IT Security & Compliance Engineer

99 Cents Only Stores

(Katy, Texas)

Full Time

Job Posting Details

About 99 Cents Only Stores

99 Cents Only Stores is a premier deep-discount retailer that primarily carries name-brand consumable and general merchandise.

Summary

At 99 Cents Only Stores, LLC, we are recruiting talented individuals for the position of IT Security & Compliance Engineer.

Responsibilities

* Compliance
    * Coordinate security compliance efforts (e.g., PCI-DSS, Sarbanes-Oxley)
    * Support business relationships with compliance program owners as an expert on the risks, processes, and controls associated with their programs
    * Manages the PCI & SOX compliance requirements gathering, and audits according to the planned schedules, coordination of audit requests and observations, creation of audit testing schedule
    * Security policy /documentation generation & review
* Security
    * Maintain, monitor, & troubleshoot anti-virus & anti-malware software suites (Kaspersky 10 experience is a plus)
    * Completes daily analysis and monitoring of client / server systems for any potential security issues
    * Identify security issues and risks, and develop mitigation plans
    * Provide KPI’s and reoccurring reports related to IT Security and compliance efforts
    * Network IDS / IPS signature tuning
    * Generate and maintain platform-specific security baselines
    * Vendor / Managed Service Provider escalations

Compliance
- Coordinate security compliance efforts (e.g., PCI-DSS, Sarbanes-Oxley)
- Support business relationships with compliance program owners as an expert on the risks, processes, and controls associated with their programs
- Manages the PCI & SOX compliance requirements gathering, and audits according to the planned schedules, coordination of audit requests and observations, creation of audit testing schedule
- Security policy /documentation generation & review
Security
- Maintain, monitor, & troubleshoot anti-virus & anti-malware software suites (Kaspersky 10 experience is a plus)
- Completes daily analysis and monitoring of client / server systems for any potential security issues
- Identify security issues and risks, and develop mitigation plans
- Provide KPI’s and reoccurring reports related to IT Security and compliance efforts
- Network IDS / IPS signature tuning
- Generate and maintain platform-specific security baselines
- Vendor / Managed Service Provider escalations

Ideal Candidate

* Bachelor’s degree in computer science, information technology or equivalent experience
* 2-5 years of working experience in IT Risk, IT Compliance, and / or IT Security with specialized knowledge of audits and process management
* Understanding of IT controls across domains, and information security environments.
* Certifications such as MCSE, CCNP, CWNP, CCSP, CEH, CISSP, or CCSE
* Strong working knowledge of firewall and network IDS / IPS technologies
* Working knowledge of Cisco ASA firewall platforms
* Working knowledge of McAfee network IDS / NIPS platforms
* Strong working knowledge of SAP GRC (AC 10.1) access control platform
* Working knowledge of the security principals and techniques used within the SAP landscape
* Working knowledge of Payment Card Industry (PCI) and Sarbanes-Oxley, or other IT related compliance frameworks
* Strong critical thinking skills; well organized and detail-oriented
* Must be capable of working well independently, as well as in a collaborative team environment
* Ability to effectively prioritize and execute tasks in a fast paced environment.
* Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines
* Exceptional written and oral communication skills
* Exceptional interpersonal skills
* Strong documentation skills, ranging from: creation of technical white papers to executive presentations to end-user security awareness training
* Professional maturity and confidence in discussing sensitive, complex issues with other IT teams, business units, and senior management
* Experience with IT Security and Compliance in the retail industry is a plus

Bachelor’s degree in computer science, information technology or equivalent experience
2-5 years of working experience in IT Risk, IT Compliance, and / or IT Security with specialized knowledge of audits and process management
Understanding of IT controls across domains, and information security environments.
Certifications such as MCSE, CCNP, CWNP, CCSP, CEH, CISSP, or CCSE
Strong working knowledge of firewall and network IDS / IPS technologies
Working knowledge of Cisco ASA firewall platforms
Working knowledge of McAfee network IDS / NIPS platforms
Strong working knowledge of SAP GRC (AC 10.1) access control platform
Working knowledge of the security principals and techniques used within the SAP landscape
Working knowledge of Payment Card Industry (PCI) and Sarbanes-Oxley, or other IT related compliance frameworks
Strong critical thinking skills; well organized and detail-oriented
Must be capable of working well independently, as well as in a collaborative team environment
Ability to effectively prioritize and execute tasks in a fast paced environment.
Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines
Exceptional written and oral communication skills
Exceptional interpersonal skills
Strong documentation skills, ranging from: creation of technical white papers to executive presentations to end-user security awareness training
Professional maturity and confidence in discussing sensitive, complex issues with other IT teams, business units, and senior management
Experience with IT Security and Compliance in the retail industry is a plus