Business Information Security Officer

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services.  Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results.  We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions.  Join our dynamic team and make your mark on the payments technology landscape of tomorrow. 

Summary of This Role

Provides technical guidance on information security policies, procedures, technologies and compliance-related activities as a technical advisor and partner to assigned business units.  Works with key stakeholders at multiple levels in order to identify and align business and Information Security objectives, discover pain points, provide recommendations, and recognize current and future security needs. Investigates and resolves security incidents and recommends enhancements to improve security.  Provides advice and oversight to ensure that Information Security policy is in compliance with processes and systems used by the assigned business unit.

What Part Will You Play?

• Builds relationships with individuals outside their primary area of work, promoting Information Security and risk awareness. Demonstrates broad knowledge and understanding of information security and business needs by identifying and engaging appropriate IS support teams to mitigate risk.
• Identifies and seeks guidance on rating risk associated with third party vendors and internal application / processes. Supports internal security and moderate level (internal category three / four) vendor security reviews; initial and periodic information security reviews, technical assessments, and participates in associated quarterly business reviews.  Provides guidance and suggestions on remediation of findings and evaluates solutions to reduce residual risk.
• Provides support on internal and industry specific IT policies, procedures, standards and works as a liaison on system solution design. Provides suggestions on methods to mitigate new and emerging threats that affect information assets, collaborates with Architecture & Engineering teams on third party software/solutions, IT configuration changes (including access control requests), and network/system architecture from risk perspective, and provides appropriate business direction. Delivers elements of the overall information security education and awareness program via staff induction sessions and training classes.  Mentors team members and business units to build knowledge of information security.
• Provides support for information security incident response, investigation, resolution and closure of incident response processes.  Consults on incident handling process which includes implementation of containment, protection and remediation activities. Collaborates with Threat Management Center on responses to known and emerging threats against the network. Partners in the after action reviews of security incidents for process improvement.  Provides support for forensic and incident security investigations in accordance with the incident response plan.
• Assists with the review of business requests to determine level of risk acceptance to mitigate impact. Informs management of security policy variances.
• Not an exhaustive list; other duties as assigned.

What Are We Looking For in This Role?

Minimum Qualifications

• Bachelor's Degree - Computer Science, Information Security, or related work experience.

• Typically Minimum 6 Years Relevant Exp - Knowledge of industry standard security compliance programs PCI (Payment Card Industry), FFIEC (Federal Financial Institutions Examination Council), SOX(Sarbanes-Oxley), GLBA(Gramm Leach Bliley Act), and HIPAA (Health Insurance Portability and Accountability Act).

• Required Certification(s) / Licensing:  Professional certifications CISSP (Certified Information System Security Professional), CISM (Certified Information Security Manager), CISA (Certified-Information-Systems-Auditor), GSEC (GIAC Security Essentials), Network +, Security +

What Are Our Desired Skills and Capabilities?

• Skills / Knowledge - Having wide-ranging experience, uses professional concepts and company objectives to resolve moderately complex issues in creative and effective ways. Having ownership of a sub-function, account or matrix management responsibilities, applies knowledge to meet goals, maintain relationships, propose opportunities to expand the business, and lead matrix teams. Some barriers to entry exist at this level (e.g., dept./peer review).
• Job Complexity - Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Networks with key contacts outside own area of expertise.  Builds on/Maintains external relationships of assigned accounts.
• Supervision - Determines methods and procedures on new assignments and may coordinate activities of other personnel (Team Lead).

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact jobs@globalpay.com.