PCI Security Engineer

  • Posted 2 days ago | Updated 2 days ago

Overview

Full Time
Part Time
Accepts corp to corp applications
Contract - W2
Contract - Independent

Skills

Security Controls
Data Security
Regulatory Compliance
QSA
Policies and Procedures
Security Engineering
Network
Servers
Database
Cloud Computing
System On A Chip
Use Cases
Penetration Testing
Hardening
Risk Management
Risk Assessment
Testing
DevOps
Incident Management
Documentation
Training
Computer Science
Information Security
Data Flow
Payment Processing
Network Security
Encryption
Management
Hierarchical Storage Management
Vulnerability Management
Firewall
WAF
IDS
IPS
Log Management
SIEM
Splunk
IBM QRadar
Endpoint Protection
DLP
Cloud Security
Amazon Web Services
Google Cloud
Google Cloud Platform
Microsoft Azure
Payment Card Industry
PCI DSS
Auditing

Job Details

Job Description: PCI Security Engineer

Location : Berkeley Heights, NJ/ Atlanta, GA, Onsite

Job Overview

The PCI Security Engineer is responsible for designing, implementing, and maintaining security controls that ensure compliance with PCI DSS (Payment Card Industry Data Security Standard). This role partners with security, infrastructure, application, and compliance teams to safeguard cardholder data, reduce risk, strengthen security posture, and support successful PCI audits and assessments.

Key Responsibilities

1. PCI DSS Compliance & Governance

Lead and manage PCI DSS compliance activities across the organization.

Interpret PCI DSS requirements and map them to existing technical and operational controls.

Coordinate with the QSA (Qualified Security Assessor) during assessments, audits, and evidence collection.

Maintain PCI documentation including ROC, SAQ, AOC, policies, and procedures.

Perform gap assessments and readiness reviews for annual PCI audits.

2. Security Engineering & Architecture

Design and implement secure network and system architectures aligned with PCI DSS requirements.

Deploy and manage PCI-scoped technologies: firewalls, WAF, SIEM, IPS/IDS, tokenization, encryption, and key-management systems.

Evaluate and enhance segmentation controls to reduce PCI scope.

Ensure secure configuration of servers, databases, applications, and cloud components in PCI environments.

3. Monitoring, Threat Detection & Operations

Oversee log management, monitoring, and alerting for PCI-in-scope systems.

Work with the SOC team to define PCI-related use cases and investigate incidents.

Review vulnerability scans and penetration testing results; ensure timely remediation.

Perform periodic access reviews, patch validations, and security hardening.

4. Risk Management & Control Validation

Conduct risk assessments and recommend controls to protect cardholder data.

Validate the effectiveness of PCI-related controls through regular testing.

Partner with DevOps/Engineering teams to ensure secure deployment pipelines for PCI systems.

Support incident response processes involving PCI data.

5. Documentation & Training

Develop and maintain PCI policies, procedures, runbooks, diagrams, and inventories.

Provide PCI training and guidance to engineering, product, and operations teams.

Required Skills & Qualifications

Bachelor s degree in Computer Science, Information Security, or related field.

3-8+ years of experience in information security; at least 2+ years focused on PCI DSS.

Strong understanding of:

PCI DSS v4.0 requirements

Cardholder data flows, payment processing, tokenization

Network security and segmentation

Encryption, key management (HSM, KMS)

Vulnerability management & SIEM tools

Hands-on experience with:

Firewalls, WAF, IDS/IPS

Log management/SIEM (Splunk, QRadar, Elastic, etc.)

Endpoint security, DLP, EDR

Cloud security (AWS/Google Cloud Platform/Azure PCI environments)

Experience preparing for and supporting PCI DSS audits.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About Zuplon