Security and Compliance Engineer
Company: KEH, Inc.
Location: Smyrna
Posted on: May 6, 2024
|
|
Job Description:
Who We Are
KEH
We are the original camera re-commerce company, always envisioning
a better way to support the passion and profession of photography.
Serving the camera community since 1979, we have become the largest
curated market for field-tested, expert-graded photo and video
equipment in the industry.
As a Security and Compliance Engineer, you will play a pivotal role
in safeguarding our organization's digital assets and ensuring
compliance with relevant regulations and standards. You will be
responsible for developing, implementing, and maintaining security
measures to protect our systems, networks, and data from cyber
threats and vulnerabilities. Additionally, you will collaborate
with cross-functional teams to establish and enforce compliance
with industry regulations, such as GDPR, CCPA, PCI DSS, and
others.
Job Responsibilities:
Develop, implement, and enforce security policies, procedures, and
controls to safeguard payment, personally identifiable information
(PII), and employee data across e-commerce and physical retail
platforms.
Conduct regular risk assessments and security audits to identify
vulnerabilities, assess risks, and recommend and implement
mitigating controls.
Design, implement, and maintain physical network security measures
to protect against unauthorized access, intrusion, and data
breaches in both online and brick-and-mortar environments.
Manage and maintain compliance with industry standards and
regulations such as PCI DSS, GDPR, CCPA, and other relevant data
protection laws and frameworks.
Collaborate cross-functionally with IT, engineering, legal, and
other teams to ensure security and compliance requirements are
integrated into business processes and systems.
Stay abreast of emerging threats, vulnerabilities, and regulatory
changes in the security and privacy landscape, and proactively
recommend and implement appropriate measures to mitigate risks.
Provide guidance and support to internal stakeholders on security
best practices, compliance requirements, and incident response
procedures.
Lead or participate in security incident response activities,
including investigation, containment, remediation, and
reporting.
Develop and deliver security awareness training programs to educate
employees on security risks, policies, and procedures.
Qualifications & Education Requirements:
Bachelor's degree in Computer Science, Information Security, or a
related field; or equivalent work experience.
Minimum of 5 years of experience in security and compliance roles,
with a focus on e-commerce and physical retail environments.
Deep understanding of security principles, practices, and
technologies, with specific expertise in physical network security,
wireless access points (WAP), and data protection mechanisms.
Strong knowledge of payment card industry standards (PCI DSS) and
experience implementing and maintaining PCI compliance
programs.
Familiarity with international data protection regulations such as
GDPR and CCPA, and experience ensuring compliance with these
regulations.
Professional certifications such as CISSP, CISM, CISA, or similar
are preferred.
Excellent analytical and problem-solving skills, with the ability
to assess complex security issues and recommend effective
solutions.
Strong communication and interpersonal skills, with the ability to
effectively collaborate with cross-functional teams and communicate
security concepts to non-technical stakeholders.
Proven ability to work independently, prioritize tasks, and manage
multiple projects in a fast-paced environment.
Benefits
Comprehensive medical, dental, and vision
401(k) and company match
Paid vacation, sick time and holiday
Paid maternity/paternity leave
Discounts on camera gear and access to our employee gear rental
program
Job Type: Full-time
Keywords: KEH, Inc., Smyrna , Security and Compliance Engineer, Engineering , Smyrna, Georgia
Click
here to apply!
|