PCI Security Officer

Job Purpose

To keep up to date with Payment Card Industry Data Security Standard (PCI DSS) and introduce new requirements to the assigned functions by timely following up, reviewing changes, and continuously monitor the changes to ensure they are properly embedded to the Bank’s policies, procedures, and standards and create a secure environment for the Bank against possible data intrusions.

Vacancy by Location

Head Office (1 Post)

Major Areas of Responsibility

Keep up to date with the new requirements from Payment Card Industry Data Security Standard (PCI DSS).

Support in embedding and integration of PCI security processes and new requirements into the Bank’s policies, procedures, and standards to ensure they meet the requirements and changes.

Follow up closely with assigned functions on the changes to ensure the PCI DSS is compliant in the following stages.

Actively be involved at the change preparation stage.

Review changes to comply with PCI DSS.

Request adjustment in policies, standards, and procedures after changes to comply with PCI DSS.

Perform post change monitoring after changes implemented to ensure the changes are complying with the requirements and ensure to maintain the compliance.

Conduct periodic evaluations to identify weaknesses and non-compliance.

Escalate to the line manage any non-compliance and issues that might threaten PCI compliance in a timely manner.

Perform other tasks assigned by line manager.

Skills and Qualifications

Bachelor’s degree in IT, Computer Science, or related fields.

Minimum two years of working experiences in information security; experience in PCI Security is an advantage.

Good knowledge of information security best practices, standards, and frameworks, PCI DSS, NBC, CIS, ISO, NIST.

Understanding of risk management and controls.

Understanding of IT auditing processes.

Strong analytical skills.

Good communication skill (verbal and written) English skills to present to senior management.