Shift4 Payments (NYSE: FOUR) is a leading provider of integrated payment processing and technology solutions, delivering a complete omnichannel ecosystem that extends beyond payments to include a wide range of value-added services. The company’s technologies help power over 350 software providers in numerous industries, including hospitality, retail, F&B, e-commerce, lodging, gaming, and many more. With over 7,000 sales partners, the company securely processed more than 3.5 billion transactions annually for over 200,000 businesses in 2019. For more information, visit shift4.com.
The Senior Compliance Specialist works with internal Audit and IT teams to deliver IT Risk and Compliance services. The Compliance Specialist assists with the evaluation of IT controls in the context of PCI, SOX, and Privacy requirements and performs enterprise cyber and technology risk assessments.
- Lead the evaluation of compliance risks and processes in complex information system environments to ensure appropriate controls exist, efficiency and accuracy with processes exist, and information system procedures comply with corporate policies and standards.
- Security Auditor. Evaluate/interpret PCI DSS, PA-DSS, SOX and Privacy requirements and provide guidance to process and control owners on the objective/intent of the requirements.
- Coordinate and interact with external auditors, IT administrators, and business executives.
- Evaluation of IT controls to reduce the impact of internal and external IT audits.
- Assist project teams to evaluate IT Risk and Compliance considerations for projects.
- Conduct formal risk assessments to identify, assess, and measure information security risks for systems, facilities, networks, and projects.
- Manage relationships with security, technology, and business stakeholders to identify and communicate security risks and mitigation approaches.
- Create and manage policy documentation and processes for all essential functions.
- Manage training to address a variety of compliance, privacy and technical requirements.
- Act as cryptographic key manager.
- Complete third-part assessment questionnaires.
- Lead certification and audit events, including discovery, delivery, management response, and remediation activities and prepares assessment summary reports.
- Bachelor’s degree in computer science or related field (work experience and background will be considered in lieu of education)
- At least four years in the field information technology
- At least three years in the field of information security
- Experience with ITGC and SOX audits
- Experience with PCI DSS, PCI P2PE, and PA-DSS a plus
- CISSP, CISA, CISM, GIAC certifications a plus
- items weighing up to 50lbs without assistance.
- Self-starter with the ability to perform tasks as an individual contributor or as a project lead.
- Established work history and increasing responsibilities as an information security practitioner, to include broad, hands-on experience with security technologies, audit techniques, and risk management.
- Must have a strong security audit background to include SOX compliance projects.
- Work independently with minimal direction as an individual contributor and as a project lead in a matrix team.
- Knowledge of cryptographic key management.
- Ability to lift and move items weighing up to 50 lbs. without assistance.
- Exceptional communication skills to effectively interact with internal and external partners on all levels to resolve issues and provide solutions in a timely manner.
Shift4 Payments provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics.