Cybersecurity PCI Compliance Advisor
United States
Full Time
4 hours ago
Visa Sponsor
Key skills
Cyber SecurityRisk ManagementCommunicationNetwork Security
About this role
Role Overview
- Responsible for leading and supporting Payment Card Industry Data Security Standard (PCI DSS) compliance activities across the enterprise
- Provides subject matter expertise for PCI DSS control interpretation, assessment readiness, evidence review, remediation tracking, scope validation, control testing, and stakeholder engagement
- Supports PCI Internal Security Assessor (ISA), Qualified Security Assessor (QSA), Report on Compliance (ROC), Self-Assessment Questionnaire (SAQ), Attestation of Compliance (AOC), and related PCI DSS assessment activities across business, technology, security, compliance, and third-party environments
- Evaluates third-party service provider PCI responsibilities, including review of AOCs, responsibility matrices, shared responsibility documentation, contracts, service descriptions, and supporting security evidence
- Supports internal and external audit activities related to PCI DSS, HIPAA, HITRUST, SOC 2, NIST, and other cybersecurity or regulatory compliance requirements
- Mentors analysts and control owners by providing guidance on PCI evidence quality, control interpretation, assessment documentation, remediation planning, and stakeholder communication
- Contributes to continuous improvement of PCI compliance processes, templates, workflows, reporting, evidence management, automation opportunities, and program maturity initiatives
Requirements
- Requires BS/BA degree in Information Technology or related field of study
- Minimum of 5 years experience in systems support, system administration, system engineering, system security, access management, network security, network communications, computer networking, telecommunications, systems development and management, hardware, software, and/or data
- Requires experience in planning and designing highly complex systems
- Security Certifications: CISSP or other technical security certifications strongly preferred
- 5+ years of experience in cybersecurity, PCI compliance, IT audit, GRC, technology risk management, information security, regulatory compliance, or a related field
- Experience using GRC, workflow, ticketing, audit management, or evidence management tools
- Active or prior PCI Internal Security Assessor (ISA) certification or PCI Qualified Security Assessor (QSA) certification
- Familiarity with PCI-related standards and guidance, including PCI DSS, PCI 3DS, PCI P2PE, PCI PIN Security, PCI Secure Software Standard, PCI SSF, and PCI SSC guidance documents
Tech Stack
- Cyber Security
Benefits
- Merit increases
- Paid holidays
- Paid Time Off
- Incentive bonus programs
- Medical benefits
- Dental benefits
- Vision benefits
- Short and long term disability benefits
- 401(k) +match
- Stock purchase plan
- Life insurance
- Wellness programs
- Financial education resources