Kforce Consult Security Compliance in Framingham, Massachusetts

Kforce is currently seeking a Consult Security Compliance for their client in Framingham, Massachusetts (MA). Overview:The Information Security Compliance candidate will be responsible for helping demonstrate our client's compliance posture relative to Information Security within the company and to external parties by driving their continued compliance efforts with external and internal requirements. This includes maintaining the security controls required primarily by PCI and other regulatory compliance frameworks. Essential Duties:

  • Support the identification, implementation, and maintenance of Security Controls required by PCI, and other regulatory compliance frameworks in a collaborative manner with other key stakeholders

  • Participate in the development and oversight of required corrective action plans relating to Security Compliance and PCI issues

  • Provide oversight in order to monitor and maintain and their GRC platform (Archer)

  • Support Security Assessments, develop mitigation plans, and work with internal project managers to assign responsibility

  • Establish and manage the security risk assessment for new and ongoing projects and advise on architectures, Security, and mitigating controls

  • Understand technical implementation details necessary to assess and design practical security controls in conjunction with other functional areas

  • Partner with team members and cross functional groups to ensure programs align with PCI compliance requirements

  • Assist with responding to external PCI auditor requests inquiring about security posture

  • Promote Security Compliance internally while maintaining their core values of transparency, fairness and trust

  • 8 - 10 years of experience in Information Security, preferably in the audit & compliance related field

  • Experience with PCI Compliance, preferably as an active Internal Security Assessor (ISA) or Qualified Security Assessor (QSA)

  • Deep understanding of PCI Data Security Standards and other Security frameworks such as ISO 27000 Series, NIST, etc.

  • Experience working with GRC platforms - Archer GRC v6 strongly preferred

  • Experience in performing Information Security risk assessments

  • Strong foundation in and in-depth technical knowledge of Security Engineering, computer and Network Security, authentication, and Security Controls

  • Strong understanding of most of the following common Security Compliance frameworks, controls, and best practices; OWASP Top 10, SANS CIS Critical Security Controls, (SSAE 16 - SOC 2 and 3; regulations governing personally identifiable information (PII), and other applicable regulatory compliance frameworks

  • History of successful engagements with external auditors for various compliance audits

  • In-depth understanding of network and System Security technology and practices across all major-computing areas

  • Security certifications desired such as CISA, CISSP, CISM, CRISC, ISO 27001 etc.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.Compensation Type:Hours