Foot Locker, Inc. (NYSE: FL) is a $8 Billion company with 43,000 employees worldwide and approximately 3,500 athletic retail stores in 24 countries in North America, Europe and Australia under the brand names Eastbay, Foot Locker, Lady Foot Locker, Kids Foot Locker, Footaction, Champs Sports, SIX: 02, Runners Point and Sidestep. We attribute our success to the drive and intelligence of our Associates. Operating in team-driven culture, our goals and achievements as a company are boundless!
We are looking for a Senior IT Security Compliance Analyst-PCI to join our dynamic team. This position will ideally be located in our Chicago, IL office, but may also be open to the following locations: Milwaukee, WI, Wausau, WI or Camp Hill, PA.
SUMMARY OF POSITION:
The Senior IT Security Compliance Analyst-PCI will be responsible for supporting the IT Security Compliance Manager in developing and implementing appropriate policies, procedures and programs (i.e. risk assessments, internal controls and corrective action plans) to facilitate and maintain Foot Locker’s ongoing compliance and other federally mandated compliance. The analyst will also develop, mature and maintain PCI compliance for Foot Locker’s Omni-channel point-of-sale (POS) environments. The analyst will act as a PCI Subject Matter Expert for enterprise security controls and reporting obligations for card data environments.
Represent interests of Foot Locker in IT Security and Compliance affairs.
- Obtain and review evidence of compliance and adherence to PCI standards
- Provide guidance regarding PCI requirements and key domains of security controls including change management, system access, network, encryption, security testing, policy, and etc.
- Track and resolve IT controls questions and considerations raised by the business
- Represent department’s interests on cross functional teams, working with other departments to facilitate knowledge sharing
Ensure that all IT activities of Foot Locker comply with the rules and regulations governing the retail industry.
- Plan and coordinate multiple projects, and continuously improve and update audit procedures
- Review and propose changes to system processes and procedures to reflect the needs of internal and/or external compliance requirements
- Coordinate the activities of the external auditor for the global data center testing and for the testing of the in-scope group of Foot Locker entities worldwide
Collect data and monitor Foot Locker‘s activities in compliance with regulatory requirements.
- Perform audits of IT systems and related processes driving PCI, HIPAA, Sarbanes-Oxley (SOX), GDPR, and ISO27001 compliance
- Ensure assignment and monitoring of remediation plans; track related work papers and ensure sufficient documentation is maintained by accountable owners
- Perform testing of IT general controls within Foot Locker
SKILLS & KNOWLEDGE:
- Experience with IT Governance, Risk and Compliance, as well as IT Security initiatives including PCI, COBIT, and ISACA auditing standards
- Must be able to quickly conceptualize and explain new methods, processes and procedures for practical application
- Strong Analytical/Organizational/Time Management skills
- Strong Interpersonal and Communication Skills
- Proficient in communicating technical concepts to a non-technical audience
Requires a Bachelor’s Degree in Information Security or closely related field with 5 years of PCI experience
At least 3 to 5 years of experience with PCI
- PCI Qualified Security Assessor (PCI QSA) certification or Certified Information Systems Auditor (CISA) certification is desirable