About Us: The payments market is the most exciting technology market in the world today for good reason. McKinsey values it globally at over $2 trillion and it's growing between 13-15% year-on-year. Planet is a technology company that's transforming payments by putting the customer experience first. We help our customers deliver a better experience for guests, shoppers, and consumers everywhere. We operate in a market that continues to evolve and expand, partnering with the world's most prestigious brands across Retail and Hospitality, and with a network of Financial Services partners worldwide. To meet consumer demands, payments must be simple, safe, and invisible.
The only way to do this is to fully embed payments in the software and networks that run business. By combining networks, software and payment technology, Planet's creating a world of connected commerce that makes payments feel good. We're growing organically, and with strong Private Equity investors, Advent International and Eurazeo, we've the financial capital and expertise to grow our capabilities and reach through acquisition.
Role OverviewAs a PCI Program Manager, you will work closely with internal and external clients, supporting the CISO and the Global Security Compliance team in aligning Planet's information and cyber security programme. You will be responsible for planning and conducting third-party and regulatory compliance audits. As a Program Manager, you will oversee and manage the organization's PCI DSS compliance program. This role involves ensuring that all payment processing activities adhere to the latest PCI DSS requirements, managing the lifecycle of compliance assessments, and collaborating with internal and external stakeholders to maintain a secure environment for cardholder data.
What you will doLead and manage the organization's PCI DSS compliance program, including planning, execution, and ongoing maintenance.Develop and implement policies, procedures, and controls to ensure ongoing compliance with PCI.Coordinate and manage PCI DSS assessments and audits, including external Qualified Security Assessors.Ensure all remediation activities are identified, tracked, and completed in a timely manner.Identify, assess, and mitigate risks associated with payment card processing activities.Collaborate with IT, operations, and security teams to address vulnerabilities and ensure the security of cardholder data.Monitor the industry for changes in PCI DSS requirements and update the program accordingly.Serve as the primary point of contact for all PCI DSS-related inquiries, both internally and externally.Work closely with internal teams (IT, Legal, Operations) to ensure that all aspects of PCI DSS compliance are met.Communicate compliance status, risks, and issues to senior management and stakeholders.Develop and deliver PCI DSS training programs to employees, ensuring they understand their roles and responsibilities in maintaining compliance.Promote a culture of security awareness across the organization.Maintain comprehensive and up-to-date documentation of all PCI DSS compliance activities, including policies, procedures, and audit findings.Prepare and present regular reports on the status of PCI DSS compliance to senior management.Ensure all required documentation is prepared and submitted for PCI DSS certification and recertification processes.Evaluate and improve the PCI DSS program by identifying gaps and implementing best practices.Stay current with industry trends, emerging threats, and advancements in security technologies related to PCI DSS. Who you areBachelor's degree in Information Security, Information Technology, Computer Science, or a related field. A Master's degree is a plus.Experience with audit and internal controls development and testing.Minimum of 5 years of experience in information security, compliance, or a related field, with at least 3 years specifically focused on PCI DSS compliance.Experience in managing compliance programs and audits, particularly within the payment card industry.PCI Professional (PCIP), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or related certifications are highly desirable.Strong understanding of PCI DSS requirements and their application in a corporate environment.Excellent project management skills, with the ability to manage multiple projects simultaneously.Strong analytical skills, with the ability to identify and assess risks.Excellent communication and interpersonal skills, with the ability to interact effectively with technical and non-technical stakeholders.Strong organizational skills and attention to detail. Why PlanetPlanet is an equal opportunity employer where diversity is valued, and all employment is decided based on qualifications, merit, and business needs. Come and grow your career in the most exciting, fast-paced technology market, with a business that delivers feel-good connected commerce. We would love to hear from you - Apply now.
#J-18808-Ljbffr