Security Compliance Officer

About CORD Financial Services LLC and Digital Network Solutions LLC

In 2001, CORD Financial Services was founded by The FIKES Companies. With a small staff and hard work, CORD quickly gained success in central Texas. Through steady growth in every year of its operations, CORD Financial Services is now an award-winning ATM Independent Sales Organization (ISO). In 2019, CORD acquired Digital Network Solutions, an ATM Processing Company. The company is recognized for excellence in providing a variety of ATM Processing Solutions, including services such as a state-of-the-art Terminal Management System and Mobile Application, Dynamic Currency Conversion, and Cardless NFC ATM transaction processing.

The Security Compliance Officer focused on PCI and SOC 2 compliance is responsible for overseeing and managing an organization's security posture to ensure adherence to Payment Card Industry Data Security Standard (PCI DSS) and Service Organization Controls 2 (SOC 2) regulations, conducting regular assessments, identifying risks, implementing necessary controls, and maintaining comprehensive documentation to demonstrate compliance across both frameworks.

General Responsibilities:

• Conduct regular PCI DSS and SOC 2 compliance assessments, including vulnerability scanning, network penetration testing, and policy reviews.
• Analyze assessment results to identify compliance gaps and develop remediation plans.
• Gather evidence and documentation to support compliance claims during audits by external auditors.
• Implement and maintain security controls aligned with PCI DSS and SOC 2 requirements, including access controls, encryption, data masking, and incident response procedures.
• Monitor security controls on an ongoing basis to ensure effectiveness and identify potential risks.
• Develop and maintain comprehensive security policies and procedures related to PCI and SOC 2 compliance, including data handling practices, password management, and vendor management.
• Deliver regular security awareness training to employees regarding PCI and SOC 2 compliance requirements.
• Conduct risk assessments to identify potential threats and vulnerabilities related to sensitive data processing and system access.
• Prioritize risks and develop mitigation strategies to address identified issues.
• Evaluate the security practices of third-party vendors that handle sensitive data to ensure compliance with PCI and SOC 2 standards.
• Monitor vendor compliance and implement corrective actions where necessary.
• Prepare regular compliance reports for management, highlighting key risks and mitigation efforts.
• Collaborate with internal teams to communicate compliance requirements and address concerns.
• Apply patches to software, operating systems and security appliance firmware.

Qualifications:

• Strong understanding of PCI DSS and SOC 2 compliance frameworks, including relevant control objectives.
• Experience conducting security assessments, vulnerability scanning, and penetration testing.
• Knowledge of information security best practices and industry standards (e.g., NIST, ISO 27001).
• Excellent analytical and problem-solving skills to identify and address compliance gaps.
• Strong communication and interpersonal skills to effectively collaborate with stakeholders across different departments.
• Ability to write clear and concise documentation for policies, procedures, and compliance reports.

Digital Network Solutions and FWI Holdings is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, veteran status, and disability, or any other legally protected basis, in accordance with applicable federal, state, and local law.