Full-Time

Security Advisor

PCI Practice

Posted on 10/14/2024

Nelnet

Nelnet

1,001-5,000 employees

Government & Public Sector
Energy
Financial Services
Education

Compensation Overview

$95kAnnually

Senior

Remote in USA

Category
Cybersecurity
IT & Security
Requirements
  • Minimum acceptable education requirements: Bachelor’s degree, and/or 5 years’ experience in the information security industry (preferably at an institution of higher education)
  • Minimum acceptable certification requirements: Possess at least one of the industry-recognized information security and/or audit certification(s) required to obtain the Qualified Security Assessor (QSA) certification.
  • Information Security certifications: ISC2 Certified Information System Security Professional (CISSP), ISACA Certified Information Security Manager (CISM), Certified ISO 27001 Lead Implementer (when issued by an accredited certification body)
  • Audit certifications: ISACA Certified Information Systems Auditor (CISA), GIAC Systems and Network Auditor (GSNA), Certified ISO 27001 Lead Auditor or Internal Auditor (when issued by an accredited certification body), IRCA ISMS Auditor or higher—e.g., Auditor/Lead Auditor, Principal Auditor (“Provisional” auditor designations are not sufficient), IIA Certified Internal Auditor (CIA)
  • Candidates must agree to prepare for and pass the PCI Qualified Security Assessor (QSA) certification and any other certifications as directed by their manager.
  • Minimum acceptable work experience requirements: All candidates must have a minimum of five years of relevant information security experience, to align with the minimum experience requirements for a QSA. This experience must cover at least one year each in application security, information systems security, network security, IT security auditing, and information security risk assessment or risk management.
  • At least two years’ experience working with PCI DSS compliance is required, either as an assessor or internally to manage PCI DSS compliance.
Responsibilities
  • Consult both onsite and remotely with customers to collect, review, and analyze data related to current institutional policies, business practices and procedures, network infrastructure, IT system configurations and physical security as they relate to multiple compliance requirements (primarily PCI DSS).
  • Performing gap analysis of sampled merchant environments and overall compliance program/centralized controls.
  • Provide in-person or remote orientation sessions to customer personnel.
  • Review requirements with third-party service providers as necessary to clarify roles and help the customers achieve information security and compliance objectives.
  • Make recommendations for remediation steps required to achieve information security and compliance objectives.
  • Upon requests from ongoing customers, the Security Advisor may review customer-prepared industry reports (such as a PCI Self-Assessment Questionnaire) and provide feedback/guidance to ensure accurate reporting, or in some cases assist the customer with the preparation of required industry-standard reporting obligations.
  • Perform gap assessments through interviews, observations, evidence review, and physical/remote assessments to evaluate customer networks, infrastructure and operations as it relates to compliance objectives (primarily PCI DSS).
  • Report on findings and provide customers with remediation options when appropriate.
  • Participate in sales calls as an industry expert. Attend conferences as appropriate.
  • Prepare and perform industry-related presentations and/or webcasts. Other sales/marketing support duties as requested.

Company Stage

IPO

Total Funding

N/A

Headquarters

Lincoln, Nebraska

Founded

1977

Growth & Insights
Headcount

6 month growth

0%

1 year growth

0%

2 year growth

0%
Simplify Jobs

Simplify's Take

What believers are saying

  • Nelnet's diversification strategy mitigates risks and taps into sports software and telecom markets.
  • Collaboration with Convera enhances reputation by addressing affordability and data security in education.
  • Partnerships and investments position Nelnet for growth in fintech and agri-tech sectors.

What critics are saying

  • Website and call center outages could lead to customer dissatisfaction and reputational damage.
  • Reduction in call center hours and layoffs may impact timely customer service and retention.
  • Shift from student loans to diverse startups may dilute focus and affect core operations.

What makes Nelnet unique

  • Nelnet's strategic investment in Edge Focus enhances fintech solutions and consumer finance innovations.
  • Partnership with Otus provides Nelnet a competitive edge in education technology market.
  • Investment in Nave Analytics supports sustainable agricultural technologies, opening new revenue streams.

Help us improve and share your feedback! Did you find this helpful?

INACTIVE