Job Information InfoSec PCI Compliance Lead

　　Job details

　　Posted08 January 2024

　　LocationCentennial, CO

　　Job typePermanent

　　Reference903685Job description

　　Job DescriptionJob Title - InfoSec LeadLocation - Littleton, CODuration - 3 Months C2H

　　Job Duties and Responsibilities:The primary responsibilities of the Information Security PCI ComplianceProgram Manager include the following:Draft policies/procedures that govern the security of PCI data across theenterprise with a specific focus on compliance requirements.Design, lead, and execute a Compliance program focused on PCI datahandling across the enterprise.Partner with security teams to identify and analyze security requirements toalign with PCI compliance standards.Track, document and address PCI compliance gaps to ensure timely closure.Manage the annual PCI audit including evidence gathering, quality assuranceof evidence, coordination of audit resource meetings, and other tasksrequired to successfully complete the audit.Ensure ASV Scans and Pentesting are conducted quarterly and annually,respectively with all remediation activities being completed within expectedtimelines.Lead security enhancement projects focused on new or changing PCI compliancerequirements.Educate and build awareness of PCI compliance requirements.Coordinate with Third Party Risk management to ensure PCI compliance needs arebeing addressed and tracked appropriately with third-party vendors.Coordinate with Privacy / Legal to ensure the overall compliance landscapeis well understood and the program captures a complete view of our PCIcompliance needs.Continuously improve the PCI compliance program with new information,procedures, or documentation.Coach and mentor junior staff.Other responsibilities as assigned.

　　The successful candidate will possess the following qualifications:Successful candidates must be willing to relocate & work onsite.Competencies:Project ManagementSelf-led LearnerCustomer First MentalityStrong AdaptabilityProcess Documentation ManagementProcess Mapping DevelopmentPresentation SkillsMultitaskingCompliance + Risk MindsetCommunication w ExecutivesTeam MentorshipCan Interpret Regulations and Compliance RequirementsThought LeadershipCross-functional Team LeadershipStrategic Thinking and Planning (Team)Brand & Team AmbassadorSolid Risk Management FoundationSolid Information Security FoundationSolid Security Control Framework FoundationExpert PCI-DSS KnowledgeGeneral Data Privacy FoundationCan Teach/Educate Risk & InfoSec PrinciplesCan Consult Business on Risk and InfoSec PrinciplesPersonality:Requires a well-organized, cheerful and persuasive individual, who canmanage multiple priorities at once.Must have good meeting management and communication skills to keepconversations focused and productive.Must be self-driven; able to manage schedules, meet deadlines,coordinate with others, and perform tasks with minimal supervision.Must have the ability to work with a diverse audience, under tightdeadlines, and negotiate successful outcomes to challenging problems.

　　Qualifications:Skills, Experience, and RequirementsEducation and Experience:Bachelor's Degree or equivalent experience and 4-6 years of directly relatedexperience.Must have a solid understanding of SOX, PCI, CPNI, CCPA, and similarIT Compliance and Privacy regulations.Experience with compliance audits such as PCI and/or CPNI. Former QSApreferred.Experience with NIST, ISO, and other industry standards.Expert user of Microsoft/Google Suite and an eGRC tool.Other Qualifications:Professional certification (CISSP, CISA, CSIM, CIA or similar) is