Senior Analyst, PCI Compliance and Internal Controls, Finance

Full Time Canada Finance

Job Overview

  • Company Name University of Calgary
  • Job Start Date Fri, 10 Nov 2023 05:58:25 GMT
  • Job Type Full Time - Permanent
  • Job Source Careerjet

Job title: Senior Analyst, PCI Compliance and Internal Controls, Finance

Job description: Position Overview

The Financial Reporting Operations team in Finance is currently seeking a Full-time Regular Senior Analyst, PCI Compliance and Internal Controls.

This positions reports to the Director, Financial Reporting. The primary role of the Senior Analyst, PCI Compliance and Internal Controls is to manage the university’s PCI compliance program by providing direction, guidance, and ongoing monitoring of all program components. The role will provide inter-departmental and cross faculty strategic support to ensure that campus wide PCI Compliance requirements are identified and met through cost effective training programs, process refinement, technical alignment, coaching, and evidence gathering in preparation for formal assessments.

Position Description

Summary of Key Responsibilities:

Leadership:

  • Report to the appropriate level of management the significant issues identified during the course of audits and analytics programs; where appropriate provide recommendations for improvements; and obtain management action plans to address these issues.
  • Lead the ongoing execution and maintenance of the University’s PCI Compliance Program.
  • Acts as a subject matter expert in the communication and execution of PCI requirements.
  • Liaises and champion between client-facing and Information Technology teams to ensure data security requirements are clearly understood and met.
  • Recommend PCI compliant process or technology change to align business units into compliance.
  • Assist and guide Business Unit management with the implementation of remediation plans as required to meet PCI DSS requirements.
  • Manage PCI Merchant account acquisition, delivery, and compliance alignment with the merchant business unit.
  • Build internal PCI governance that is effective and understandable.
  • Ensuring business process owners understand their key financial and operational controls and that they modify these as risks change.

Strategic Planning:

  • Provide technical and business leadership to ensure the University meets PCI compliance.
  • Advise and prepare impacted business units for a formalized Quality Security Assessment (QSA) or Self-Assessment Questionnaire (SAQ).
  • Ensure that assessments are conducted in accordance with professional standards.
  • Understand and plan for effective industry and payment channel changes.
  • Engage with IT Architecture to build roadmaps supporting future payment or customer requirements/capabilities.

Change Management:

  • Lead and implement change to support the changes to business processes, systems and technology impacted by PCI requirements.
  • Provide training across the University to key stakeholders who must be PCI compliant.
  • Facilitate PCI educational/awareness workshops and training for a wide variety of business units/merchants.
  • Conduct detailed preliminary assessments of new business units to determine compliance to PCI Data Security Standard (DSS) requirements.
  • Review PCI Compliance reporting and implement remediation programs for the business units requiring attention.
  • Implement a compliance reporting capability that supports reporting to all stakeholders and internal leadership.
  • Support business process owners in the identification of financial and operational risks and the alignment of internal controls (controls as designed) to mitigate those risks.

Audit and Consulting:

  • Accountable for ensuring that 40+ business areas across the University are prepared for PCI audits.
  • Perform consulting services to assist management in meeting its objectives.
  • Prepare and deliver training programs to business units to ensure PCI compliance requirements are met.
  • Provide data protection subject matter advice to stakeholders.
  • Use strong influencing capacity to motivate business units to provide adequate evidence to demonstrate PCI compliance.

Relationship Management:

  • Foster and maintain strong relationships with internal stakeholders and proactively build channels of communication across business units to ensure collaboration and achievement of organizational objectives.
  • Work closely with external parties to ensure the data security of information.
  • Liaise inside IT and Finance to understand and define PCI compliant solutions that meet or exceed the requirements of PCI DSS
  • Liaise with University contracted vendors who provide PCI related services and products and to validate their alignment with the University’s compliance requirements.
  • Liaise with external Quality Assurance Assessors (QSA), Internal Security Assessors (ISA) and Internal and external auditors to communicate audit readiness and compliance status.
  • Engage IT Security and Architecture teams to ensure a risk assessment is performed and compliant technology solutions are implemented prior to go live.

Qualifications / Requirements:

  • Bachelor’s Degree (IT, IS, Accounting or Business Administration with an IT focus) or equivalent certification with 7-10 years progressive experience.
  • Professional accounting designation (CPA – CA, CMA, CGA) with a minimum of 5 years post-designation of progressive experience.
  • CISA, PCI PCIP, ISA or previous QSA certification is preferred.
  • Knowledge of the Payment Card Industry Data Security Standard (PCI DSS)
  • Experience in audit and compliance techniques such as identification of key risks, evaluation of controls and recommendations for improvements
  • Excellent documentation skills to meet audit evidence requirements.
  • Strong experience in documenting business processes and process improvement is required.
  • Ability to influence others to move towards a common objective.
  • Strong collaboration, negotiation, and teamwork skills
  • Knowledge of information security standards related to data security and protection.
  • Ability to solve complex problems and lead others to solve complex problems using sophisticated analytical thought and exercising judgment to identify innovative solutions.
  • Ability to work independently with guidance in only the most complex situations.
  • Excellent verbal and written communication skills.
  • Excellent presentation and training skills.
  • Excellent negotiation skills with an ability to communicate difficult concepts while negotiating with others to adopt a different point of view.
  • Knowledge of MS Office Suite & SharePoint.
  • Experience working with and presenting to upper management and senior executives.

Application Deadline: November 22, 2023

We would like to thank all applicants in advance for submitting their resumes. Please note, only those candidates chosen to continue on through the selection process will be contacted.

Additional Information

This position is classified in the Professional Career Band, Level 4 of the Management and Professional Staff Career Framework.

To find out more about management and staff opportunities at the University of Calgary and all we have to offer, view our .

The University strongly recommends all faculty and staff are fully vaccinated against COVID-19.

About the University of Calgary

UCalgary is Canada’s entrepreneurial university, located in Canada’s most enterprising city. It is a top research university and one of the highest-ranked universities of its age. Founded in 1966, its 36,000 students experience an innovative learning environment, made rich by research, hands-on experiences and entrepreneurial thinking. It is . today at the University of Calgary. For more information, visit .

The University of Calgary has launched an institution-wide committing to creating a rich, vibrant, and culturally competent campus that welcomes and supports Indigenous Peoples, encourages Indigenous community partnerships, is inclusive of Indigenous perspectives in all that we do.

As an equitable and inclusive employer, the University of Calgary recognizes that a diverse staff/faculty benefits and enriches the work, learning and research experiences of the entire campus and greater community. We are committed to removing barriers that have been historically encountered by some people in our society. We strive to recruit individuals who will further enhance our diversity and will support their academic and professional success while they are here. In particular, we encourage members of the designated groups (women, Indigenous peoples, persons with disabilities, members of visible/racialized minorities, and diverse sexual orientation and gender identities) to apply. To ensure a fair and equitable assessment, we offer accommodation at any stage during the recruitment process to applicants with disabilities. Questions regarding [diversity] EDI at UCalgary can be sent to the ( ) and requests for accommodations can be sent to Human Resources ( ).

Do you have most but not all the qualifications? Research show that women, racialized and visible minorities , and persons with disabilities are less likely to apply for jobs unless they meet every single qualification. At UCalgary we are committed to achieving equitable, diverse, inclusive and accessible employment practices and workplaces and encourage you to apply if you believe you are right for this role.

We encourage all qualified applicants to apply, however preference will be given to Canadian citizens and permanent residents of Canada.

Source:

Apply for this job
Share:

Search Job

JobAdvisors.ca provides a centralized location for employers and job seekers. We update industry job trends, prospects and other vital information, from verified sources, for both Jobseekers and Employers and promote the content in multiple social media channels.

Follow us on:

    

T&C

Terms & Conditions