PCI Architect (Closed)

SkillStorm is seeking a PCI Architect for our client in Charlotte, NC. Candidates must be able to work on SkillStorm's W2; not a C2C position. EOE, including disability/vets.

Job Description:

• PCI DSS Architect should have a good understanding of the threat landscape that affects applications and infrastructure. The ideal candidate will have cloud and on prem design experience and must be able to articulate segmentation requirements to other architects so they can produce PCI compliant designs and assist in building compensating controls where segmentation, and, security requirements cannot be met.
• In this role the PCI architect will lead and provide input into design sessions which will define the cardholder data environment and limit PCI scope. There is strong collaboration between other members of infrastructure architecture, corporate Cybersecurity, and business users. Occasionally might be required to support compliance activities.
• The architect will also provide input to product teams to achieve PCI compliant products and assist customers with their application designs. A good understanding of PCI DSS implementation at a system and data flow process level are critical to the success of this role.

Required Skills:

• Experience in infrastructure products, such as virtualization, Platform as a Service, Infrastructure as a Service, networks, storage, etc.
• Experience in secure systems architecture or engineering, including system design reviews.
• Creating alignment between security requirements and the infrastructure product teams.
• Working with partners to design infrastructure security solutions that address Payment Security Data Security Standards v3.2.1
• Work with evolving technology, provide guidance to product teams on cutting-edge infrastructure platforms under development, and assist them with getting design approvals to operate.
• Experience in using cloud computing products to design secure systems.
• Ability to work collaboratively in teams and develop meaningful relationships to achieve common goals.
• Experience architecting data flows to maintain PCI compliance, avoiding any compromise of data traveling outside designated zones.
• Ability to partner with compliance partners to interface with QSA’s as needed.

Desired Skills:

• BS/BA degree or equivalent experience.
• 7+ years of system design experience.
• 3+ years of secure systems design experience in a regulated environment (PCI-DSS, HIPAA, SOX, etc).
• Experience with Cloud/SaaS security, infrastructure security, key management, web application security, cyber security: attack scenarios/kill chain, threat actors and controls, threat modeling, vulnerability assessments, information security governance
• Proven experience in design, implementation and operation of large-scale security architecture solutions in a large and complex multi-supplier/multi-platform environment
• Prefer experience with Amazon AWS and/or MSFT Azure
• Experience working with Information Security, Risk, Audit/compliance and/or QSA’s
• Demonstrated ability to use multiple SOR’s and record deliverables
• Knowledge of Payments or Financial Services space
• Experience delivering large projects with significant impact to multiple lines of business, that may have cross-functional or inter-departmental implications
• Agile experience strongly desired
• Merchant services industry experience preferred
• CISSP, CISA, CISM, PCI QSA/ISA Certifications preferred

#LI-DNI