IT PCI Security Engineer

Job ID
Experience (Years)
Information Technology

Company Overview

Canon U.S.A., Inc., is a leading provider of consumer, business-to-business, and industrial digital imaging solutions to the United States and to Latin America and the Caribbean markets. With approximately $29 billion in global revenue, its parent company, Canon Inc. (NYSE:CAJ), ranks third overall in U.S. patents granted in 2016† and is one of Fortune Magazine's World's Most Admired Companies in 2016. Canon U.S.A. is committed to the highest level of customer satisfaction and loyalty, providing 100 percent U.S.-based consumer service and support for all of the products it distributes. Canon U.S.A. is dedicated to its Kyosei philosophy of social and environmental responsibility. In 2014, the Canon Americas Headquarters secured LEED® Gold certification, a recognition for the design, construction, operations and maintenance of high-performance green buildings. To keep apprised of the latest news from Canon U.S.A., sign up for the Company's RSS news feed by visiting and follow us on Twitter @CanonUSA. For media inquiries, please contact

† Based on weekly patent counts issued by United States Patent and Trademark Office.

All referenced product names, and other marks, are trademarks of their respective owners.
We are an EEO/AA employer. Minority/Female/Individuals with Disabilities/Protected Veterans. 

Position Overview

Do you have what it takes to be a SME in PCI Audit? Are you ready to apply your unique skills to be successful in the role of Senior IT Auditor, PCI Compliance? This role will offer you the opportunity to showcase your PCI technical skills and make a direct impact on Canon’s processes. 
The Architect,  IT Auditor of PCI Compliance (Architect, IT Audit) will be responsible for planning, overseeing consultant based workers, and executing IT Payment Card Industry (PCI) and IT Risk engagements as well as support the demand, creation and compliance audit development efforts.


- Oversee activities of PCI project consultants in the IT Audit group to ensure adherence to established PCI compliance and PII processes
- Work with Sr. Manager and Sr Director of IT Audit to establish and maintain PCI program management office
- Establish all required PCI-DSS 3.0 Standards to ensure compliance with Self-Assessment questionnaire Level D and Lower
- Work with all IT functional groups to insure all PCI compliance requirements, such as Internal PCI Scans, External PCI Scans, PCI Segment Network documentation, etc. are executed in a timely manner as required by the PCI-DSS standards
- Establish and maintain business relationships with external QSA firms as needed to provide CANON USA IT the proper guidance on PCI-DSS compliance requirements
- Ensure the annual completion for all SAQ-(D, C, C-VT) execution
- Test and document computer system records for information system integrity and transaction accuracy, reports discrepancies
- Prepare audit plans and understand the specific issues to be evaluated
- Develops final written reports to communicate audit results to management and regulatory compliance agencies if applicable and make recommendations as appropriate
- Facilitate work of consultants and/or external IT auditors during audits and on-site visits
- Assist in the preparation of documentation, testing and evaluation of the company's IT general controls over financial reporting across multiple environments assessing the design, effectiveness and adequacy of key systems and processes based on walk through and transaction compliance testing
- Identify and recommend mitigating technology process controls to reduce risks noted in system evaluations
- Assist Internal Audit management with periodic reporting to the Audit Committee, development of the annual internal audit plan, and championing internal control and corporate governance concepts throughout the business
- Interact with all levels of management and company employees
- Foster an environment of regulatory awareness and ensure regulatory compliance
- Design and execute risk-focused Audit Plans in Infrastructure and Applications Development and Maintenance, leveraging resources and expertise across teams
- Anticipate bottlenecks and challenges and minimize their impact through prompt action
- Actively involved in developing the department's vision and strategy
- Have a strong understanding of best practices in the internal audit profession, and drive sustainable results through good QA processes
- Foster innovation and challenge the status quo
- Build and maintain trusted relationships with our regulators and the audit committees we serve


- Demonstrated experience with PCI-DSS certification and processes, with a minimum of 5 years experience
- PCIP & ISA Certification is required
- CISA or CISM Certification preferred
- Bachelors degree is required
- Ability to create an assessment and testing program that incorporates all aspects of PCI scanning, assessing, and testing
- Ability to develop programs that tie in vulnerability management for PCI with change management processes
- Demonstrated experience using PCI based tools such as Nipper, Spider, Nexus, etc. to perform periodic scans of required network, servers and other technology devices
- Light travel within the continental US required
Other Commonly Used Titles/Keywords: PCIP, PCI, PCI Professional, Payment Card Industry Professional, ISA, Internal Security Assessor, PCI-ISA, Payment Card Industry Internal Security Assessor, CISSP, Pen Tester, Penetration Tester, Ethical Hacker
If you are not reviewing this job posting on our Careers’ site, we cannot guarantee the validity of this posting. For a list of our current postings, please visit us at


Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed