Senior Security Compliance Specialist (PCI)

RESPONSIBILITIES:
Kforce has a client that is seeking a Senior Security Compliance Specialist (PCI) in Rocklin, CA.

Security and Compliance:
The Senior Security Compliance Specialist is responsible for leading the company's PCI DSS compliance program and ensuring sustained protection of cardholder data across the enterprise. This role partners with security, engineering, infrastructure, and business teams to assess controls, manage and document PCI scope, and drive remediation efforts to maintain compliance with PCI DSS requirements.

The position serves as the organization's PCI subject matter expert and works to improve the company's security posture through risk management, process improvement, and compliance automation. We have a lot of vulnerabilities - this person needs to be technically savvy enough to be able to advise on how to remediate vulnerability or out of compliance conditions and needs to know how to propose solutions to tech team.

Duties:
* Lead the enterprise PCI DSS compliance program, including preparation for annual assessments and ongoing control validation
* Conduct PCI readiness assessments and identify gaps in compliance with PCI DSS requirements
* Act as a consultant when someone has question for PCI
* Monitor standards and update
* Partner with technology and business teams to design and implement remediation plans for identified compliance gaps
* Provide guidance to technical teams on implementing and maintaining PCI controls
* Lead PCI scoping and segmentation efforts to reduce the organization's cardholder data environment and overall compliance scope
* Maintain PCI documentation, evidence repositories, and compliance reporting
* Provide periodic updates to leadership on PCI compliance posture, risks, and remediation progress
* Improve compliance processes using GRC tools, automation, and scalable control monitoring

REQUIREMENTS:
* Bachelor's degree or equivalent experience in Information Security, risk, or compliance
* 7+ years of experience in information security or compliance roles
* 5+ years of direct PCI DSS experience supporting or leading PCI compliance programs
* Strong knowledge of PCI DSS and experience implementing controls in complex enterprise environments
* Need to be comfortable and professional when articulating findings/justifications/action plans to senior leadership

Technical Requirements:
* Experience working in large-scale enterprise technology environments
* Strong understanding of security frameworks including PCI DSS, ISO 27001, COBIT, and SOX
* Experience performing risk assessments and compliance gap analyses
* Experience with GRC platforms and compliance automation tools
* Strong written, verbal, and executive communication skills
* Ability to influence cross-functional teams and drive remediation efforts
* Experience working within the retail sector
* Ideally coming from retail and/or ecommerce
* Need to at least come from a complex, enterprise environment where pay and credit card transactions are happening
* Must be a good team player
* QSA or CISSP certification strongly preferred

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.