · About SHEIN · SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion acce ...

  • SHEIN Technology LLC

    GRC Risk Analyst

    2 days ago

    SHEIN Technology LLC Los Angeles, United States

    Job Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, a ...

  • City National Bank

    Lead IT Risk Analyst

    9 hours ago

    City National Bank Los Angeles, United States

    Overview: · LEAD IT RISK ANALYST WHAT IS THE OPPORTUNITY? · The Lead IT Risk Controls Analyst is a subject-area specialist with specialized training, methods, and analytic techniques to create recommendations and directions for IT risk mitigation in a complex technical environm ...

  • Jada Systems

    Cloud Solutions Architect

    2 weeks ago

    Jada Systems Los Angeles, United States

    Job Description · Job Description · Jada Systems has a need for a Cloud Solutions Architect who will be responsible for evaluating, identifying, and delivering the Cloud Infrastructure Architecture and operational processes. The Architect will develop related standards and guide ...

  • Epik Solutions

    Technical Security Consultant

    1 day ago

    Epik Solutions Los Angeles, United States

    Job Title: Technical Security Consultant · Duration: Long Term · Pay Range: $60-$80 per hour · The tasks for the Security Analyst include, but are not limited to, the following: · Proactively identify and assess threats to Clients users, network and data · Monitor and respond to ...

  • Tik Tok

    Compliance Technical Security Assurance Analyst

    1 day ago

    Tik Tok Los Angeles, United States

    Responsibilities · About TikTok U.S. Data Security · TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. U.S. Data Security ("USDS") is a subsidiary of TikTok in the U.S. This new, security-first division was create ...

  • County of Orange

    Director of Treasury

    1 day ago

    County of Orange Los Angeles, United States

    Director of Treasury · (Fiscal Deputy Director) · SALARY INFORMATION · This position is scheduled to receive salary range increases on the following dates: · Effective June 28, 2024: 4.25% increase · Effective June 27, 2025: 4.00% increase · Salary may be negotiable within th ...

  • SHEIN Technology LLC

    GRC Risk Analyst

    2 weeks ago

    SHEIN Technology LLC Los Angeles, United States Full time

    About the job · Job Title: GRC Risk Analyst I · Reports to: GRC Risk Manager · Job Location: Los Angeles, CA, USA · Job Status: Exempt, FT · About SHEIN · SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-de ...

  • Mantek Solutions

    Information Security Engineer

    2 days ago

    Mantek Solutions Montebello, United States

    Job Description · Job DescriptionOur Client is in need of an Information Security Engineer for a full time position in Montebello, CA. · May require travel to sites. · Job Summary: · The IT Security Engineer is responsible to identify, evaluate, and implement technical security c ...

  • ISACA LA

    Senior IT Risk

    1 week ago

    ISACA LA San Marino, United States

    Senior IT Risk & Compliance Analyst · Job ID · Category Information Technology · Position Type Full-Time · Introduction · Since 1973, East West Bank has served as a pathway to success. With over 120 locations across the U.S. and Asia, we are the premier financial bridge betwee ...

  • InsideHigherEd

    Manager, Physical Plant and Environmental Safety Products

    1 week ago

    InsideHigherEd Hawthorne, United States

    · Manager, Physical Plant & Environmental Safety Products · University of California Los Angeles · Department Summary · The Technology Operations team oversees the design, development, implementation, maintenance, enhancement, and operations of IT platforms, systems, and applica ...

  • HIKINEX

    IAM Engineer/Analyst

    1 week ago

    HIKINEX Orange, United States

    We're looking for an Information Security Engineer/Analyst to bolster our IAM team, supporting access management and PAM security functions. This role focuses on continuous improvement of IAM and PAM processes, emphasizing Identity and Access control system implementation, and sa ...

  • HIKINEX

    IAM EngineerAnalyst

    2 weeks ago

    HIKINEX Orange, United States

    We're looking for an Information Security Engineer/Analyst to bolster our IAM team, supporting access management and PAM security functions. This role focuses on continuous improvement of IAM and PAM processes, emphasizing Identity and Access control system implementation, and sa ...

  • Holland America Group

    IT Business Analyst

    1 week ago

    Holland America Group Santa Clarita, United States

    Job Description · Princess Cruises, Holland America Line, and Seabourn offer world-renown vacations at sea to travelers around the globe. This is an opportunity to join a dynamic, unified organization as part of their highly experienced team in our corporate office. · We're loo ...

  • HR Pals

    Information Technology Security Analyst

    2 weeks ago

    HR Pals Arcadia, United States

    Job Description · Job DescriptionSummary: · Under the general direction of the CIO, the Information Technology Security Analyst is responsible for the support, maintenance and implementation of the company's IT security systems and infrastructure. This includes security system de ...

  • Wescom Credit Union

    Sr. Information Security Analyst

    1 week ago

    Wescom Credit Union Anaheim, United States

    Please use Firefox or Chrome internet browser to complete this application · Current Wescom Employees: Please visit the Career Center in Workday to search and apply for a current job opening. · We value and rely on the unique talents and contributions of our employees to absolut ...