Our client a large government agency is seeking a Program Manager with PCI experience for a 1 year contract.
You can come onboard as our W2 or independent contractor.
This position is hybrid with any onsite work in Jersey City NJ. Pay Range $100-$110/hour
A. JOB RESPONSIBILITIES:
Under the direction of the Deputy Director of Technology the Program Manager – PCI will
Manage one full time Project Manager with PCI certifications and two part-time Project
Managers.
Matrix responsibility for representatives from the lines of business and organizational
departments responsible for meeting PCI compliance in their respective areas.
Manage and drive the PCI Program forward by collaborating with internal stakeholders,
service providers, and external Qualified Security Assessor (QSA). Client must comply with the 325 PCI DSS Requirements that are applicable in the
departments.
The Program is coordination and managing the acquisition of tools required to meet PCI
reporting requirements, either by acquiring and implementing software or engaging service
providers to perform the services.
Responsible for implementing policies, procedures, controls, and monitoring to produce PCI
compliance evidence. An internal review of control compliance is completed prior to passing
t to the QSA for assessment and final Quality Assurance review. All questions, feedback and
items are passed back to the Program team for remediation.
Document and implement all policies and procedures that are not in place to meet PCI
Requirements.
Manage PCI Compliance for all service providers, by obtaining their appropriate Attestation
of Compliance (AOC) or if none exist, including work the service providers does in the client PCI Assessment.
Develop and maintain a repository of all internal testing, compliance reporting and evidence
for the Program. Post all required and relevant evidence to the QSA portal for assessment.
Develop and maintain PCI base line requirements used in evaluation, testing and assessment
including but not limited to;
1. Devices and network segments in-scope for PCI.
2. Service Providers and their compliance status.
3. Compliance progress and monitoring of Service Providers.
4. Participation with Procurement to include PCI responsibility wording in agreements.
Receipt of service provider acknowledgment of responsibility of PA card date they manage.
Program Reporting Responsibilities:
Update to the PCI Steering Committee (CFO, CTO, Treasurer, and others) every three weeks.
o Prepare, document and present Issues, Risk and Status.
Update to the CTO twice a week.
o Manage and lead an update with all relevant short-term activities.
Meet with the Qualified Security Assessor and Treasury representative weekly.
o Provide input and feedback in QSA progress update and issue resolution.
Maintain IT Program Status Report weekly.
o Prepare Program update and align to overall business metrics.
Provide Ad Hoc reporting support for Board of Directors and Committees as requested.
o Prepare and assets as requested.
o Lead PCI Program meeting and check point daily.
EXPERIENCE AND QUALIFICATIONS
Minimum of 10 years in a similar role.
Lead and completed a minimum of 8 large organization PCI Assessments.
Detail knowledge of PCI Requirement and supplemental information.
Leadership experience managing others including matrix management.
Business experience in Finance, with a management role.
Business experience in IT, with a management role.
Business experience in Program reporting to executive management.