Information Security Principal

The Information Security Principal supporting PCI Compliance will focus on the collection of evidence for PCI compliance, ensuring that all technologies, processes, and procedures align with PCI regulations. This role requires strong technical skills and the ability to work independently with minimal guidance, while also providing understanding of PCI requirements to team members when needed.

What you do

• Technical Knowledge: Develop and Review technical solutions to address regulatory compliance requirements.
• Evidence Collection: Gather, validate, and maintain evidence required for regulatory compliance.
• Compliance Monitoring: Regularly monitor and review compliance status and ensure adherence to regulations.
• Incident Management: Identify, manage, and escalate IT security incidents related to regulatory compliance.
• Documentation: Maintain comprehensive documentation of compliance processes, procedures, and evidence collected.
• Collaboration: Work closely with the PCI Manager and other stakeholders to ensure continuous compliance and improvement of security measures.

What you bring

• Education: Bachelor’s degree in Information Technology, Computer Science, or a related field, or equivalent work experience.
• Experience: 
  • • 7-10 total years of experience in Information Technology and Information Security,
    • 5 years infrastructure engineer and/or cloud developer experience,
    • 3-5 years with a focus on PCI compliance
• Technical Skills:
  • Strong understanding of PCI regulations and requirements.
  • Proficiency in monitoring and processing data related to IT security.
  • Deep understanding IT solutions, including:
    • • Operating Systems:
        • Proficiency in Windows, macOS, and Linux operating systems.
        • Experience with server operating systems such as Windows Server and various Linux distributions (e.g., Ubuntu, CentOS).
      • Networking:
        • Understanding of network protocols (TCP/IP, DNS, DHCP, etc.).
        • Experience with configuring and managing routers, switches, firewalls, and VPNs.
        • Knowledge of network troubleshooting tools and techniques.
      • Hardware and Software Troubleshooting:
        • Ability to diagnose and resolve hardware and software issues.
        • Experience with computer hardware components, peripheral devices, and software applications.
      • Security:
        • Knowledge of cybersecurity principles and best practices.
        • Experience with antivirus software, firewalls, and intrusion detection/prevention systems (IDS/IPS).
        • Familiarity with data encryption, access controls, and security compliance standards (e.g., PCI DSS, GDPR).
      • Cloud Services:
        • Experience with cloud platforms such as AWS, Microsoft Azure, or Google Cloud.
        • Knowledge of cloud computing concepts, including IaaS, PaaS, and SaaS.
      • Virtualization:
        • Proficiency in virtualization technologies such as VMware, Hyper-V, or KVM.
        • Experience with creating and managing virtual machines and virtual networks.
      • Database Management:
        • Knowledge of database systems such as SQL Server, MySQL, PostgreSQL, or Oracle.
        • Experience with database administration, backup, and recovery.
      • Scripting and Automation:
        • Proficiency in scripting languages such as PowerShell, Bash, or Python.
        • Experience with automation tools and frameworks.
      • System Administration:
        • Experience with user account management, group policies, and directory services (e.g., Active Directory).
        • Knowledge of system monitoring and performance tuning.
      • Backup and Recovery:
        • Experience with backup solutions and disaster recovery planning.
        • Knowledge of data backup and restoration processes.
  • Strong problem-solving skills and ability to work independently.
    • Good communication skills, both written and verbal.

Competency Levels:

• Autonomy: Works with little guidance and performs the majority of tasks independently. May mentor junior or new team members.
• Complexity: Carries out a variety of tasks in non-standardized work situations. Solves problems based on practice, precedent, and factual information analysis.

Knowledge:

• Profound knowledge and work experience of processes, procedures, and concepts within IT security.
• Basic knowledge of related topics in the overall context of information security governance.

Certifications:

• • • Certifications in IT/IS domains strongly preferred:
      • Certified Information Systems Security Professional (CISSP)
      • Certified Information Security Manager (CISM)
      • Offensive Security Certified Professional (OSCP)
      • Certified Cloud Security Professional (CCSP)
      • AWS and/or Azure Solutions Architect

Certified Information Systems Auditor (CISA)

Locations

• Hybrid 2-3 days/week in Minneapolis, MN 

About Allianz Technology

Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 12,000 employees located in 51 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.

We oversee the full digitalization spectrum – from one of the industry’s largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age.

D&I Statement

Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life.

Join us. Let´s care for tomorrow.

You.IT