Johns Creek, GA, US
Text size
aA+ aA-
Click here to print

Senior, Payment Card Industry Compliance

Country : USA USA

State : Georgia

County : Fulton County

Town : Johns Creek

Category : Consulting - Audit

Contract type : Permanent

Availability : Full time

Company presentation

Macy's is proudly America's Department Store. For more than 160 years, Macy's has served generations at every stage of their lives. Customers come to us for fashion, value and celebration. Macy's is also known for giving back to our communities. Now is an exciting time to join Macy's. The face of retail is changing, and change requires innovation. With endless opportunities, you can begin anywhere and go everywhere at Macy's. Join a team of colleagues who are committed to excellence and leadership development. We want talent like you.

Job description

As part of our Information Security governance team, the Systems Specialist will support, develop and implement strategies to ensure PCI (Payment Card Industry) Security Standards are met at Macy's, Bloomingdales and Bluemercury. In this role, you will work with and provide guidance to teams throughout Macy's to improve PCI policies and procedures, promote compliance with internal and external rules and regulations, and to monitor adherence to policies and procedures though testing. As a part of this dynamic team, you will contribute to shaping the PCI Program for Macys, Inc.
Essential Functions:
- Define requirements, document and implement the necessary strategies, policies, standards and procedures for the Governance, Risk and Compliance Programs for PCI DSS.
- Manage the content of the continuous compliance program for PCI DSS and verify that compliance testing activities as part of the Compliance Framework are comprehensive and complete.
- Support annual Macys PCI Assessment process - Schedule and execute the annual PCI assessment preparation, document management and validation, onsite interviews. Manage the Macys PCI Assessment activities including data collection, analysis, prep and execution of the assessment meetings. Manage the remediation activities identified through the assessment.
- Track, report and communicate projects, work efforts, tasks in preparation for the annual Macys PCI assessment
- Provide guidance to project teams on data governance requirements for PCI DSS. Fully understand and articulate the PCI requirements and how they relate to the Macy's environment
- Maintain metrics and reporting on the PCI governance and compliance program
- Consistently demonstrates regular, dependable attendance & punctuality


- Education/Experience:
- Bachelor's degree required and 4 or more years of work experience in Information Technology Security Compliance specific to PCI
- An in-depth understanding of PCI DSS requirements and assessment processes. PCI -ISA certification a plus.
- Familiarity with Information Security risk identification, assessments, evaluation
- Information Security control design and implementation
- Governance Frameworks (ISO, SANS, COBIT, NIST) a plus
- Compliance fundamentals
- PCI for a retail environment a plus
- Project Management a plus
- Technical writing
- Ability to execute strong analytical skills to review compliance information.
- Must be able to stay abreast of security trends and independently and actively incorporate these into the daily responsibilities.
- Strong organizational skills a must.
- Must be able to work independently with minimal supervision.
- Communication Skills:
- Ability to seek and obtain relevant information needed by the business for decision making
- Ability to develop good relationships with team members as well as across the business
- Communicate effectively with a variety of audiences. Ability to provide updates to all levels of management across the organization.
- Mathematical Skills:
- Basic math functions such as addition, subtraction, multiplication, division and analytical skills. Advanced skills in Word, Excel, and Power Point.
- Reasoning Ability:
- Ability to interpret and explain regulatory requirements resulting in actionable items by the business
- Ability to stay abreast of industry standards and practices
- Troubleshoot, solve and deliver solutions in a dynamic environment.
- Physical Demands:
- This position involves regular ambulating, sitting, hearing, and talking. May occasionally involve stooping, kneeling, or crouching. May involve close vision, color vision, depth perception, and focus adjustment. Involves use of hands and fingers for typing on keyboard and using a mouse. May be a need to move or lift items under 10 pounds.
- Other skills:
- Strong leadership profile and excellent negotiation skills. Familiarity with retail industry, ecommerce, IT, and software development concepts helpful.
- Understands what is expected and can articulate individual and team goals
- Aggressively pursues new ideas
- Ability to handle confidential and sensitive information.
- Work Hours:
- Ability to work a flexible schedule based on department and company needs. Some infrequent travel required.
- Decision Making:
- Participate in the decision making process for scoping of PCI.
- Provides guidance and final determination on the evidence to provide during the assessment.
- Negotiates with the QSA vendor on remediation strategies
- SME for all internal teams for PCI Compliance.
- Analyze each situation and make sound decisions for technical and business challenges up to difficult complexity. Analyzes problems and challenges by looking below the surface to understand root cause. Considers how a decision could impact the customer before taking action.
- Analyze each situation and make sound decisions for technical and business challenges up to difficult complexity. Analyzes problems and challenges by looking below the surface to understand root cause. Considers how a decision could impact the customer before taking action.
Click here to print

Similar Offers

Compliance Analyst

| Johns creek

Fashion Jobs

Compliance Analyst

| Permanent | Johns creek

Compliance Analyst

| Permanent | Columbus