PCI DSS Risk Assessment Analyst (DOD Clearance)
Company Overview
TestPros is a successful and growing business, established in 1988 to provide Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. Our capabilities include Program Management, Program Oversight, Process Audit, Intelligence Analysis, Cyber Security, NIST SP 800-171 Assessment and Compliance, Computer Forensics, Software Assurance, Software Testing, Test Automation, Section 508 and WCAG Accessibility Assessment, Localization Testing, Independent Verification and Validation (IV&V), Quality Assurance (QA), Compliance, and Research and Development (R&D) services. TestPros is an Equal Opportunity Employer.
TestPros delivers innovative independent IT assessment solutions to critical challenges facing the nation and the world. We support the U.S. Federal Government and Commercial clients within the continental USA. TestPros is dedicated to making lives better, safer and more secure.
Job Title: PCI DSS Risk Assessment Analyst
Citizenship: U.S. Citizenship
Location: Quantico, Virginia (with potential requirements for travel to other locations as per project demands)
Clearance: Active DOD Clearance
Role Summary: The PCI DSS Risk Assessment Analyst is responsible for conducting comprehensive assessments of the Marine Corps Community Services’ cardholder data environments. This role involves analyzing and evaluating potential security threats and vulnerabilities to ensure compliance with PCI DSS standards and recommending appropriate security measures.
Key Responsibilities:
- Risk Evaluation: Conduct thorough risk assessments using standard methodologies such as OCTAVE, ISO 27005, or NIST SP 800-30. Identify and evaluate vulnerabilities that could impact the MCCS’s cardholder data environment.
- Documentation and Reporting: Produce detailed risk assessment reports that outline found vulnerabilities, the implications of these vulnerabilities, and recommended remediations. Ensure reports meet PCI DSS Risk Assessment Guidelines.
- Stakeholder Collaboration: Work closely with internal IT teams and external auditors to share findings and develop strategies to mitigate risks.
- Compliance Monitoring: Monitor the effectiveness of implemented security measures to ensure continuous compliance with PCI DSS requirements.
- Training and Guidance: Provide training and technical guidance to system administrators and other stakeholders on security best practices and risk mitigation strategies.
Required Qualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
- Proven experience in conducting PCI DSS risk assessments and familiarity with PCI DSS compliance requirements.
- Strong analytical skills and the ability to interpret complex technical data.
- Excellent report writing and documentation skills.
- Effective communication and interpersonal skills to interact with a variety of stakeholders.
Preferred Qualifications:
- Relevant professional certifications (e.g., Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Risk and Information Systems Control (CRISC)).
- Experience in the Department of Defense (DoD) or similar government sectors.
- Understanding of military IT environments and security protocols.
Security Clearance:
- DoD security clearance.
Benefits and Perks
TestPros offers competitive salary, medical/dental/vision insurance, life insurance, 3 weeks of paid vacation, 2 weeks of paid federal holidays, education/training and professional certifications, 401(k) retirement plan with up to 4% company match, opportunities for professional growth and much more! All benefits are per TestPros current policies and are subject to change without notice. Benefits are available to full-time employees only.