Share this Job

Senior Security Consultant(Cybersecurity PCI Compliance)

Location: 

Toronto, ON, CA Edmonton, AB, CA Calgary, AB, CA Burnaby, British Columbia, CA Vancouver, British Columbia, CA Ottawa, ON, CA Scarborough, ON, CA

Req ID:  23231
Jobs by Category:  Security & Automation
Job Function:  Cybersecurity
Status:  Full Time
Schedule:  Regular

Description

 

Our team and what we’ll accomplish together

 

We are looking for a highly motivated, experienced PCI professional to join the Assurance and Compliance Team within Corporate Information Security (CIS) organization. Our team is focused on TELUS’ Payment Card Industry (PCI), SOC2 and ISO programs, as well as continuing to help grow TELUS Security’s audit, compliance programs and third party initiatives. As a member of this team, you will help technical and business teams understand the security requirements that affect them, the importance of compliance and how TELUS can help with this complex endeavor.

 

This is a great opportunity to join a highly motivated, forward-thinking team focused on proactively keeping TELUS’ customers, data and systems secure. We value strong knowledge of information security controls and principles, and the Payment Card Industry Data Security Standard (PCI DSS). Our intent is to have you grow with us while maintaining your PCI ISA certification, and other valuable industry security and audit related certifications. As a Senior Security Consultant you will manage the annual PCI audit including evidence gathering, generation of periodic quarterly reports, reviewing quality assurance and ensuring timely submission of evidence, coordination of audit resource meetings, and other tasks required to successfully complete the audit. You will also have the opportunity to enhance our existing PCI and other compliance programs such as SOC2 and ISO initiatives.

 

What you’ll do

 

  • Track, document and work with the impacted teams to address PCI compliance gaps to ensure timely closure
  • Ensure ASV Scans and Pen testing are conducted quarterly and annually, respectively with all remediation activities being completed within expected timelines
  • Lead security enhancement projects focused on new or changing PCI compliance requirements and scoped assets
  • Collaborate with the GRA team to draft policies/procedures that govern the security of PCI with a specific focus on compliance requirements
  • Familiar with Risk Assessment concepts to facilitate applicable control efficacy that pertain to PCI controls
  • Educate and build awareness of PCI compliance requirements across TELUS
  • Continuously improve the PCI compliance program with new information and asset scope control, procedures, or documentation
  • Coordinate with Third Party Risk management to ensure PCI compliance needs are being addressed and tracked appropriately with third party vendors
  • Coordinate with Privacy / Legal to ensure the overall compliance landscape is well understood and the program captures a complete view of our PCI compliance needs
  • Assist with other compliance activities for SOC, ISO and other programs. 
  • Coach and mentor junior team members

Qualifications

 

What you bring

 

  • 5 years of experience with PCI compliance audits spanning from collecting PCI requirements to evolving and maintaining an already established PCI compliance framework.
  • Knowledge of information security technology, audit & control measures, monitoring including in-depth knowledge of compliance standards including but not limited to SOX, PCI, CSF and similar IT Compliance and Privacy regulations
  • Solid knowledge of firewall configuration standards, ruleset reviews, and documentation  
  • Solid working knowledge of information security concepts, risk assessment and controls.
  • Ability to work independently with little direction and/or supervision.
  • Superior communication skills with the ability to question, escalate roadblocks early, and interact effectively at multiple levels in the organization.

 

Great-to-haves

 

  • Professional certification (CISSP, CRISK, CISA, CISM or similar) is highly desired, with an intention of completing and maintaining the PCI-ISA certification.
  • Familiarity with other compliance and audit frameworks (SOC, ISO)
  • Former ISA or QSA experience preferred

A bit about us

We’re a people-first, customer-first, purpose-driven team who works together every day to innovate and do good. We improve lives through our technology solutions and foster a culture of innovation that empowers team members to solve complex problems and create remarkable human outcomes in a digital world. When you join our team, you’re helping us make the future friendly.

We’re committed to diversity and equitable access to employment opportunities based on ability—your unique contributions and talents will be valued and respected here.

The health and safety of our team, customers and communities is paramount to TELUS. Accordingly, we require anyone joining our team to be fully vaccinated for COVID-19.

 

 

 

 

Security & Automation

We’re looking for talented sales professionals, solution designers, security technicians and customer support specialists with proven experience in commercial security and automation to join our team.

We are honoured to be recognized

Team TELUS at a glance

1.4M
Days volunteered in our communities

$1.3
Billion contributed to charitable and community organizations since 2000

15.2
Million customer connections

Accessibility

TELUS is proud to foster an inclusive culture that embraces diversity. We are committed to fair employment practices and all qualified applicants will receive consideration for employment.

We offer accommodation for applicants with disabilities, as required, during the recruitment process.