Compliance Risk Assurance

Role Overview

As a Senior Compliance Risk Assurance, you will work closely with internal and external clients, supporting the CISO and the Global Security Compliance team in aligning Planet's information and cyber security programme, and will be responsible for planning and conducting third-party and regulatory compliance audits.

What you will do

• Assists in assessing and updating Planet's policies/procedures and security controls in relation to PCI DSS, P2PE, 3DS and PIN; SOX, NIST, ISO 27001, NESA IAR, NIST Cyber Security Framework and CIS Controls (other frameworks as required).

• Maintaining the annual re-certification of cloud-based and in-house applications and systems in accordance with PCI DSS, PCI 3DS, PCI PIN and PCI P2PE and SOC 1 Type 2.

• Mapping of Planet's information and cyber security controls against framework requirements

• Capable of gathering and analysing data from multiple sources

• Able to work closely/collaboratively with other departments to ensure completion of tasks

• Timely execution and completion of assigned audit projects, coordinating the timing and scheduling of audit activity to achieve completion of the project audit plan

• Understands evidence requirements

• Examine in-scope controls, evaluate the design and operational effectiveness, determine exposure to risk, and develop remediation strategies

• Review, evaluate, and test application controls.

• Ability to develop audit response plans detailing who is responsible for remediation, the timeframe for remediation, the evidence to be provided and how it will be provided

• Respond to Security Assessments submitted by Planet's customers and partners in collaboration with the bid team.

• Draft, review and execute RPF responses submitted by our key vendors.

• Provide recommendations and guidance on identified security and control risks.

• Develop a strong understanding of business and system processes.

• Desire to understand the Cyber Threat Landscape and the counter measures used to mitigate threats to Planet’s Infrastructure, data, and customers

• Candidate with become familiar with Planet’s Cyber Security toolset and the methods used to support Planet’s Security Program

• Comfortable in working in a virtual environment with limited in-person face-to-face interaction.

Who you are

• Bachelor’s degree in an IT-related discipline preferred.

• Experience with audit and internal controls development and testing

• 5 years of work experience as an Information Compliance Risk Assurance preferably working in Financial/Payments sector.

• Great awareness of cyber security trends. Knowledge of IT general controls and internal control areas is required, as well as an understanding of internal audit standards, PCI DSS, P2PE and PIN, SOX, NIST, ISO 27001, NESA IAR, and risk-assessment practices.

• A clear understanding of IT audit methodologies.

• Ability to work under pressure in a fast-paced environment.

• Detail-oriented, self-directed; able to work with all levels of staff and management, handle multiple tasks simultaneously and meet established deadlines

• Ability to understand and communicate technical content to both specialist and non-specialist audiences

• Excellent communication skills, both verbal and written.

• Strong interpersonal skills and ability to build and maintain relationships with client organizations.

• Performs duties and responsibilities with a systematic approach and strives to complete work to a high level of quality

Why Planet:

Planet is an equal opportunity employer where diversity is valued, and all employment is decided based on qualifications, merit, and business need.

Come and grow your career in the most exciting, fast paced technology market, with a business that delivers feel-good connected commerce. 

We would love to hear from you – Apply now.

At Planet, we embrace a hybrid work model, with three days a week in the office.
 

Reasonable accommodations may be made in order to allow for an individual to perform the essential functions of this role successfully.