The Albertsons Companies is one of the largest food and drug retailers with 2,300 stores. The Albertsons Companies family of brands includes some of the most prominent brands in food retailing, with a growing base of loyal shoppers. Thanks to the professionalism, diversity, spirit and friendliness of our people, we have locations across the U.S.
The Information Technology Department has an opening for a Senior Information Security Analyst. This position is in Phoenix, AZ.
The Albertsons Information Security (InfoSec) Governance & Compliance team has a need for a Senior InfoSec Analyst for our Payment Card Industry (PCI) compliance program. The ideal candidate will have a robust understanding of the current PCI-Data Security Standards (PCI-DSS) and be able to guide multiple simultaneous compliance activities. This individual will be responsible for liaising with Information Security leadership and various individuals/teams in IT and Business areas.
This position reports to the Sr. Manager, InfoSec Governance & Compliance and supports the Chief Information Security Officer. This is an individual contributor role.
Key Responsibilities include, but are not limited to:
* Ability to handle multiple remediation plans at any given time
* Well-organized, detail oriented, has great communication skills and thrives in a fast-paced environment
* Produce timely and high-quality work products in support of InfoSec initiatives
* Flexibility and ability to work collaboratively within a matrix, 'virtual' environment
* Monitors and manages the compliance activities assigned to other teams to ensure effective tracking
* Audits and manages the teams in collection and validation of evidence as required
* Provides advice on PCI compliance
* Reviews, assesses, and provides guidance on new initiatives, projects and services that are involved with cardholder data
* Leads the effort to implement new versions of PCI-DSS requirements, including the reviewing of the technology lifecycle and end of life impacts (platforms, software, database) on PCI applications and Cardholder Data Environment.
* Coordinates the work of the Qualified Security Assessor (QSA), as required
* Ensures the effective maintenance of the program to monitor service providers PCI-DSS compliance status.
* Manages the PCI controls library
* Provides periodic compliance status reports to senior management, as directed or requested
* Manages PCI compliance risks and issues log
* Responds to alleged violations of PCI compliance policies, procedures, and standards by evaluating or recommending the initiation of investigative procedures
* May require some travel depending upon project specifics and business locations
* 4-year degree (Information Security, Risk Management, Information Systems, Computer Science, Business Administration, Project management or related functional field) and/or equivalent combination of education or work experience
* 7 years' experience as an InfoSec Analyst
* In depth knowledge and experience working with PCI-DSS controls
* Experience working with InfoSec compliance programs
* Expertise and knowledge of IT practices including information security, networking, event management, access management, authentication, and security scans
* Knowledge of technologies such as SQL, Oracle, Red Hat Enterprise Linux, Window Server, VMWare, Cloud, Mainframes, Firewalls, Network technologies, Active Directory, VPNs, Data Loss Prevention tools, etc.
* Must possess superior problem-solving skills, be action-oriented and decisive
* Excellent organizational skills and the ability to work under pressure to balance competing priorities in meeting business deadlines
* Excellent verbal, written, presentation and interpersonal communications skills
* Ability to effectively articulate and present complex concepts, ideas and strategies to senior leadership and end-users
* Self-motivated and able to perform with minimal supervision
* Have the following characteristics: creativity, drive, high-energy level, motivated, self-initiative
* Current or previous PCI-QSA or PCI-ISA certification a plus
* CISSP or CISM a plus
* Experience in corporate retail environments a plus
* Experience with GRC platforms such as RSA Archer a plus
How to Apply: Interested candidates are encouraged to submit a resume by visiting
Diversity is fundamental at The Albertsons Companies. We foster an inclusive working environment where the different strengths and perspectives of each employee is both recognized and valued. We believe that building successful relationships with our customers and our communities is only possible through the diversity of our people. A diverse workforce leads to better teamwork and creative thinking, as well as mutual understanding and respect.
The Albertsons Companies policy is to provide employment, training, compensation, promotion and other conditions of employment without regard to race, color, religion, sexual orientation, gender identity, national origin, sex, age, disability, veteran status, medical condition, marital status or any other legally protected status.
We support a drug-free workplace -- all applicants offered a position are required to pass a pre-employment drug test before they are hired.
AN EQUAL OPPORTUNITY EMPLOYER
Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled