IT Security Compliance Analyst
HomeAway, based in Austin, Texas, is the world leader in vacation rentals with more than 2 million unique places to stay in 190 countries, and is a part of the Expedia, Inc. family of brands.
HomeAway offers an extensive selection of vacation rental homes that provide travelers with memorable experiences and benefits, especially more room to relax, for less than the cost of traditional hotel accommodations. The company also makes it easy for vacation rental owners and property managers to advertise their properties and manage bookings online.
Have you ever had the opportunity to impact the lives of millions of people in a meaningful way and help them enjoy time away with their friends and families building memories? That’s what we do here at HomeAway.com, an Expedia Inc. company. We are the leading vacation rental website in the world with more than one million online bookable vacation rentals. Our mission is to make every vacation rental in the world available to every traveler in the world through our online marketplace and we're committed to helping families and friends find the perfect vacation rental to create unforgettable travel experiences together.
Working with the IT Risk Manager, the IT Compliance Analyst will aid in oversight of Payment Card Industry Data Security Standard (PCI-DSS) compliance programs. You will provide guidance to and collaborate with IT and the business to map business processes into the underlying technology components and perform an Information Security Assessment based on the PCI DSS standards.
- Define PCI-DSS scope by identifying applicable technology components, data flows, possible interfaces, and business processes/use-cases.
- Determine controls applicable to each in-scope area based on level of interaction with credit card information.
- Identify inconsistencies and gaps within a business and IT processes and collaborate with partners to clarify and simplify complex processes in order to remediate a gaps.
- Facilitate external assessments, including leading discussions, being a liaison between assessors and control owners, responding to audit requests, and working with partners to timely resolve audit issues or findings.
- Produce high quality documentation and support guidance with facts and evidence.
- Effectively build and manage trusted partnerships with internal collaborators through knowledge, consistency, and quality of work.
- Ensure consistency to the organization’s PCI-DSS controls through monitoring and evaluating control execution outside of the external assessment.
- Research and remain up-to-date on PCI-DSS requirements and Council publications.
- Provide creative risk mitigation solutions that align with the business objectives.
- Bachelor’s Degree and at least 3 - 5 years of experience in an information security environment including knowledge of PCI-DSS and related controls.
- PCI ISA Certification at a minimum; QSA certification or experience preferred.
- Proven track record in PCI compliance initiatives.
- Must effectively take care of rapid technological and business changes while maintaining enthusiasm, displaying good judgment, and being a solutions provider.
- Highly proficient in verbal and written communication.
- Highly motivated self-starter.
- Must have the ability to work independently.
Benefits and Perks:
- Competitive health and insurance benefits
- Competitive salary
- Annual target bonus or commission
- Paid vacation and sick time
- Vacation rental on a yearly basis (taxable benefit)
- Employee Stock Purchase Program
- Free snacks and beverages
- Frequent company update talks with our leadership team
- Free listing on HomeAway.com
- Electronic, adjustable stand-up desk
- Discounted Metro & Rail pass
- Casual dress