It Grc Analyst at State Farm

What you'd actually do

Applies defined PCI DSS scoping criteria.

PCI ISA collects and reviews evidence of compliance to validate PCI DSS requirements are met.

Supports the completion of assigned tasks for the annual PCI DSS Report on Compliance.

Drives necessary system and process updates in alignment with PCI DSS scoping & requirements.

Facilitates interaction between the business partner(s), product teams and the PCI C&C Team.

Skills

Required

ServiceNow experience (developer, implementation specialist, GRC technical analyst/architect)
ServiceNow GRC related modules
JavaScript
HTML/CSS
REST/SOAP integrations
ServiceNow UI Actions
Technology and/or information security background and/or governance, risk & compliance
Infrastructure (physical, virtual & Cloud)
Network segmentation
Operating system security
Encryption and key management
Tokenization
Anti-virus and malware
Secure system development
Identity and access management
Vulnerability management
Physical access controls
Penetration testing
File integrity monitoring
Logging
Risk assessments/reviews
Information security policy
Ability to analyze, collaborate & present solutions (both verbal & written)
Intermediate knowledge of PCI DSS compliance & security frameworks
Work well under pressure to identify and problem-solve complex situations

Nice to have

Security+
CISSP
GSEC
AWS
Azure
Microsoft
CISA
CISM
PCI ISA
PCI QSA
Motivated, self-starter
Strong communicator
Team & individual contributor
Worked on a team across multiple time zones

What the JD emphasized

Intermediate knowledge of PCI DSS compliance & security frameworks to understand & validate the requirements of protecting customer's payment card data.

Work well under pressure to identify and problem-solve complex situations across multiple customer channels and scenarios related to customer cardholder data and applicable PCI DSS Compliance.

Overview

Being good neighbors – helping people, investing in our communities, and making the world a better place – is who we are at State Farm. It is at the core of how we operate and the reason for our success. Come join a #1 team and do some good!

Responsibilities

The IT GRC Analyst will work on a team of certified Payment Card Industry Internal Security Assessors (PCI ISA) on State Farm’s ET-PCI Compliance and Consulting (PCI C&C) Team. This job role is responsible for assessing, validating, and delivering the Payment Card Industry Data Security Standard (PCI DSS) compliance for State Farm’s PCI in-scope people, processes and technologies.

**Key Responsibilities Performed by the PCI ISA on a Daily Basis: **

Applies defined PCI DSS scoping criteria.
PCI ISA collects and reviews evidence of compliance to validate PCI DSS requirements are met.
Supports the completion of assigned tasks for the annual PCI DSS Report on Compliance.
Drives necessary system and process updates in alignment with PCI DSS scoping & requirements.
Facilitates interaction between the business partner(s), product teams and the PCI C&C Team.
Consults on new and complex PCI DSS compliance considerations.
Works closely with business and technology teams to develop strong liaison relationships.
Stays current with new and evolving security, technologies, governance, risk & compliance topics via formal training and self-directed education.
Shares knowledge and experiences with others to help grow the team's talent bench through training and mentoring on a continual basis.

Qualifications

2 to 5 years hands-on ServiceNow experience as a developer, implementation specialist and/or GRC technical analyst/architect, specifically with the GRC related modules within ServiceNow. Additional technical Skills to include JavaScript, HTML/CSS, REST/SOAP integrations, ServiceNow UI Actions.
5 to 8 years of technology and/or information security background and/or governance, risk & compliance.
Intermediate knowledge of five or more of the following areas: infrastructure (physical, virtual & Cloud), network segmentation, operating system security, encryption and key management, tokenization, anti-virus and malware, secure system development, identity and access management, vulnerability management, physical access controls, penetration testing, file integrity monitoring, logging, risk assessments/reviews and information security policy.
Ability to analyze, collaborate & present solutions (both verbal & written) to successfully remediate identified compliance issues with business partner, stakeholders and third party service providers.
Intermediate knowledge of PCI DSS compliance & security frameworks to understand & validate the requirements of protecting customer's payment card data.
Work well under pressure to identify and problem-solve complex situations across multiple customer channels and scenarios related to customer cardholder data and applicable PCI DSS Compliance.

Recommended

Past or current certifications in one or more of the following areas: Security+, CISSP, GSEC, AWS, Azure, Microsoft, CISA, CISM, PCI ISA or PCI QSA.
Proven experience as a motivated, self-starter, who can deliver results in a fast paced, complex, changing environment.
Must be a strong communicator, a team & individual contributor, who has preferably worked on a team across multiple time zones.

SFARM

#LI-Hybrid

Our Benefits

Because work-life balance is a priority at State Farm, compensation is based on our standard 38:45-hour work week!

Potential starting salary range: $104,000.00 - $165,000.00
Potential yearly incentive pay up to 15% of base salary

HYBRID: Qualified candidates must live within a 180-mile radius of a hub location listed below and should plan to spend time working from home and some time working in the office as part of our hybrid work environment. HUB LOCATIONS: Bloomington, IL; Dunwoody, GA; Richardson, TX; or Tempe, AZ

SPONSORSHIP: Applicants for this position are required to be eligible to lawfully work in the U.S. immediately; employer will not sponsor applicants for U.S. work authorization (e.g. H-1B visa) for this opportunity

At State Farm, we offer more than just a paycheck. Check out our suite of benefits designed to give you the flexibility you need to take care of you and your family!

Get Paid! On top of our competitive pay, you are eligible for an annual raise and bonus.
Stay Well! Focus on you and your family’s health with our robust health and wellbeing programs. State Farm pays most of your healthcare premium, and we offer multiple healthcare plan options, including a high deductible plan. All medical plans provide 100% coverage for in-network preventative care, AND you and your family have access to vision, dental, telemedicine, 24/7 mental health professionals, and much more!
Develop and Grow! Take advantage of educational benefits like industry leading training programs, top-notch tuition assistance programs, employee resource groups, and mentoring.
Plan Ahead! Plan for those big moments in life with benefits like fertility/IVF/adoption assistance, college coaching, national discount programs, interactive monthly financial workshops, free financial coaching, and more. You can also start a savings account or consider financing through our State Farm Federal Credit Union!
Take a Little “You” Time! You will have access to our generous time off policies designed so you can plan around holidays, family events, volunteering, or just to take a relaxing day off. With the opportunity to initially earn up to 20 days annually plus parental leave, paid holidays, celebration day, life leave (40 hours/year), bereavement leave, and community service/education support days, there will be plenty of time for you!
Give Back! We offer several ways to give back through our Matching Gift Program, Good Neighbor Grant Program, and the Employee Assistance Fund.
Finish Strong! Plan for retirement using free financial advisors and a 401(k) plan with company contributions of up to 7% of your salary.

Visit our **State Farm Careers** page for more information on our **benefits**, **locations**, and the **hiring process** of joining the State Farm team!