Dillard’s is seeking a Compliance and Governance Analyst in Little Rock, Arkansas. The Compliance and Governance Analyst will be responsible for supporting internal compliance efforts, identifying and assessing risks, verifying Business as Usual practices are followed, as well as leading IT in the annual SOX and PCI assessment. This role offers the opportunity to build solid relationships throughout the enterprise with operations, developers, and vendors while learning about the vast amount of technologies employed within our organization.
Roles and Responsibilities:
- Identify trends, root causes, and key risk indicators of non-compliance.
- Lead IT in the annual PCI and SOX audits.
- Document and modify Enterprise Policies, IT Security Standards, and Procedures.
- Train as a PCI Internal Security Assessor (ISA) in sampling and monitoring technical compliance requirements.
- Articulate compliance goals and initiatives effectively to gain buy-in, trust, and collaboration from internal management, development, and operations teams.
- Establish and manage project plans and escalation methodologies, project reporting timetables, issue/resolution processes, and requirements prioritization.
- Negotiate remediation priorities.
- Exhibit ownership, follow through, initiative, awareness and effective communication with IT teams and management.
- Interact with Qualified Security Assessor (QSA) and IT Teams to confirm findings and mitigation.
- Participate in the Vendor Management Program.
- Strong problem solving, decision-making, reporting, communication, and management skills.
- Awareness of federal, state, and local laws and regulations regarding PCI, SOX, and Privacy.
- Understanding of creation and maintenance of policies, standards, and procedures.
- Effective planning, implementation, and negotiation skills.
- Strong research and technical writing skills of project plans, spreadsheets, and versioning documents.
- Ability to multi-task and track many simultaneous initiatives.
- 1-2 years of experience in the areas of coordination/project management, compliance/audit, business analysis or software quality assurance
- Ability to work in a fast-paced environment
- Must be tactful, detail oriented, and able to comprehend technical and regulatory requirements.
- Experience testing or auditing technical controls.
- Knowledge of and experience with Payment Card Industry Data Security Standard (PCI DSS) framework, information security or privacy recognized certification(s).