What are the responsibilities and job description for the IT Compliance and Security Analyst position at Yesway?
Who We Are:
Yesway is one of the fastest-growing convenience store operators in the United States. Established in 2015, Yesway is a multi-branded platform headquartered in Fort Worth, Texas, which operates 403 stores located in Texas, New Mexico, South Dakota, Iowa, Kansas, Missouri, Wyoming, Oklahoma, and Nebraska. We operate our portfolio primarily under two successful brands, Yesway and Allsup’s. Our sites are differentiated through a leading foodservice offering, featuring Allsup’s famous deep-fried burrito, and a wide variety of high-quality grocery items and private-label products. Our geographic footprint consists of stores located in attractive rural and suburban markets across the Midwest and Southwest, where we often are the convenience retail destination of choice and effectively the local grocer. We have a successful track record of growing through acquisitions and believe we are well positioned to continue to solidify our market position and grow our store count. We have received numerous industry awards for our growth initiatives, management team, loyalty program, and our employees’ contributions to the industry. We offer competitive wages and outstanding benefits. Yesway values employees who thrive in a fast-paced, service-oriented, work culture and are focused on execution and collaboration.
Responsibilities:
- Ensure adherence with IT policies, procedures, and processes in accordance with business and regulatory requirements;
- Develop and lead the global information technology compliance program in the areas of information security (PCI, PII, etc.), working in partnership with key stakeholders in the company that include Operations, Legal, Finance, and HR;
- Create IT standard operating procedures and ensure adherence to the organization's SOPs, IT Controls framework, and System Development Life Cycle (SDLC), ensuring current projects meet business and regulatory requirements;
- Manage responses to all IT related audits and privacy related inspections, including PCI, PII and Financial SOX;
- Use technical knowledge to create solutions for system deficiencies and support continuous quality improvement to IT processes and procedures;
- Ensure timely completion of regulatory documentation, including compliance related to PCI;
- Manage relationships with and audit services of external service providers (SAAS and cloud) to ensure SLA compliance with internal security and compliance requirements;
- Review and approve network security-related changes as part of a corporate change management process; and
- Assist peers in related responsibilities, as appropriate, during installation and relocation of infrastructure.
Qualifications:
- Bachelor’s Degree in Computer Science or a related field; or equivalent combination of education and related experience;
- Four or more years’ experience in Information Security and IT Quality-related areas;
- In depth knowledge and understanding of Payment Card Industry Data Security Standards (PCI DSS), compliance requirements and experience developing and implementing PCI compliance policies and procedures;
- Excellent attention to detail with analytical and problem-solving abilities;
- Ability to manage multiple shifting priorities and direct the work of others to meet deliverable due dates;
- Excellent organizational, written and verbal communication skills with the ability to present data and other pertinent information to a variety of audiences; and
- Highly ethical and transparent, with professional sensitivity and care for confidentiality.
YESWAY IS AN EQUAL OPPORTUNITY EMPLOYER.
