Who We Are:

Chattanooga-based Transcard makes frictionless payments a reality with comprehensive global payment solutions designed for banks, FinTechs, and businesses of any size and in any industry. Transcard delivers solutions for business-to-business (B2B) payments, consumer-to-business (C2B) payments, business-to-business-to-consumer (B2B2C) payments, account-to-account automation, and Banking as a Service (BaaS). Our solutions combine unmatched multi-rail capabilities, embedded workflows, best-in-class integration, effortless reconciliation, and bank-grade security.

Position Details:

This is a full-time position, working Monday-Friday during standard business hours. Compensation will be based on the qualifications of applicant. This position reports to the Transcard Chief Information Security Officer.

Location:

This is a REMOTE opportunity in the United States with occasional travel to the office. Candidate must reside in the US and be work authorized. We are unable to offer visa sponsorship.

Our corporate office is located in Chattanooga, TN.

Benefits:

Transcard offers benefits starting the first of the month following the month of hire (Medical, Dental, & Vision, 401(k) Match!, Paid Time Off, Life-Disability Insurance, and more)

Please apply and see more job requisitions at:

https://www.transcard.com/careers

Essential Duties and Responsibilities:

As InfoSec Program Manager your primary responsibility is to own all recurring security compliance requirements at Transcard. This is a hybrid role requiring hands-on use of security technologies and also collaboration with others to complete all roles and responsibilities.

• Run internal and external application and network vulnerability scans. Prioritize vulnerability treatment with systems administrators, rescan, and validate.
• Collaborate with project management and technology departments to establish and maintain role-based access control. Inventory all job functions in the company along with the security access rights and account attributes required to perform each job function, enforcing the principles of least privilege and separation of duties.
• Collaborate with the technology department to implement a new Identity and Access Management policy.
• Audit AAA state against approved identity and access management policies and RBAC matrices, identify deltas, and work with management to remediate.
• Collaborate with the project management and technology departments to fully implement new enterprise IT change management policies. Create change ticket templates in the helpdesk system, monitor changes, and audit changed state against completed tickets in compliance with PCI DSS Requirement 6.5.
• Run monthly security metrics and key performance indicators; deliver them to management.
• Obtain, deliver, and track artifacts in support of external audits.
• Review security event logs day-to-day. Respond to critical security anomalies. Establish daily reporting processes.
• Regularly interact with cybersecurity managed security service providers.
• Perform code-base static security scans; track and follow coding insecurity remediation.
• Write security policies and procedures and perform spot audits to ensure compliance.

Required Qualifications:

• Someone schooled in computer science, specializing in cybersecurity, that is at ease dealing with security administrators and management.
• Experience using one of the Big 3 vulnerability scanners: Qualys, Rapid7, or Tenable.
• Familiarity with end-point security technologies.
• A quick study. Someone that can take on projects with minimal guidance and supervision.
• Experience working with security information and event management technologies.

Education and/or Certifications:

• Bachelor's degree preferred or equivalent work experience
• Security certifications CISSP, CISM, CISA, GIAC are a plus, but not required.

The above statements are intended to describe the general nature and level of work performed by people assigned to this classification. They are not intended to be a complete list of duties performed.

No resumes from 3rd party vendors will be accepted at this time.