InfoSec PCI Compliance Lead

Full Time


    SecurityManagerProgram ManagerITISOCISSP

    Job Description

    Telesis7 is currently hiring for an InfoSec PCI Compliance Lead.

    This position is 100% ON SITE.

    The InfoSec PCI Compliance Lead will report to the Information Security Compliance Manager and function as a central Payment Card Information subject matter expert supporting enterprise teams looking to involve PCI data in business solutions and processes. They will lead the company through the design and build out of a program that focuses on the protection, use, and control monitoring of PCI data, including any necessary certifications or audits.

    Job Duties and Responsibilities

    Primary responsibilities of the Information Security PCI Compliance Program Manager include the following:
    • Draft policies/procedures that govern the security of PCI data across the enterprise with a specific focus on compliance requirements.
    • Design, lead and execute a Compliance program focused on PCI data handling across the enterprise.
    • Partner with security teams to identify and analyze security requirements to align with PCI compliance standards.
    • Track, document and address PCI compliance gaps to ensure timely closure.
    • Manage the annual PCI audit including evidence gathering, quality assurance of evidence, coordination of audit resource meetings, and other tasks required to successfully complete the audit.
    • Lead security enhancement projects focused on new or changing PCI compliance requirements.

    Education and Experience:
    • Bachelor's Degree or equivalent experience and 4-6 years of directly related experience.
    • Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations.
    • Experience with compliance audits such as PCI and/or CPNI. Former QSA preferred.
    • Experience with NIST, ISO and other industry standards.
    • Expert user of Microsoft/Google Suite and an eGRC tool.

    Other Qualifications:
    • Professional certification (CISSP, CISA, CSIM, CIA or similar) is highly desired.