PCI DSS Compliance Lead

Job Description:

PCI DSS Compliance Lead : DXC Technology : Remote

• Assesses the organization’s readiness for PCI compliance, creates and maintains a program to achieve PCI compliance, and then monitors business activities to ensure the organization maintains its PCI compliance certification in the future.
• Provides oversight of the PCI DSS compliance program, leading the Compliance team in support of PCI DSS program governance, anticipating PCI DSS-related compliance gaps, driving solutions, and reporting/managing all internal escalations.
• Responsible for the analysis and assessment of security, regulatory, and monitoring systems, and controls.  Drives implementation of security and compliance best practices and maintains security standards and regulatory compliance as required i.e., GDPR and PCI DSS.
• Works very closely with the operational technical domain leads, management, and compliance team, collaborating with team members to ensure remediation success and compliance with regulations and standards.
• Participate in security audits (SOC 1 and SOC 2) and external PCI DSS Assessments, working with third-party auditors and PCI DSS QSA.
• Participate in PCI DSS internal assessment to identify compliance gaps and mitigate risks.
• Participates in annual risk assessments and security risk reviews throughout the year.
• Perform vulnerability management. Reviews vulnerability and compliance reports and drives remediation efforts. Manage and track vulnerabilities identified, and coordinate with operational technical domain leads to prioritize and address them on time.
• Stay updated with the latest security vulnerabilities and threats, and actively monitor vulnerability databases and security advisories. Implement vulnerability management processes to ensure effective tracking, remediation, and mitigation of identified vulnerabilities.
• Collaborate with Architect and Engineering teams to integrate security into security/compliance-related service offerings, providing improvements to gaps and issues that need to be addressed in the service architecture/design/build.

Mandatory Qualifications:

• Bachelor's degree in a relevant field or equivalent combination of education and experience
• Typically, 7+ years of relevant work experience in industry, with a minimum of 3 years experience in managing compliance within the PCI framework
• Proven experience in security, risk, and compliance, specifically PCI DSS security standards   
• Proficiencies in vulnerability and risk management
• Must be a continuous learner that stays abreast with industry knowledge and technology
• Strong analytical and problem-solving skills, with the ability to effectively assess and communicate compliance and security risks.
• Excellent written and verbal communication skills, with the ability to collaborate with cross-functional teams and explain complex security concepts to non-technical stakeholders.

Preferred Qualifications:

• Relevant certifications in PCI Professional Certification such as Internal Security Assessor (ISA) or PCI Professional (PCIP) is a plus, or Certified Information Systems Security Professional (CISSP)
• Relevant certifications, such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), are a plus

Compensation at DXC is influenced by an array of factors, including but not limited to the experience, job-related knowledge, skills, competencies, as well as contract-specific affordability and organizational requirements. A reasonable estimate of the current compensation range for this position is $109,700 - $203,600.

Full-time hires are eligible to participate in the DXC benefit program.  DXC offers a comprehensive, flexible, and competitive benefits program which includes, but is not limited to, health, dental, and vision insurance coverage; employee wellness; life and disability insurance; a retirement savings plan, paid holidays, paid time off.

If you are an applicant from the United States, Guam, or Puerto Rico

DXC Technology is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin, citizenship, marital status, sex, sexual orientation/gender identity, age or genetic information. DXC's commitment to diversity and inclusive selection practices includes ensuring qualified long-term unemployed job seekers receive equal consideration for employment. View postings below.

We participate in E-Verify. In addition to the posters already identified, DXC provides access to prospective employees for the Federal Minimum Wage Poster, Federal Polygraph Protection Act Poster as well as any state or locality specific applicant posters. To access the postings in the link below, select your state to view all applicable federal, state and locality postings. Postings are available in English, and in Spanish, where required. View postings below.

Postings link

Disability Accommodations

If you are an individual with a disability, a disabled veteran, or a wounded warrior and you are unable or limited in your ability to access or use this site as a result of your disability, you may request a reasonable accommodation by contacting us via email.

Please note: DXC will respond only to requests for accommodations due to a disability.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.