Compliance Manager at POS Portal, Inc in Sacramento, California

Job Description:

The Compliance Manager is responsible for overseeing POS Portal’s compliance and audit activities related to security and operational functions. Additional responsibilities include PCI compliance, Sarbanes Oxley compliance, management of internal audits, and management of client audit requests. The Compliance Manager guides the organization through annual audit activities and works cross-functionally with departments to gather information required to maintain specific compliance standards in the completion of audit requests. In addition to reporting to the VP, Operations, the Compliance Manager works closely with IT Security and Internal Audit for ScanSource, POS Portal’s parent company.

At POS Portal...
We are an innovation and technology company. We don’t offer jobs, we offer careers. We’re not just local, we’re global. We’re never satisfied with the status quo; we constantly seek to innovate and add value. We do this first for our employees, followed by our customers and our community. Our highly talented, driven team of entrepreneurial professionals create value and solve challenges for our clients every single day. We’re a high growth company and we’re part of a global powerhouse that is revolutionizing the industry. Join POS Portal and you’ll experience the career opportunity of a lifetime. Local company, global opportunity.

Company Description
POS Portal was founded in Sacramento in 2000 and is now part of the global Scansource group of companies. Spearheading the Payments business, POS Portal offers the unique opportunity of working for a local tech company with the resources of a billion dollar+ global organization! We enable payments technology and focus on innovations and programs designed to streamline the process of getting secure and maintained Point-of-Sale devices anywhere and everywhere merchants need them. Hardware, software, mobile solutions…we solution for everything in the Payments ecosphere.

Responsibilities:

• The Compliance Manager is responsible for ensuring information security risk is effectively identified and appropriately managed for business units. This includes:
  
  
  
  • Identifying and understanding key business processes and supporting technology solutions within a Business Unit in order to identify both business process and technology risks
  
  
  • Coordinating with appropriate resources annually to identify and schedule various risks assessments for assigned Business Unit, and helping to develop risk mitigation plans as risks are identified
  
  
  
  


• Maintaining a detailed calendar of scheduled and ad-hoc audits for the company.


• Serving as the liaison for HQ to Business Units and departments, coordinating and engaging other resources as necessary to ensure support of the security posture of the business


• Serving as the main point of contact for Audit and Regulatory Compliance as needed during client audits and when RFP responses are requested. Responsible for completing audit questionnaires and forms.


• Manage audit activities related to PCI DSS, SOX 404, SOC 2, Graham Leach Bliley Act, Cybersecurity, ITIL, and Banking IT standards


• Function as the single point of information for all audit activities


• Maintain and update all POS Portal audits and compliance policy documents


• Present to management any audit findings


• Coordinate with other departments regarding the implementation and validation of audit remediations


• Work with external firms to complete annual assessments, such as SOC2 report


• Adhere to the annual activity schedule and manage competing requests


• Create and maintain a library of audit responses and evidence


• Maintain and manage POS Portal Vendor Management program

Must Haves:

• 
  Minimum Education (or substitute experience) required:
  
  
  • Bachelor’s degree in Computer Science, Engineering, MIS or related field; and
  
  
  
  


• 
  Minimum Experience required:
  
  
  
  • 10+ years IT security-related experience; or
  
  
  • Equivalent combination of education and experience.
  
  
  • Master's degree and certifications such as CISSP, CISA, CISM, and/or SANS GIAC preferred.
  
  
  
  


• Skills required:


• Working knowledge of PCI DSS, SOX 404, SOC 2, Graham Leach Bliley Act, Cybersecurity, ITIL, and Banking IT standards
  
  
  
  • Strong working knowledge of all Information Security domains including: network protection, policies, intrusion detection/prevention, access control, etc.
  
  
  • Ability to coordinate Risk Assessments, technical vulnerability assessments and/or external/internal audits.
  
  
  • Strong working knowledge of overall IT functions and strong knowledge of business operations, policies and practices.
  
  
  • Strong writing skills in order to develop formal whitepapers, business cases, reports, and exceptions to the executive management team; reporting technical issues in business terms.
  
  
  • It is critical that the individual in this role has well developed communication skills and shows a commitment to helping find solutions that address risk while helping to enable business.  
  
  
  
  

Reasons to Work at POSP

POS Portal/ ScanSource, Inc. is an Equal Opportunity Employer EOE/M/F

See job description