- Company Name: Business Integra
-
Job Type: C2H
- How many positions: 1
-
Eligibility: Citizen, G Card
Job Description
Job Duties and Responsibilities
Primary responsibilities of the Information Security PCI Compliance Program Manager include the following:
- Draft policies/procedures that govern the security of DISH PCI data across the enterprise with a specific focus on compliance requirements.
- Design, lead and execute a Compliance program focused on PCI data handling across the enterprise.
- Partner with security teams to identify and analyze security requirements to align with PCI compliance standards.
- Track, document and address PCI compliance gaps to ensure timely closure.
- Manage the annual PCI audit including evidence gathering, quality assurance of evidence, coordination of audit resource meetings, and other tasks required to successfully complete the audit.
- Ensure ASV Scans and Pentesting are conducted quarterly and annually, respectively with all remediation activities being completed within expected timelines.
- Lead security enhancement projects focused on new or changing PCI compliance requirements.
- Educate and build awareness of PCI compliance requirements.
- Coordinate with Third Party Risk management to ensure PCI compliance needs are being addressed and tracked appropriately with third party vendors.
- Coordinate with Privacy / Legal to ensure the overall compliance landscape is well understood and the program captures a complete view of our PCI compliance needs.
- Continuously improve the PCI compliance program with new information, procedures, or documentation.
- Coach and mentor junior staff.
- Other responsibilities as assigned.
The successful candidate will possess the following qualifications:
Competencies:
- Project Management
- Self-led Learner
- Customer First Mentality
- Strong Adaptability
- Process Documentation Management
- Process Mapping Development
- Presentation Skills
- Multitasking
- Compliance + Risk Mindset
- Communication w Executives
- Team Mentorship
- Can Interpret Regulations and Compliance Requirements
- Thought Leadership
- Cross-functional Team Leadership
- Strategic Thinking and Planning (Team)
- Brand & Team Ambassador
- Solid Risk Management Foundation
- Solid Information Security Foundation
- Solid Security Control Framework Foundation
- Expert PCI-DSS Knowledge
- General Data Privacy Foundation
- Can Teach/Educate Risk & InfoSec Principles
- Can Consult Business on Risk and InfoSec Principles
Personality:
- Requires a well-organized, cheerful and persuasive individual, who can manage multiple priorities at once.
- Must have good meeting management and communication skills to keep conversations focused and productive.
- Must be self-driven; able to manage schedules, meet deadlines, coordinate with others, and perform tasks with minimal supervision.
- Must have the ability to work with a diverse audience, under tight deadlines, and negotiate successful outcomes to challenging problems.
Skills, Experience and Requirements
Education and Experience:
· Bachelor's Degree or equivalent experience and 4-6 years of directly related experience.
· Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA and similar IT Compliance and Privacy regulations.
· Experience with compliance audits such as PCI and/or CPNI. Former QSA preferred.
· Experience with NIST, ISO and other industry standards.
· Expert user of Microsoft/Google Suite and an eGRC tool.
Other Qualifications:
- Professional certification (CISSP, CISA, CSIM, CIA or similar) is highly desired.