Information Security PCI Compliance Program Manager

Qwinix Englewood , CO 80110

Posted 3 weeks ago

Who We Are

Qwinix is a cloud-native consultancy and Google Cloud Partner. Driven by a distinguished engineering core, Qwinix works with clients to modernize their infrastructure, develop powerful digital experiences and processes, and strategically adopt innovative cloud solutions.

We are on a mission to close the gap between next and now. Through great people and great technology, we are able to solve the worlds most pressing problems and build remarkable experiences, processes, and products for our clients.

We pride ourselves on fostering a growth-centric culture through every step of a Qwinix employee's journey. From comprehensive onboarding practices to career development incentives, we strive to help our employees build a brighter tomorrow for themselves and their clients.

The Software Engineer will be working on our customer-facing application development teams in our Denver office. They will be working in an extremely collaborative and fast-paced environment helping to develop applications for our call centers and customers across the country.

Requirements

Client has an exciting opportunity for an Information Security PCI Compliance Program Manager at our Headquarters location in Englewood, Colorado. The PCI Compliance Program Manager is a key part of our Information Security and Governance, Risk, and Compliance (GRC) teams. This position is full-time, permanent, and salaried with standard work hours, has no supervisory duties, and requires very little travel. We are looking for someone who can start immediately.

The PCI Compliance Program Manager will report to the Information Security Compliance Manager and function as a central Payment Card Information subject matter expert supporting enterprise teams looking to involve Client PCI data in business solutions and processes. They will lead the company through the design and build out of a program that focuses on the protection, use, and control monitoring of PCI data, including any necessary certifications or audits.

What You Will Do

High-level job responsibilities with Fortune 250 Client:

Primary responsibilities of the Information Security PCI Compliance Program Manager include the following:

Draft policies/procedures that govern the security of Client PCI data across the enterprise with a specific focus on compliance requirements.

Design, lead and execute a Compliance program focused on PCI data handling across the enterprise.

Partner with security teams to identify and analyze security requirements to align with PCI compliance standards.

Track, document and address PCI compliance gaps to ensure timely closure.

Manage the annual PCI audit including evidence gathering, quality assurance of evidence, coordination of audit resource meetings, and other tasks required to successfully complete the audit.

Ensure ASV Scans and Pen-testing are conducted quarterly and annually, respectively with all remediation activities being completed within expected timelines.

Lead security enhancement projects focused on new or changing PCI compliance requirements.

Educate and build awareness of PCI compliance requirements.

Coordinate with Third Party Risk management to ensure PCI compliance needs are being addressed and tracked appropriately with third party vendors.

Coordinate with Privacy / Legal to ensure the overall compliance landscape is well understood and the program captures a complete view of our PCI compliance needs.

Continuously improve the PCI compliance program with new information, procedures, or documentation.

Who You Are

The successful candidate will possess the following qualifications:

Competencies:

Compliance + Risk Mindset

Communication w Executives

Can Interpret Regulations and Compliance Requirements

Cross-functional Team Leadership

Strategic Thinking and Planning (Team)

Brand & Team Ambassador

Solid Risk Management Foundation

Solid Information Security Foundation

Solid Security Control Framework Foundation

Expert PCI-DSS Knowledge

General Data Privacy Foundation

Can Teach/Educate Risk & InfoSec Principles

Can Consult Business on Risk and InfoSec Principles

Skills:

An expert in PCI requirements and experience building and executing a program development plan.

Experience leading through others and rolling out new programs.

Solid working knowledge of information security concepts and controls.

An understanding of our responsibility as a company to adhere to compliance requirements.

Excellent project management skills, with the ability to work within deadlines, juggle multiple priorities, design project plans, and provide project updates.

Ability to work independently with little direction and/or supervision.

Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.

Keen attention to detail with the ability to correct on the fly and work independently.

Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker.

Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy and/or data security.

Solid interpersonal and verbal/written communication skills.

Education and Experience:

Bachelor's Degree or equivalent experience and at least 5-8 years of directly related experience.

Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations.

Experience with compliance audits such as PCI and/or CPNI. Former QSA preferred.

Experience with NIST, ISO and other industry standards.

Expert user of Microsoft/Google Suite and an e-GRC tool.

Other Qualifications:

Professional certification (CISSP, CISA, CSIM, CIA or similar) is highly desired. Candidates who apply will be tested in several areas, including verbal/spelling, math/logic and business problem-solving, and must meet minimum standards to be considered for this position.

Where You Will be Located

Onsite - Englewood, CO

What Action You Need to Take

If you are interested in this role, share your latest resume, or contact us now at gkaur@qwinix.io

If this job is not aligned with your skill set, but you are looking for a new position, please contact us for a discussion on your next job by visiting us our career pagehttps://www.qwinix.io/careers/

Alternatively, please feel free to share this job posting with your network and ask us about our referral program..

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security PCI Compliance Program Manager

Qwinix

Posted 3 weeks ago

VIEW JOBS 8/31/2021 12:00:00 AM 2021-11-29T00:00 <p><strong>Who We Are</strong></p><p>Qwinix is a cloud-native consultancy and Google Cloud Partner. Driven by a distinguished engineering core, Qwinix works with clients to modernize their infrastructure, develop powerful digital experiences and processes, and strategically adopt innovative cloud solutions.</p><p>We are on a mission to close the gap between next and now. Through great people and great technology, we are able to solve the world’s most pressing problems and build remarkable experiences, processes, and products for our clients.</p><p>We pride ourselves on fostering a growth-centric culture through every step of a Qwinix employee's journey. From comprehensive onboarding practices to career development incentives, we strive to help our employees build a brighter tomorrow for themselves and their clients.</p><p>The Software Engineer will be working on our customer-facing application development teams in our Denver office. They will be working in an extremely collaborative and fast-paced environment helping to develop applications for our call centers and customers across the country.</p><p><strong>Requirements</strong></p><p>Client has an exciting opportunity for an Information Security PCI Compliance Program Manager at our Headquarters location in <strong>Englewood, Colorado</strong>. The PCI Compliance Program Manager is a key part of our Information Security and Governance, Risk, and Compliance (GRC) teams. This position is full-time, permanent, and salaried with standard work hours, has no supervisory duties, and requires very little travel. We are looking for someone who can start immediately.</p><p>The PCI Compliance Program Manager will report to the Information Security Compliance Manager and function as a central Payment Card Information subject matter expert supporting enterprise teams looking to involve Client PCI data in business solutions and processes. They will lead the company through the design and build out of a program that focuses on the protection, use, and control monitoring of PCI data, including any necessary certifications or audits. </p><p><strong>What You Will Do</strong> </p><p><strong>High-level job responsibilities with Fortune 250 Client:</strong></p><p>Primary responsibilities of the Information Security PCI Compliance Program Manager include the following:</p><p>⦁ Draft policies/procedures that govern the security of Client PCI data across the enterprise with a specific focus on compliance requirements.</p><p>⦁ Design, lead and execute a Compliance program focused on PCI data handling across the enterprise.</p><p>⦁ Partner with security teams to identify and analyze security requirements to align with PCI compliance standards.</p><p>⦁ Track, document and address PCI compliance gaps to ensure timely closure.</p><p>⦁ Manage the annual PCI audit including evidence gathering, quality assurance of evidence, coordination of audit resource meetings, and other tasks required to successfully complete the audit.</p><p>⦁ Ensure ASV Scans and Pen-testing are conducted quarterly and annually, respectively with all remediation activities being completed within expected timelines.</p><p>⦁ Lead security enhancement projects focused on new or changing PCI compliance requirements.</p><p>⦁ Educate and build awareness of PCI compliance requirements.</p><p>⦁ Coordinate with Third Party Risk management to ensure PCI compliance needs are being addressed and tracked appropriately with third party vendors.</p><p>⦁ Coordinate with Privacy / Legal to ensure the overall compliance landscape is well understood and the program captures a complete view of our PCI compliance needs.</p><p>⦁ Continuously improve the PCI compliance program with new information, procedures, or documentation.</p><p><strong>Who You Are</strong></p><p>The successful candidate will possess the following qualifications: </p><p><strong>Competencies:</strong></p><p>⦁ Compliance + Risk Mindset</p><p>⦁ Communication w Executives</p><p>⦁ Can Interpret Regulations and Compliance Requirements</p><p>⦁ Cross-functional Team Leadership</p><p>⦁ Strategic Thinking and Planning (Team)</p><p>⦁ Brand &amp; Team Ambassador</p><p>⦁ Solid Risk Management Foundation</p><p>⦁ Solid Information Security Foundation</p><p>⦁ Solid Security Control Framework Foundation</p><p>⦁ Expert PCI-DSS Knowledge</p><p>⦁ General Data Privacy Foundation</p><p>⦁ Can Teach/Educate Risk &amp; InfoSec Principles</p><p>⦁ Can Consult Business on Risk and InfoSec Principles</p><p><strong>Skills:</strong></p><p>⦁ An expert in PCI requirements and experience building and executing a program development plan.</p><p>⦁ Experience leading through others and rolling out new programs.</p><p>⦁ Solid working knowledge of information security concepts and controls.</p><p>⦁ An understanding of our responsibility as a company to adhere to compliance requirements.</p><p>⦁ Excellent project management skills, with the ability to work within deadlines, juggle multiple priorities, design project plans, and provide project updates.</p><p>⦁ Ability to work independently with little direction and/or supervision.</p><p>⦁ Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.</p><p>⦁ Keen attention to detail with the ability to correct on the fly and work independently.</p><p>⦁ Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker.</p><p>⦁ Strong understanding of mitigation methodologies and regulatory requirements pertaining to information security, privacy and/or data security.</p><p>⦁ Solid interpersonal and verbal/written communication skills.</p><p><strong>Education and Experience:</strong></p><p>⦁ Bachelor's Degree or equivalent experience and at least 5-8 years of directly related experience. </p><p>⦁ Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations.</p><p>⦁ Experience with compliance audits such as PCI and/or CPNI. Former QSA preferred.</p><p>⦁ Experience with NIST, ISO and other industry standards.</p><p>⦁ Expert user of Microsoft/Google Suite and an e-GRC tool.</p><p><strong>Other Qualifications:</strong></p><p>⦁ Professional certification (CISSP, CISA, CSIM, CIA or similar) is highly desired. Candidates who apply will be tested in several areas, including verbal/spelling, math/logic and business problem-solving, and must meet minimum standards to be considered for this position.</p><p><strong>Where You Will be Located</strong></p><p>Onsite - Englewood, CO </p><p><strong>What Action You Need to Take</strong></p><p>If you are interested in this role, share your latest resume, or contact us now at <strong>gkaur@qwinix.io</strong></p><p>If this job is not aligned with your skill set, but you are looking for a new position, please contact us for a discussion on your next job by visiting us our career page<a href="https://www.qwinix.io/careers/" rel="nofollow noreferrer noopener" class="external"></a><strong><a href="https://www.qwinix.io/careers/" rel="nofollow noreferrer noopener" class="external">https://www.qwinix.io/careers/</a></strong></p><p>Alternatively, please feel free to share this job posting with your network and ask us about our referral program..</p> Qwinix Englewood CO

Information Security PCI Compliance Program Manager

Qwinix