Long standing Kansas City company is searching for their next PCI Compliance Manager. This highly stable and profitable organization has been around over 75 years and carry 25% of the local market share. The company is known for it's inclusive culture and focus on work/life balance. They are very proud of their generous benefits package.
This opportunity is looking for an expert in PCI Data Security Standards. This mission critical role will be an integral part of continuing to develop the PCI compliance program. The position reports to the Director of Information Security and is tasked with acting as the subject matter for PCI Compliance.
Key responsibilities include the following:
-Perform readiness testing, obtaining and reviewing evidence of compliance
-Evaluate existing controls for design and performance effectiveness
-Monitor changes to cardholder data environment to ensure compliance and adequate security is maintained
-Determine when a penetration test, risk assessment and vulnerability scan are required after significant change events occur
-Provide regular reporting on compliance objectives to senior leadership
-Facilitate the interaction between the business and the onsite Qualified Security Assessor (QSA)
-Support the completion of the annual PCI DSS Report on Compliance
-Anticipate and react to new versions of the DSS, providing recommendations to mitigate potential gaps
-Work closely with Enterprise Architecture, Infrastructure Security, Enterprise Project Management Office, etc.) to proactively identify projects that will improve the organization's security, while complying with the PCI DSS
-Maintain an inventory of documentation (i.e., policies, standards, procedures, etc.) to support PCI processes and controls
-Provide input to information security policies, as well as standards and procedures owned by business partners
-Bachelor's degree in Computer Science, Engineering, Business Administration, or related discipline from an accredited college or university
-5 years of experience in audit, compliance or risk management, with a focus on information security and/or information technology
-At least one security certification such as CISSP, CISA, CISM, etc.
-In-depth experience with developing or managing PCI DSS compliance programs