Senior Manager - PCI Compliance

Apply now »
Apply now

Date: Dec 2, 2018

Location: Las Vegas, Nevada, US

Company: Las Vegas Sands Corp.

Position Overview:

The primary responsibility of the Senior Manager - PCI Compliance is to provide technical and business support on PCI compliance and data security programs and processes for all The Venetian | The Palazzo. All duties are to be performed in accordance with departmental and The Venetian | The Palazzo Casino Resort’s policies, practices, and procedures. 

Essential Duties & Responsibilities:

  • Identify, analyze, and manage risks and issues that may compromise security and PCI compliance.
  • Remain up to date on PCI regulations and requirements as they pertain to how The Venetian | The Palazzo operates.
  • Report to and provide support to the Director - PCI Compliance in ensuring that all The Venetian | The Palazzo properties are in compliance with PCI regulations. 
  • Manage all aspects of PCI program management to include: assisting each property with documenting their scope, provide recommendations on PCI controls, assisting each property’s project team with documenting all of their controls in a standard framework, and provide cost effective remediation plans.
  • Maintain strong familiarity and understanding of PCI DSS Requirements version 3.1+.
  • Maintain up to date on PCI compliance needs and ongoing interpretation of PCI standards applicable to The Venetian | The Palazzo.
  • Perform audits / sign off on SAQ compliance.
  • Recommend changes and enhancements or additions to security controls of business applications that store, process, and transmit payment card data.
  • Work with Business and IT teams to incorporate PCI compliance requirements into their strategy and roadmaps.
  • Handle risk assessments and audits.
  • Address external PCI QSA, interpret results, and lead remediation efforts.
  • Conduct application testing and source-code reviews, performing web vulnerability assessments, performing application penetration testing, experience, using penetration-testing methodologies including the use of forensic tools/methods.
  • Perform internal and external vulnerability scans, assess results, and work with appropriate IT teams on subsequent remediation efforts.
  • Demonstrate competence in cryptographic techniques such as cryptographic algorithms, key management and rotation processes, and secure key storage.
  • Monitor and track PCI compliance for The Venetian | The Palazzo merchant and service provider businesses.

Additional Duties & Responsibilities:

  • Participate in projects and project planning to identify PCI regulatory requirements that need to be addressed.
  • Collaborate with management, team members, and external PCI assessors to lead efforts in collecting, analyzing, categorizing, and archiving evidence in compliance with regulations and policy.
  • Ensure all Team Members are assigned and complete their required PCI training.
  • Consistent and regular attendance is an essential function of this job.
  • Performs other related duties as assigned.

 

 

Additional Duties & Responsibilities:

Company Standards of Conduct

All Venetian | Palazzo Team Members are expected to conduct and carry themselves in a professional manner at all times. Team Members are required to observe the Company’s standards, work requirements and rules of conduct.

Additional Duties & Responsibilities:

Minimum Qualifications:

  • 21 years of age.
  • Proof of authorization/eligibility to work in the United States.
  • High school diploma.
  • Bachelor’s degree in Accounting or Computer Science preferred.
  • Ability to communicate clearly and effectively in English, both in spoken and written form.
  • Must be able to obtain and maintain a Nevada Gaming Control Board registration and any other certification or license, as required by law or policy. 
  • Internal Security Assessor (ISA) or other PCI certification preferred.
  • 5 years of experience in operational security and/or IT auditing experience.
  • 3 years of experience using a variety of technology platforms (e.g., iSeries, Wintel, VPN, Firewall, Log Monitoring) preferred.
  • Performed at least three PCI DSS Assessments for large scale companies.
  • Demonstrated experience in working with cross functional teams to achieve cost effective IT control implementations.
  • Working knowledge of PCI and security best practices to ensure and track PCI compliance requirements.
  • Ability to provide consulting services to control process owners regarding compliance needs and requirements.
  • Ability to work independently on special projects.
  • Strong negotiating skills with IT, Business, and Audit personnel.
  • Strong interpersonal skills with the ability to communicate effectively with guests and other Team Members of different backgrounds and levels of experience.
  • Must be able to work varied shifts, including nights, weekends and holidays.

 

Physical Requirements:

Must be able to:

  • Lift or carry 20 pounds, unassisted, in the performance of specific tasks, as assigned.
  • Physically access all areas of the property and drive areas with or without a reasonable accommodation.
  • Maintain composure under pressure and consistently meet deadlines with internal and external customers and contacts.
  • Ability to interact appropriately and effectively with guests, management, other team members, and outside contacts.
  • Ability for prolonged periods of time to walk, stand, stretch, bend and kneel.
  • Work in a fast-paced and busy environment.


Job Segment: Compliance, Program Manager, Manager, Law, Consulting, Legal, Management, Technology

Apply now »
Apply now
Share this Job