Sr. Cybersecurity Manager

  • CardinalCommerce
  • Cleveland, OH
  • 15/09/2020
Full time Administration Operations Backoffice

Job Description

Now, more than ever, it's not only convenience but safety we think about when we choose to shop online rather than going into an actual store. Cardinal, a Visa solution, is a global leader in authenticating digital transactions. We work every day to make the digital shopping experience safe, rewarding, and engaging. For over two decades, we've been bringing merchants, issuers, and shoppers together in an experience where everybody wins. With a singular focus, proven technology, and dedicated service, we continuously raise the bar for payment authentication around the world. We are one of the leading FinTech companies in Northeast OH. We are proud of what we do and how we do it.

When you work with us, you get the best of two worlds. Cardinal is a small company, with a welcoming, family-like atmosphere. But as a Visa solution, we offer the world-class resources and benefits of a global company. As companies with a worldwide customer base, both Cardinal and Visa realize the benefits of having a diverse employee base, both for our products and customer service. We are dedicated to continuous improvement in all that we do. We use Lean and Agile principles and rituals as the framework for achieving that improvement. To achieve these goals we need accomplished and ambitious people - people that recognize the value that comes with the varying perspectives, and the cultural awareness that comes with our diversity.

Location:

This role is eligible for remote work from anywhere in the US, or could be based out of our headquarters in Cleveland, OH.

The Purpose:

Responsible for security operations management and managing the security compliance requirements processes for Payment Card Industry Data Security Standards (PCI DSS), Visa Enrollment and Access Control Server (EACS), and other Customer security requirements. This includes leading the ongoing effort of improving security processes/procedures, performing routine system security tasks, coordinating security training, and managing risk assessment and security audit operations. This work involves collaboration with various teams and coordination of the Cybersecurity resources to meet strict security requirements.

So what do we actually do?

  • Manage a team of cybersecurity analysts and engineers dedicated to meet Visa's strict security requirements
  • Manage the Cardinal Cybersecurity Project Roadmap
  • Develop and grow the Cybersecurty programs through new tools and initiatives
  • Oversee routine security audits, reviews, and tasks to meet and/or exceed PCI DSS, Visa EACS, and other industry and Customer requirements
  • Coordinate security training programs and administration
  • Identify and propose security policy, procedure, and process improvements
  • Manage the implementation and maintenance of designated security policy, procedure, and process improvements
  • Ensure client and partner data is well protected for the top merchants and issuing banks around the globe.

To accomplish the above we frequently:

  • Perform routine security compliance operations
  • Have daily stand-up calls to discuss current risks and challenges
  • Provide support to Sales and Customer Service to address security and risk management inquiries and requests
  • Manage security and risk assessment site visits
  • Review activity logs and build reports to detect risks
  • Ensure vulnerabilities are remediated in a timely manner
  • Coordinate with the Visa Security teams to ensure alignment on all things security
  • Coordinate with the IAM point of contact for a set of assigned applications and manage the IAM end-to-end lifecycle (approval workflows, transfer reviews, user access revalidations, user access provisioning/de-provisioning, offboarding and service account vaulting) for these applications

What we need you to have:

  • Minimum of a Bachelor's degree in computer science, information security or other related field
    • In lieu of degree, a high school diploma/equivalent with four or more years related experience and/or training or equivalent combination of education and experience will be considered
  • 8+ years of experience managing security related information, audits, documentation, and training
  • 5+ years of experience in a management position
  • Knowledge of general networking architecture and use of network segmentation
  • Experience performing vulnerability scanning and penetration testing both at an application and network layer

What we would prefer you to have:

  • Experience or familiarity with the Payment Card Industry, eCommerce, and/or mobile commerce
  • Experience implementing and maintaining information security technologies, such as:
    • IDS/IPS,
    • database activity monitoring,
    • secure password repository,
    • multi-factor authentication,
    • key and certificate management,
    • change detection,
    • and vulnerability scanners,
    • SEIM,
    • malware prevention,
    • DLP
  • Security certifications such as CEH, CISSP

Physical Requirements:

This position will be performed in an office setting. The position will require the incumbent to sit and stand at a desk, communicate in person and by telephone, frequently operate standard office equipment, such as telephones and computers, and reach with hands and arms. Cardinal/Visa is an EEO Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status. Cardinal/Visa will also consider for employment qualified applicants with criminal histories in a manner consistent with EEOC guidelines and applicable local law.