What are the responsibilities and job description for the PCI Compliance Administrator position at Gwinnett County?
Job Description
The PCI Compliance Administrator assists the Information Security Team by supporting Gwinnett County Security staff in efforts to protect County systems. This position will be responsible for conducting internal assessments in partnership with finance and information security personnel, application owners, and department managers, with PCI-DSS compliance tasks such as evidence preparation, evidence gathering and review, aligned to the PCI-DSS requirements. In addition they will assist in day-to-day information security risk and compliance activities, review project and business case requests for appropriate security controls, and develop and enhance compliance processes.
Essential Duties
- Serve as a subject matter expert in PCI DSS Compliance
- Support ongoing compliance activities and monitoring efforts across applicable Regulations and Standards (e.g., PCI DSS, HIPAA, CJIS, FISMA etc.)
- Improve current processes and perform regular reviews of IT vendor security practices to identify risk to the County
- Improve current processes and perform regular reviews of user access and privileges to County resources
- Weigh effectiveness of compensating controls and make recommendations to management.
- Track remediation efforts of issues identified by Internal Audit.
- Track and lead non-technical incident response, such as lost devices or policy violations.
- Maintain and improve County IT policies, standards, and procedures.
- Lead efforts to classify application, systems and data based on their impact and criticality to the County.
- Collaborate and build relationships with key IT, Security, and core business partners to enable continued security education and awareness around assigned security risk initiatives.
- Work closely with other teams to create new processes and procedures to meet security and compliance requirements.
- Support the creation and maintenance of a disaster recovery and business continuity plans.
- Ability to handle multiple tasks under tight deadlines.
- Flexibility to adjust quickly to multiple demands, shifting priorities, and rapid change.
- Excellent written and verbal communication skills, interpersonal and collaborative skills to perform requirements gathering.
- The ability to interact, communicate, and relate security and risk-related concepts to technical and nontechnical audiences.
- Excellent presentation and facilitation skills to guide decisions and convey information to the audience effectively.
- This job is a civilian position in either a public safety department or in Information Technology with close ties to public safety. Due to the sensitive nature of this position, a public safety background which may include motor vehicle & criminal histories, and fingerprinting.
- This job is eligible for a hybrid telework schedule after an initial probationary period and individual approval.
The grade for this position is D61(1). Salary will be dependent on education and experience.
Effective 4/11/2023, this position is eligible for the Employee Referral Program.
Minimum Qualifications
- Bachelor's degree in a Computer Science/Engineering, Information Security, Information Systems, Auditing, Information Assurance, Information Security, Intelligence Studies, or Cybersecurity or related field AND
- Seven years progressively responsible, professional level security and compliance experience in a large-scale Information Technology environment
- An equivalent combination of education and experience sufficient to successfully perform the essential duties of the job such as those listed above
- Valid driver’s license
- Minimum 5 years of experience directly working with PCI Compliance with a Level 2 or Level 1 merchant.
- PCI Internal Security Assessor certification.
- Experience with regulatory compliance requirements (SOX, HIPAA, CJIS, etc.)
- Possess strong working knowledge of information security standards and frameworks (NIST, ISO, CSF, CIS, SOC, etc.)
- Experience reviewing vendor security practices for compliance with industry requirements.
- Experience working with other teams to create new processes and procedures to meet security and compliance requirements.
- Audit Certification preferred (CIA, CISA, CISM, CFE, CGAP etc.)
- Ability to handle multiple tasks under tight deadlines.
- Flexibility to adjust quickly to multiple demands, shifting priorities, and rapid change.
- Understanding of project management process, tools, and techniques.
- Knowledge of technology trends and developments.
- Must be a critical thinker with strong problem-solving skills.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to interact, communicate, and relate security and risk-related concepts to technical and nontechnical audiences.
- Excellent presentation and facilitation skills.
Note: The class specifications listed on this website are not the official class specifications for Gwinnett County and are subject to change.
For more information about this department, click here
About Gwinnett County
Welcome to Gwinnett County — one of America's fastest-growing counties for the past 20 years. Our dynamic and exciting county combines the best of big-city living with the comforts of the suburbs.
The county's population in 2000 was about 588,448 and we’ve only continued to grow since then, with the population expected to reach one million by the year 2022.
Gwinnett has many advantages, beginning with its location and road system. The county is just 45 minutes from Hartsfield-Jackson Atlanta International Airport and 30 minutes from downtown Atlanta. Thanks to this location, 80 percent of the U.S. population is within a two-hour flight. Georgia Highway 316 has been extended to Athens, reducing travel time to the University of Georgia to 25 minutes. Gwinnett's infrastructure includes more than 2,750 miles of roadways to provide excellent mobility for our residents.
The County Administrator and County Attorney are appointed by the Board of Commissioners and serve at its pleasure. To implement the Board's policy directives, the County Administrator uses a management team consisting of members of his immediate staff and 14 department directors. The 14 departments that make up the executive side are Police Services, Fire and Emergency Services, Corrections, Communications, Support Services, Financial Services, Community Services, Human Resources, Information Technology Services, Law, Planning and Development, Water Resources, Child Advocacy & Juvenile Services, and Transportation. Each department is run by a director who is charged with managing operations in a manner which stresses the County’s values.
In addition to the executive side of County government, certain services are provided through Constitutional officers and independent elected officials. These external offices are created by the Georgia Constitution or through state law. In Gwinnett, they include the Sheriff, Tax Commissioner, District Attorney, Solicitor, Probate Court Judge, and Chief Magistrate.
Vision
Gwinnett is the preferred community where everyone thrives!
Mission
Gwinnett proudly supports our vibrantly connected community by delivering superior services.
Values
Integrity: We believe in being honest, building trust, and having strong moral principles.
Accountability: We believe in stewardship, transparency, and sustainability.
Equity: We believe in fairness and respect for all.
Inclusivity: We believe in engaging, embracing, and unifying our communities.
Innovation: We believe in continual adaptation of technology, process, and experience.
Hiring Process
Gwinnett County is an Equal Opportunity Employer. For more information regarding our hiring process, please click the links below:
- Hiring Process
- FAQs
For questions about recruitment, or to request a reasonable accommodation during the application, interview, or testing process, please call Human Resources at 770-822-7915 or email Jobs@GwinnettCounty.com.
Salary : $84,719 - $112,252
