Security Specialist Jobs in Framingham, Massachusetts, MA

Security Specialist

Job Code: TJ_77243
Job Location: Framingham, Massachusetts
Zip Code:
Job Category/Title: Security Specialist
Employment Category: Contract - Corp-to-Corp, Contract - Independent, Contract - W2
Position Type:
Travel Required: No
Interview Type:
Education: Associate Degree
Experience: 5-10 year(s)
Job Description: • Support the identification, implementation, and maintenance of security controls required by PCI, and other regulatory compliance frameworks in a collaborative manner with other key stakeholders
• Participate in the development and oversight of required corrective action plans relating to security compliance and PCI issues
• Provide oversight in order to monitor and maintain and Staples GRC platform (Archer)
• Support security assessments, develop mitigation plans, and work with internal project managers to assign responsibility
• Establish and manage the security risk assessment for new and ongoing projects and advise on architectures, security, and mitigating controls.
• Understand technical implementation details necessary to assess and design practical security controls in conjunction with other Staples functional areas
• Partner with team members and cross functional groups to ensure programs align with PCI compliance requirements
• Assist with responding to external PCI auditor requests inquiring about Staples security posture
• Promote security compliance internally while maintaining Staples core values of transparency, fairness and trust

Required Experience :
• 8 - 10 years of experience in information security, preferably in the audit & compliance related field
• Experience with PCI Compliance, preferably as an active Internal Security Assessor (ISA) or Qualified Security Assessor (QSA)
• Deep understanding of PCI Data Security Standards and other security frameworks such as ISO 27000 Series, NIST, etc.
• Experience working with GRC platforms – Archer GRC v6 strongly preferred
• Experience in performing information security risk assessments
• Strong foundation in and in-depth technical knowledge of security engineering, computer and network security, authentication, and security controls
• Strong understanding of most of the following common security compliance frameworks, controls, and best practices:, OWASP Top 10, SANS CIS Critical Security Controls, (SSAE 16 - SOC 2 and 3; regulations governing personally identifiable information (PII), and other applicable regulatory compliance frameworks
• History of successful engagements with external auditors for various compliance audits
• In-depth understanding of network and system security technology and practices across all major-computing areas
• Security certifications desired such as CISA, CISSP, CISM, CRISC, ISO 27001 etc
No. of Posts: 1
Job Expiry Date: September 30, 2017
Telecommute: No
Contact Information Login To View