CISM - Certified Information Security Manager
PCI Security Standards Council is looking for a new Validation Programs Manager to join the Emerging Standards team! Reporting to the Director of Emerging Standards, the Validation Programs Manager will play a significant role in the design and development of validation programs to support the PCI SSC mobile security standards, and will also contribute to other Council programs and initiatives. The Manager will work directly with the Standards and Certification Teams, technical working groups, industry stakeholders, and other subject matter experts to produce content for our portfolio of standards' validation programs. This includes the development of program requirements and validation procedures, as well as guidance documents and other materials to support adoption and implementation of the PCI standards.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
Provide first-hand security experience and subject matter expertise in the development and implementation of PCI SSC programs, including creation and maintenance of program documentation such as Program Guides.
Work with Standards and Program Management Teams to provide oversight on day-to-day operation of validation programs, acting as an escalation point/subject matter expert to resolve queries and issues.
Coordinate with the Stakeholder Engagement Team and Standards and Program Managers to ensure assessors, vendors, and other program participants receive timely and appropriate communications.
Understand the dependencies and interactions between standards and validation programs, identify and resolve impacts that developments in PCI SSC standards have on PCI SSC programs and vice versa.
Liaise with PMO to ensure efficient project management for ongoing work assignments, and provide timely and accurate status reporting of deliverables to Standards Team leadership.
Contribute to PCI SSC working groups and/or task forces as required providing subject matter expertise on associated programs.
Coordinate research and input from various stakeholders, evaluate feedback, provide recommendations, and draft changes as agreed to by the working groups.
Contribute articles and content to various stakeholder communications, including newsletters, blog posts, training programs, and marketing releases. Create and present materials for internal and external webinars and in-person presentations.
Facilitate meetings and discussions with various stakeholder groups to achieve meeting objectives.
Assist in identifying improvements to the processes for creating, publishing, and maintaining policies, procedures, processes and/or related documents related to the PCI standards and programs.
Respond to inquiries received by the Council.
Collaborate across all PCI SSC teams to support company goals and objectives.
About PCI Security Standards Council:
The PCI Security Standards Council's mission is to enhance global payment account data security by developing standards and supporting services that drive education, awareness, and effective implementation by stakeholders.
We work collaboratively with global leaders in our field and play a major role in the creation of new regulations and standards. Here's your chance to have a hand in affecting the future of payment card security.
PCI Security Standards Council is an Equal Opportunity Employer.
At least 5 years' experience in cyber security
At least 2 years' experience assessing or certifying hardware and/or software technologies relevant to the payments industry, with a working knowledge of assessment and validation methodologies
Bachelor's degree required
At least one security industry certification such as CISSP, CISA, CISM, or equivalent is desired.
Program management industry certification is a plus.
Hands-on experience with implementing, managing, and/or assessing to one or more PCI security standards
Knowledge of technology and payment industry trends, participants, and leaders
Strong business and technical writing skills with experience writing technical documentation, standards, procedures, program manuals, training documentation, or information security articles
Ability to process information with high levels of accuracy and present technical concepts to audiences with a diverse understanding of information security
Attention to detail, self-discipline, and time management skills
Ability to manage multiple priorities concurrently and meet quality and schedule deadlines in a remote work environment
Flexible, proactive, quick to learn, and possessing a can-do attitude
A blend of curiosity, creativity, persistence, commitment, passion, and optimism
Willingness to travel up to 15%
Preferred Location: USA or Canada
Telecommuting is allowed.
About PCI Security Standards Council
The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.