Information Security Specialist - VSRP

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.

Ensures the security posture of Global Payments through the security assessment, risk ranking, and continuous monitoring of critical vendor relationships. In this role you will help define efficient vendor assessment processes, identify and nurture partnerships both internal and external, and help coordinate vendor assessment activities. You will work closely with the Vendor Management Program Office (VMPO), Legal, Compliance, and Operations to provide cybersecurity expertise at vendor onboarding and throughout the vendor lifecycle.

• Serves as a subject matter expert for the assessment of vendors and recommendations for risk treatment of identified gaps.

• Performs vendor security assessments.

• Coaches team members on the vendor assessment process and helps guide them through challenges as needed.

• Maintains and authors process documentation as required for existing processes or to define new processes to be implemented.

• Engages in special projects as required to deliver writeups, reports, or assessment summaries.

• Keeps up-to-date knowledge of new and emerging threats that can affect the organization's information assets by analyzing third party vendors and their respective infrastructure, policies, and best practices.

• Coordinate with relevant departments to help ensure the information in the Third-party Risk Management (TPRM) tool remains current and up to date.

• Respond to and process Threat intel alerts received from the TPRM tool through to resolution.

• Manages communication from the Vendor Security Risk Program (VSRP) to our internal partners in the event of a vendor incident.

• Assesses risks based on changes to implementation of NIST (National Institute of Standards and Technology, ISO (International Organization for Standardization)/BSO (Business Services Online); enhances knowledge of PCI (Payment Card Industry)/Logical Security guidelines and models, HIPPA (Health Insurance Portability and Accountability Act), PII (Personally Identifiable Information) , and Card personalization.

• Enhances understanding of business objectives and helps provide direction based on risk, Corporate Security Policy, and association and regulatory guidelines.

• Other duties as assigned.

Minimum Qualifications

• Bachelor's Degree

• Relevant Experience or Degree in: Bachelor's degree in Computer Science, Info Security, or related field

• Minimum 6 Years Relevant Experience

• A proven track record of success assessing and monitoring the security posture of vendors.

• Including network operations or engineering or system administration on Unix, Linux, MAC(Message Authentication Code), or Windows; proven experience working with security operations, intrusion detection systems, Security Incident Even Management systems, and anti-virus collection logs; including knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act)), etc.). Knowledge of industry standard security compliance programs ((PCI(Payment Card Industry), SOX(Sarbanes-Oxley) , GLBA(Gramm Leach Bliley Act), etc.)

Preferred Qualifications

• Professional certifications CISSP (Certified Information System Security Professional), CISM (Certified Information Security Manager) , CISA (Certified-Information-Systems-Auditor), GSEC (GIAC Security Essentials , Network +, Security +

• Soft Skills/Intrapersonal Skills - Exceptional verbal and written communication skills.

• Ability to positively influence to effect change within the organization.

• Ability to work within a team of exceptionally skilled individual contributors.

• Skills / Knowledge - Having wide-ranging experience, uses professional concepts and company objectives to resolve complex issues in creative and effective ways.

• Job Complexity - Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Networks with key contacts outside their own area of expertise.

• Supervision - Determines methods and procedures on new assignments and may coordinate activities of other personnel (Team Lead).

• Risk Assessment - Ability to identify, communicate, and mitigate vendor security risk.

• Industry Knowledge - Continued self-education of new and emerging threats and relevant processes, controls, or technologies to mitigate them.

• Incident Response - Knowledge and skills to contribute to all phases of Incident Response.

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact jobs@globalpay.com.