Information Security Consultant (Payment Card Industry Focus)

Location:

Job Profile Summary 

Use skills, experience, and talent to help Key grow an effective information security program by analyzing, assessing, and helping mitigate security issues.

This technical position will handle operational tasks performed by the Payment Card Industry (PCI) Office within Corporate Information Security.  Examples of those operational tasks are Cloud network design and execution, change management administration, data loss prevention support, vulnerability management support, variance process handling, documentation gathering and processing for both internal and external audits.

Applicant should have a working knowledge of networking, cloud infrastructure, authentication, banking, risk management and information security and must have excellent presentation, writing, communication, critical thinking, and customer interface skills.

Essential Job Functions

• Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
• Evaluate cost/benefit, economic, and risk analysis in decision-making process.
• Coordinate and review with internal and external subject matter experts to ensure existing qualification standards reflect organizational functional requirements and meet industry standards.
• Promote awareness of policy and strategy as appropriate among management and ensure sound principles are reflected in the organization's mission, vision, and goals.
• Interpret and apply applicable laws, statutes, standards, and integrate into policy.
• Review, conduct, or participate in PCI attestations, and audits of cyber programs and projects.
• Serve as an internal consultant and advisor in PCI DSS and security.
• Support the design, validation, and completion of assessments.
• Leverage best practices and lessons learned of organizations and institutions dealing with PCI and security issues.
• Assist with the development of policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational PCI and security activities.
• Assist with administrative planning activities, to include preparation of functional and specific support plans, preparing and managing correspondence.

Required Qualifications

• Minimum of three years of information security, banking, or risk management experience
• Bachelor’s degree or equivalent work experience.
• Strong understanding of payment networks, cyber security, and knowledge of financial industry.
• Ability to translate PCI DSS requirements to the enterprise, including lines of business, project teams and other stakeholders.
• Ability to process and analyze a large quantity of time sensitive data in a fast paced, high profile, environment.
• Strong risk-based analysis and decision-making skills.
• Ability to identify and implement process improvement opportunities.
• Results oriented, team player, and self-starter with ability to work with general direction.
• Ability to manage competing priorities.

Preferred Qualifications

• Strong understanding of risk management processes (e.g., methods for assessing and mitigating risk). 
• QSA, ISA or PCIP certification
• Knowledge of laws, regulations, policies, principles, and ethics as they relate to PCI Data Security Standards (DSS), security, and privacy.
• Awareness of current and emerging cyber and card technologies and associated risks.

Key has implemented a role-based Mobile by Design approach to our employee workspaces, dedicating space to those whose roles require specific workspaces, while providing flexible options for roles which are less dependent on assigned workspaces and can be performed effectively in a mobile environment.  As a result, this role may be mobile or home based, which means you may work either at a home office or in a Key facility to perform your job duties. ​

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $67,000.00 to $100,000.00 annually depending on location and job-related factors such as level of experience. Compensation for this role also includes eligibility for short-term incentive compensation and deferred incentive compensation subject to individual and company performance.

Please click here for a list of benefits for which this position is eligible.

Key has implemented a role-based Mobile by Design approach to our employee workspaces, dedicating space to those whose roles require specific workspaces, while providing flexible options for roles which are less dependent on assigned workspaces and can be performed effectively in a mobile environment. As a result, this role may be Mobile or Home-based, which means you may work primarily either at a home office or in a Key facility to perform your job duties.

KeyCorp is an Equal Opportunity and Affirmative Action Employer committed to building a diverse, equitable and inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status or other protected category.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.

#LI-Remote