CISM - Certified Information Security Manager
PCI Security Standards Council is looking for an experienced Director of Emerging Standards to join the Standards leadership team!
The Director of Emerging Standards plays a key role in the research, development, and maintenance of security standards for PCI SSC. The role involves maintaining awareness of changes in the payment security environment, including new threats and advancements in technologies, and contributing to the development of Council programs and initiatives.
Reporting to the Vice President of Standards and leading the Emerging Standards team, the Director of Emerging Standards will be responsible for authoring standards and guidance for protecting payment card information within an ever-changing threat landscape. The role requires the ability to foster relationships and drive consensus across a diverse set of stakeholders.
This is a full-time permanent and work-from-home position. While PCI SSC is a global organization, this role involves managing teams and meetings predominantly during North America working hours.
Oversee all Emerging Standards team initiatives to ensure quality and delivery milestones are met and provide status updates and escalations to senior management.
Implement policies and procedures to achieve PCI SSC's goals and strategic objectives.
Draft technical standards documentation on behalf of technical working groups, including security requirements, testing procedures, and implementation program guides for emerging standards.
Develop information supplements for various technology such as virtual and cloud-based systems, mobile and wireless security, cryptography, as well as new security and development practices as applicable to PCI standards.
Project lead the development of new and updated standards and related deliverables.
Chair applicable working groups and task forces on various subjects (e.g., cloud, cryptography, mobile).
Contribute content for communications to stakeholders including newsletter articles, blog posts, and training.
Participate and represent the Council in various forums, including working groups, task forces, industry meetings and events, and webinars.
Communicate and collaborate regularly with other teams across the organization to ensure consistent implementation of organizational processes.
Manage goals and performance for the Emerging Standards team, ensuring staff are meeting company expectations for productivity, quality, and continuous improvement.
Stay informed of, and maintain proficiency with, industry security trends, best practices, and standards.
Perform other duties and responsibilities, as assigned
Required Qualifications & Experience:
Minimum of 8+ years of information security and/or payments industry experience.
Industry certifications (such as CISSP, CISA, CISM).
Bachelor's degree preferred.
Demonstrated project leadership experience.
Experience evaluating and reporting on security infrastructure, design, and technology integrity.
Working experience with software development methodologies and practices.
Working knowledge of audit methodologies and security assessment tools.
Strong business and technical writing skills.
Experience working remotely and managing a geographically and culturally diverse team.
Excellent English written and oral communication skills, ability to express thoughts clearly, strong listening skills, and ability to communicate confidently and effectively to different audiences.
Strong organization and time management skills, and the ability to work independently and as part of a team.
Flexible, proactive, quick to learn and possessing a can-do attitude.
A blend of curiosity, creativity, persistence, commitment, passion, and optimism.
Willingness to travel up to 30%.
Strong preference given to candidates with:
Recent work with mobile platform security and/or mobile payment transactions.
Experience with the security of Cloud based systems.
Experience developing standards in other associations or consortiums.
Exposure to PCI assessments (including both lab and assessor based).
Knowledge of EMV based payment protocols and transactions.
Knowledge of payment device attributes (e.g., Point of Sale, ATM, card readers).
Experience with evolving encryption technologies and standards.
Understanding the financial and payment card processing industries.
Proficiency with Microsoft Office products, including Project and the ability to develop presentation material using PowerPoint.
About PCI Security Standards Council
The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.