Who are we?
Kellen Company is a global professional services firm with a primary concentration in association management and communications. We also offer additional services to our clients such as meetings and conference management, digital marketing and strategic advice. We are an employee-owned company (ESOP) with 200+ employees from a wide variety of professional disciplines. Kellen has eight offices in Atlanta, Brussels, Beijing, Chicago, Kansas City, Denver, New York City and Washington DC. Kellen celebrated its 50th anniversary in 2014.
What are we looking for?
Our PCI Compliance Manager oversees the organization’s PCI Compliance efforts by determining security requirements, planning and reviewing enterprise security systems, and contributing to security policies and procedures. The position’s efforts are usually large, complex, or ambiguous, and involve multiple business areas, departments, or partners.
What will you do?
- Participate in Corporate and Client facing audit engagement to meet applicable standards and compliance initiatives (e.g. PCI DSS)
- Participate in defining, implementing, and managing the life-cycle of overall security strategies, policies, and procedures
- Perform regular Corporate risk assessments and business impact analyses
- Assist with development and publishing Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
- Assist in developing and delivering security awareness training and security presentations
- Create and promote information security metrics that justify Corporate investments
- Monitor and provide advice on information security issues related to the systems and workflow to ensure the internal security controls for the organization are appropriate and operating as intended.
- Collaborate with IT management, the legal department, safety and security, and law enforcement agencies to manage security vulnerabilities.
- Participate in architecting and supporting information security solutions to reduce the Corporation’s risk profile (e.g. Network/Host IDS, Vulnerability Scanning and Management, & Incident Response)
- Act as a SME for corporate security initiatives and provide information security advice and guidance
- Performs security architecture reviews of mission-critical applications and identifies risk to corporate and customer data through a risk and impact analysis processes.
- Delivers written security requirements regarding risk impact to systems, and suggests appropriate security controls based on capabilities of the corporate security infrastructure and documented standards.
- Develops process and procedures to expedite delivery of security requirements.
- Lead role to provide thought leadership, foster innovation, standardize and drive adoption of industry best practices for the security division as well as promote security education throughout the enterprise.
- Mitigates security risks with Information Technology and Information Systems teams to deploy effective controls at all levels and enforce security requirements for protecting data against unauthorized, accidental or deliberate, modification, disclosure, denial, and destruction of company resources and data.
- Looks for innovative ways to analyze and solve security challenges. Applies the appropriate security analysis techniques and tools to address complex business problems.
- Solves complex or unusual problems that affect multiple business or ITS areas.
Am I qualified?
- Working knowledge with various compliance regulations and IT/security frameworks/standards (e.g. PIC DSS)
- Working knowledge of PCI specific scope reduction technologies
- Advanced technical knowledge of security tools, programs, and concepts
- Highly motivated, team oriented individual with excellent oral and written communication skills
- Project management experience delivering compliance, audit, and/or information security initiatives on time and on budget
- Thorough understanding of network and system based attack vectors as well as forensic remediation
- Strong knowledge of firewall, switch, router, DNS, vulnerability management, IDS, log management, FIM, and packet capture technology
- Solid knowledge and experience of security controls across all security domains such as access management, encryption methods, vulnerability management, network security, etc.
- Demonstrates mastery of multiple security technologies such as application, perimeter and endpoint security tools, authentication techniques, enterprise security management tools, encryption methods, directory services, and networking communication skills.
- Experience delivering written security requirements in Windows server environments is preferred.
- Demonstrates proven ability to deal with large complex problems and structures them for efficient, effective solutions.
- Strong analytical, problem-solving and critical thinking skills.
- Strong written communications and presentation skills.
- Ability to manage multiple projects with ambitious deadlines
- Has strong interpersonal skills and can communicate effectively with IT and business management personnel.
- Certifications from one or more of the following organizations: PCI Security Standards Council, ISC2, GIAC, ISACA, IAPP
- Big 4 security consulting experience or related professional services/consulting background strongly preferred
- Deep experience in information security compliance
- In-depth experience of PCI and data security frameworks and regulatory standards
- Experience with developing security and compliance reporting for a variety of audiences, including executive management
- Experience developing and submitting audit and compliance reports to governing bodies, legal entities, and/or external authorities
- Experienced in processes for assessing and designing internal controls for large scale organizations
- Experience assessing security risk for large scale organizations. Specific experience in cloud services technologies a plus
What do we offer?
Kellen is an employee-owned company (ESOP) with 300+ employees from a wide variety of professional disciplines. We have eight offices which are located in Atlanta, Brussels, Beijing, Chicago, Denver, Kansas City, New York City and Washington, DC. We offer a professional and collegial work environment, great benefits and take pride in delivering innovative solutions and new opportunities to clients to help them achieve greater levels of success.
Interested applicants should submit a cover letter, resume, writing sample and salary requirements to HR5@kellencompany.com