Reporting directly to the IT Infrastructure Director, the PCI (Payment Card Industry) Security Analyst’s responsibility will be to secure the company’s information assets, to validate and report on established policies, and identify areas of concern.

Key Responsibilities

– Maintain and update existing information security policies and procedures. Review the policy on an annual basis. In light of emergent business requirements or security threats, assist management with the approval process

– Create, maintain and distribute incident response plans and escalation procedures

– Monitor and analyze security alerts and distribute information to appropriate information security, technical and business unit management personnel

– Review logs daily. Follow up on any exceptions identified

– Complete tasks as required by the Periodic Operational Security Procedures such as but not limited to :

– Audit Security Policies

– Audit Organizational Security

– Audit Assets classification and Control

– Audit Personnel Security

– Audit Physical and Environmental Security

– Audit System Security

– Maintain audit history and proper justification of previous audits

– On an annual basis, coordinate a formal risk assessment to identify new threats and vulnerabilities and identify appropriate controls to mitigate any new risks

– Ensure that third parties, with whom cardholder data is shared, adhere to the PCI DSS requirements

Key Requirements

– CEGEP or University degree

– Minimum of 3 years related work experience

– Knowledge of PCI Data Security Standards

– Good knowledge of IT environment

– Excellent communication and organizational skills

– Excellent documentation skills

– Bilingual – English and French