Senior Technical Program Manager

We're revolutionizing the fitness & wellness industry, and we’re looking for talented people to help us do it. Mindbody + ClassPass bring together the best of both sides of the market: Mindbody is the industry’s most trusted all-in-one technology platform; ClassPass is one of the most popular apps for fitness & self-care enthusiasts. Together we’re partnering with more than 70,000 fitness studios, gyms, salons, and spas around the world. We’re not just another tech company—we’re far and away the leader of our industry. So join the team, work with mission-led people, and enjoy amazing benefits. Let’s see what we can accomplish together! 

Who we are   

We are a dedicated team of security and information technology professionals focused on evolving Mindbody’s security posture. Our collective goal is to protect the future, fostering increased opportunities for wellness businesses worldwide to empower their customers in leading secure and healthy lives. Committed to a higher purpose, we continuously challenge ourselves and our organization to excel, understanding the strength derived from collaborative efforts towards a common objective. We are advocates for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success. At the heart of our achievements lies the belief in the value of our people. If you share our passion and vision, consider joining our team, and let's explore the remarkable feats we can achieve together!  

Your role  

Mindbody + Classpass is seeking a Sr. Technical Program Manager, Governance Risk and Compliance to manage the continuous monitoring of our PCI-DSS compliance program. As a Sr. Technical Program Manager, you’ll use your technical expertise and background in Cyber Security to lead compliance efforts. The right person for this role will have deep technical discussions with our engineering teams to understand controls, processes and iterate on ways to meet the intent of compliance requirements. This means not only understanding multiple technical frameworks but also having a technical understanding of common technologies and systems. 

You will 

• As a Senior Technical Program Manager on the Governance, Risk, and Compliance (GRC) team, you will perform continuous monitoring of PCI standards and understand the potential impacts of change as they apply to the organization. 

• Assist the Compliance team and the Business with all required PCI compliance related documentation and its maintenance. 

• Collaborate across Security and Engineering teams, Leadership and all other stakeholders to drive Mindbody’s PCI Program compliance. 

• Provides guidance to the business on PCI compliance and security-related matters.  

• Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. 

• Understands compliance requirements (ISO, NIST, SOX, PCI, HIPAA, GDPR and other regulatory compliance). 

• Participate in the development and implementation of new business initiatives to ensure functionality required to support PCI compliance. 

• Report on deliverables, and project status to management and key technical and business stakeholders. 

• Collaborates with our BISOs to advise Business Partners on the appropriate implementation of security compliance controls and requirements to maintain our information security and privacy posture. 

• Manages any internal and external audit requests related to PCI-DSS, and other compliance requests as needed.   

You’ll thrive in this role with experience in:  

• 5+ years’ experience leading PCI attestation efforts. 

• Extensive experience as a Program/Project Manager in GRC (Governance, Risk and Compliance). 

• Background in auditing security controls, networks, and system security. 

• Technical knowledge and familiarity with information security standards such as PCI DSS, and NIST Cybersecurity Framework. 

• Collaborate across Security and Engineering teams, Leadership and all other stakeholders to drive Mindbody + Classpass PCI Program. 

• Ability to express technical concepts in business terms. 

• Able to work well under deadlines in a changing environment and complete multiple PCI projects effectively and concurrently. 

• Preferred certifications: PMP, ISA/QSA, CISSP, CISA. 

Have we piqued your curiosity?

Sound like the role for you? We’d love to hear from you! Even if you’re not 100% sure about potential fit, we still encourage you to apply. We’re looking for the right person, not the perfect series of checkboxes.

Mindbody is an Equal Opportunity Employer. We highly value diversity at our company and encourage people of all different backgrounds, experiences, abilities and perspectives to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or other protected characteristics.

By entering your email and phone number and submitting your application, you consent to receive emails, calls and SMS about your application and other roles at Mindbody, including by auto-dialer. Message and data rates may apply. Opt-out or text STOP to cancel at any time. If you are a California resident or reside outside the United States then by submitting your application you confirm that you have read, understood, agree and - where applicable - grant your prior, free, informed and express consent for the processing of your personal information, including sensitive personal information, as described in our California Applicant Privacy Notice or International Applicant Privacy Notice (as applicable).