Project Manager – Contract/Freelance
¥9M - 10M / annum
February 19, 2019
IT and technology
The objective of the project is to provide with consulting services to assist Client in obtaining PCI compliance. Protiviti will provide a QSA (Qualified Security Assessor) certified project manager to assist in PCI remediation project management and providing subject matter experience. The project manager will review and provide guidance on PCI remediation efforts as well as provide input regarding solutions to help achieve PCI compliance. In addition, the project manager will identify project requirements and scope for select PCI remediation areas.
Project team will provide:
- Clarification of the PCI standards based on past experience from other engagements
- Guidance regarding solutions to comply with non-compliant area;
- Identification of potential opportunities for improvement within key PCI operating processes;
- Provide recommendations for PCI remediation Assistance with PCI project management tasks; and
- Assistance with prioritizing the gaps based on risk and time constraints.
- Work with project manager to keep track and update progress for testing
- Weekly Meeting with each key member of the remediation team
Oversight and advisory:
- Advise key stakeholders on Information Security matters regarding Information Security Program, PCI Compliance, or other security matters
- Guidance on remediation activities identified during the initial PCI Assessment
- Respond to questions related to PCI DSS 3.2 compliance
- Assistance in PCI Scoping
- Assist in defining and implementing controls for new PCI requirements
- Assist in evaluating any potential compensating controls
PCI Project management Implementation/Remediation/Sustainability Assistance:
- Provide assistance in developing PCI Program and assessing the progress of the program.
- Provide guidance on the governance process over the PCI tasks including the artifacts required to evidence the task or control.
- Protiviti will help manage the remediation and PCI project implementation activities
- Assist in providing education to PCI asset owners and process owners on their responsibilities for PCI Compliance.
- Ongoing control validation for control families with a higher risk of failure.
- Collecting material related to actions performed
- Where possible, using software to validate technical changes
- Mapping and Tracking prioritized approach with initial 3.2 gap assessment
- Drafting or Reviewing the control design of the gap remediation
- Being involved in key milestone review (Check Points) for all 3.2 gap activity
- Refresh testing for earlier sampled controls and retesting of failing controls along with relevant QA for them.
TokyoOte Center Bldg, 22F
jp +813 5219 6633