Our IT Security Team is looking for an experienced PCI DSS Security Specialist whose expertise, passion and help lead the company pillars information security audits, regulatory compliance, risk management and mitigation and data privacy aspects specifically from the PCI DSS and SOX compliance perspective. You'll be working closely with the trivago wide Data Governance, Engineering and product teams. At a high level, this role is expected to take single point of ownership and demonstrate responsibility to collaborate with internal and external stakeholders to implement and maintain appropriate controls to meet the PCI compliance. This position is key to managing our product deployment of controls and adherence to applicable security requirements. Are you up to the task? Then we want to hear from you.What you'll do:
Single point of contact and ownership for all topics related to compliance specifically coordination and follow up of the PCI ceremonies not limited to: ASV Security Scans, Vulnerability Scans, Penetration Tests.
SAQD Documentation (Drafting, Reviewing and Baselining in usd portal).
Facilitate the maintenance of technical and organizational level documentation and controls across multiple technology platforms our product landscape.
Support and drive periodic reviews and assessments for Compliance within the PCI acceptable standards.
Lead process improvement and automation initiatives and provide support in the capacity of a Consultant for any security impacting decisions during feature rollouts.
Facilitate internal and external audits and work directly with trivago's partner counterpart.
Participate in strategic and design of controls and act as a real stage gate for any new or existing rollouts of our PCI product in scope.
Collaborate with Product, Engineering, QA and Legal compliance teams to understand and implement key controls and processes.
Constantly keeping up to date on the latest versions and technology trends related to controls of PCI DSS.
What you'll need:
At least 2 years' hands on experience in PCI DSS Security.
Being up to date about legal matters relating to IT Security and Compliance.
Good communication skills and the ability to drive decision making in your expert area, as well as transport the results into our teams, and get them on board for executing the IT Security related initiatives.
Ability to work in a flexible environment.
Fluency in English and German.
You will be located in Düsseldorf and you need to bring flexibility for quarterly business travels to our locations in Leipzig, Amsterdam and Palma de Mallorca.
What we'd love you to have:
Knowledge of leading practices in information security and governance frameworks.
Experience in performing audits, privacy and security risk assessments.
Experience in working with auditors and facilitating audits.
IT process knowledge in areas such as user access management, change control, incident management, networks, systems operations, security, compliance and risk management.
Strong client relationship and interpersonal skills.
Understanding of control concepts and processes, including but not limited to:
Secure development life cycle, systems and application security
Cryptographic controls to safeguard data in transit and at rest
Identity and access management
What you can expect from life at trivago:
Growth: We help you grow as trivago grows through support for personal and professional development, constant new challenges, regular peer-feedback, mentorship and world-class training.
Autonomy: Every talent has the ability to make an impact independently by driving topics thanks to our strong entrepreneurial mindset, our horizontal workflow and self-determined working hours.
International environment: Our agile, international culture and environment with talents from 50+ nations encourages mutual trust and creates a safe space to discuss openly and act freely.
Collaborative spaces: Our state-of-the-art campus in Düsseldorf offers interactive spaces where we can easily collaborate, exchange ideas, take a break and workout together.
Relocation: We offer our international talents support with relocation costs, work permit and visa questions, free language classes, flat search and insurance.
trivago N.V. is an equal opportunity employer. Applications from individuals with disabilities are welcome.
To find out more about life at trivago follow us on social media @lifeattrivago.
Want to learn more about trivago's business model to prepare for your interview? Visit https://company.trivago.com/our-product
Security Specialist - PCI DSS (German Speaker) at trivago N.V. (Düsseldorf, Germany)
Stack Overflow · 04.07.2019