Information Security Audit

Are you an individual who wants to play a game changing role and make an impact in a fast-growing organization? We at Northern are waiting for you. Join us and unleash your potential

We are hiring Information Security Audit & Compliance Manager

Join the core group of founding members at the NTE India to build an organization from the ground up.

PRIMARY OBJECTIVE OF POSITION:

The PCI DSS Manager is responsible for managing and maintaining the organization’s compliance with PCI DSS requirements. This role involves coordinating all aspects of PCI DSS assessments, implementing security measures to protect cardholder data, and ensuring continuous compliance with the PCI DSS standards. The PCI DSS Manager will work closely with various departments to mitigate risks, oversee the development and implementation of PCI DSS policies and procedures, and act as the primary liaison with auditors and regulatory bodies.

MAJOR AREAS OF ACCOUNTABILITY:

PCI DSS Compliance Management :

• Lead and manage the organization’s PCI DSS compliance program, including initial certification and ongoing assessments.
• Ensure the organization meets all 12 requirements of the PCI DSS and maintains up-to-date documentation of all compliance activities.
• Conduct regular internal audits and assessments to ensure compliance with PCI DSS.
• Collaborate with external Qualified Security Assessors (QSAs) during official PCI DSS audits and assessments.

Security Policy Development:

• Work closely with the IT Security manager to develop, update, and maintain security policies, procedures, and guidelines to ensure they align with PCI DSS standards.
• Ensure that all security measures and controls are properly documented and communicated to relevant stakeholders.

Risk Management:

• Identify and assess potential security risks related to payment card data.
• Work with the IT Security team to implement and oversee the deployment of security measures to mitigate identified risks.
• Work with the IT Security team and other relevant parties to develop and execute incident response plans for breaches related to cardholder data.

Training and Awareness:

• Develop and deliver training programs for staff on PCI DSS compliance and security best practices.
• Raise awareness of PCI DSS requirements across the organization, ensuring all relevant personnel are knowledgeable about their roles in maintaining compliance.

Vendor Management:

• Oversee the management of third-party vendors to ensure they meet PCI DSS compliance requirements.
• Review and approve vendor contracts and service level agreements (SLAs) to ensure they include appropriate security provisions.

Continuous Improvement:

• Monitor industry trends, regulatory changes, and emerging threats to ensure that the organization’s PCI DSS compliance program remains up-to-date and effective.
• Recommend and implement improvements to the organization’s security posture and PCI DSS compliance program.

Reporting:

• Prepare regular reports on the status of PCI DSS compliance for senior management and other stakeholders.
• Provide detailed reports on any security incidents involving cardholder data and the steps taken to resolve them.

QUALIFICATIONS:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Bachelor’s degree in Information Security, Computer Science, or a related field. A Master’s degree is a plus.
• Minimum of 5 years of experience in information security, with focus on PCI DSS compliance.
• Experience managing PCI DSS compliance in a complex organization.
• Proven track record of successfully leading PCI DSS certification projects.
• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or other relevant security certifications.
• PCI Professional (PCIP) or Internal Security Assessor (ISA) certification is highly desirable
• Ability to travel on an occasional basis

About the Company

Northern Tool + Equipment is a retailer and manufacturer that specializes in offering superior quality tools at great prices, along with the knowledge and support needed to help customers get the job done right.

They’ve been in business for over 40 years, recently reaching revenues over $1.5 billion. The company not only supplies over 100,000 tools from the top brands in the industry but also designs, manufactures, and tests an extensive lineup of premium private label products that customers can’t get anywhere else.

Northern Tool’s far-reaching customer base includes handy men and women, weekend hobbyists, serious do-it-yourselfers, full-fledged contractors, trade professionals, and more. The company’s products can be found in over 140 retail stores in the USA, on its comprehensive international website, and via numerous catalogs throughout the year. Recently Northern Tool has expanded operations to offices in India to serve its global distribution better.

We are recently named as one of the Top Workplaces for MidSize Employers by Forbes in the US.

We have also been recognized as the “Top GCC to work for in AI and analytics” and our India HR team as the “Top HR Professionals in AI and Analytics” by 3AI which is a professional firm associated with analytics within India.

About NTE India

Northern Tool is making a significant investment in business transformation. We are committed to providing our customers with an exceptional experience. The team in India will enable Northern Tool to expand its internal capabilities in Finance, Merchandising, Product Engineers, Manufacturing Ops, Marketing, Contact Center, and Information Technology.

Why Northern?

True Northern: We know that our strength is our people. The distinct abilities they bring into the system are the key to our success. We seek talented people who wish to share their initiative, ideas, and expertise; we develop and support our teams, and we put them in a position to succeed. We know our customer; we provide value, and we act with integrity. We are True Northern.

Build Lasting Relationships: At Northern Tool + Equipment, we’re far more interested in building relationships than we are in simply making transactions. Our purpose is building a long-lasting relation with our customers and employees.

We care for our customers, employees and society. Our customer base is exceptionally loyal because customers know that we will give them the right solution.

Accelerate Decision Making: by collaborating with the brightest minds, bring ideas to life across our value chain of business operations across our vast network of over 140 stores across the US.

Lead with Innovation: Join us to elevate our customer experience with cutting-edge products, technology, and business processes and drive our business forward.

We are Family: As a family-owned business, we have respect for personal lives; wherever possible, we strive for flexibility in work schedules, and we maintain a relaxed, professional atmosphere.

Does this sound interesting?? Be an early applicant

Northern Tool is an Equal Opportunity Employer. We encourage and empower everyone and support diversity in experience, and point of view. We are pledged to a fair and a transparent hiring process with no discrimination of race, color, ancestry, religion, gender, national origin, age, citizenship, marital status, disability, or veteran status.