You haven't searched anything yet.
About the Company:
Ouro is dedicated to delivering financial empowerment to millions of Americans, leveraging a proprietary payments technology platform that fuels its fintech product innovations. From prepaid, credit and debit account solutions, to digital account and money movement services, Ouro has a broad suite of products and technologies that deliver exceptional experiences for its customers and business partners across co-branded, white label and banking-as-a service verticals. Since its founding in 1999, Ouro products have helped millions of consumers nationwide, and processed tens of billions of dollars.
Present day: Legendary Austin fintech Ouro has opened a new chapter in its role as market maker with the return of its visionary founders Roy and Bertrand Sosa. The combined company meshes Ouro’s customer and partner portfolios, payments platform and innovations with the international footprint and money movement capabilities of Rêv Worldwide, the company the Sosas founded after Ouro. The reunion creates a revitalized financial services innovator on a mission to reimagine financial services for consumers around the world and to redefine the industry once again.
Ouro fosters a high-performance culture and we are building a unified platform and product suite capable of bringing financial mobility and freedom to consumers around the world despite differences in language, currency, culture, and geography.
About the Role:
Leads all aspects of gathering and confirming evidence for PCI-DSS, SOC 2, and SOX audits to help achieve compliance with payment card industry standards, financial and data privacy regulations as they pertain to the IT environment. Ensures that appropriate IT policies and controls are in place and followed in accordance with corporate standards and processes.
Serves in an evaluating role to our business challenges and applying recommended solutions through knowledge of the PCI-DSS and data privacy standards and controls.
Responsibilities
Leads collaboration efforts with stakeholders to define, execute, and track pre-audit preparation tasks to meet year-round compliance goals
Ensure timely completion of regulatory documentation, including compliance related to PCI-DSS and Data Privacy.
Ensures the audit scope is defined and substantiated by appropriate evidence
Analyzes prior year’s audit for lesson’s learned value
Ensures compliance objectives are clearly communicated to stakeholders
Assist with tracking of, scheduling, and execution of SOX, SOC 2, Data Privacy and PCI DSS assessments
Ensure adherence with IT policies, procedures, and processes in accordance with business and regulatory requirements, as well as updating existing and/or creating new documents as needed
Collates and review documentation or evidence for appropriateness prior to any given assessment
Perform business and technical analysis to identify and document appropriate compliance controls
Research project to define and document appropriate controls
Log artifacts requested during interview sessions
Maintain metrics showing status of assessments and audits.
Derive new metrics to identify leading indicators of potential audit issues
Gathers evidence from stakeholders, coordinating reviews, and uploading to assessors’ portals
Analyze artifacts received to ensure they meet the intent of the assessment and demonstrate compliance
Populate report templates with current status information and keep manager and team members informed of potential delays or issues with updates
Support management programs to mature compliance posture
Engage affiliate points of contact to promote corporate compliance best practices
Implement continuous improvement around IT compliance and security best practices
Interface with internal and external PCI, SOC2, SOX and Data Privacy auditors to represent how compliance and security controls are applied and can be demonstrated in existing or planned processes
Conduct compliance awareness programs for groups dealing with but not limited to PAN, PII, Confindential, Sensitive Data, developers, and administrators
Must have technical understanding of network, systems, and other IT security protocols; i.e. segmentation, pen tests, vulnerability tests, etc.
Self-disciplined and able to work on individual tasks, sometimes without clear requirements, and to work well in a team environment.
Work with multiple groups/teams within our organization, as well as external vendors.
Requirements
Expert understanding of PCI-DSS and underlying intent of requirements.
Experience in recommending and evaluating compensating controls.
3 years of experience in the Payment Card Industry.
3 years documented experience in these areas: Change Management; Network Security; Application Security; Systems Integration and Security; Auditing Information Systems and Processes; Information Security; Segmentation, Pen, and Vulnerability testing; Risk Assessments; Risk Management; IT Policies and Processes
Bachelor’s degree relevant to this field; or equivalent combination of knowledge and work experience; minimum 3 years related experience.
ISA certification preferred
Pen Testing certification preferred
Excellent leadership, problem solving and time management skills.
Excellent written and verbal communication skills
Must interact professionally with a diverse group of executives, managers, and subject matter experts
Ability to multi-task, elicit cooperation and communicate to all levels of management and all departments within the organization.
Exercises good judgment and understanding of dependencies across multiple IT groups
Must be a motivated, forward thinking individual who is able to work with minimal supervision.
Full Time
$63k-76k (estimate)
01/27/2024
04/23/2024
ouroinvestimentos.com
Laredo, TX
<25
The job skills required for Information Security Compliance Analyst include IT Security, Security Controls, Leadership, Problem Solving, Collaboration, Verbal Communication, etc. Having related job skills and expertise will give you an advantage when applying to be an Information Security Compliance Analyst. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Information Security Compliance Analyst. Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Information Security Compliance Analyst positions, which can be used as a reference in future career path planning. As an Information Security Compliance Analyst, it can be promoted into senior positions as a Systems/Application Security Analyst that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Information Security Compliance Analyst. You can explore the career advancement for an Information Security Compliance Analyst below and select your interested title to get hiring information.