Standards Development Manager - PCI Security Standards Council, LLC (Shrewsbury)
PCI Security Standards Council, LLC
: $116,030.00 - $116,030.00 /year *
: Non-Executive Management
Loading some great jobs for you...
\"The Standards Development Manager will play a key role in the ongoing development of the PCI security standards, as well as contribute to other Council program initiatives. The Standards Development Manager will work directly with the PCI technical working groups to draft information security content for our portfolio of standards and develop requirements and supporting documentation for new and emerging standards. The Standards Development Manager will also be responsible for supporting project management for ongoing work assignments and status reporting of deliverables to senior leadership. Key Responsibilities: Contribute first-hand experience and technical security skills to develop technical security requirements for payments industry security standards Coordinate research and input from various stakeholders for inclusion in technical and business security requirementsDevelop testing procedures and reporting frameworks to support assessments against the standardsReview and evaluate feedback on current standards, provide recommendations, and architect changes as agreed to by the Working GroupsDraft and contribute to supporting materials, covering various technologies and payment industry topics, such as EMV, mobile security, e-commerce, and wireless networking, as applicable to PCI standardsParticipate and represent the Council in various forums, including Working Groups, Task Forces, webinars, etc.Solicit and evaluate feedback to identify industry demand for guidance in particular topic areasContribute articles and content to various stakeholder communications, including marketing releases, newsletters, training programs, and webinarsRespond to technical inquiries received by the CouncilMaintain proficiency with security best practices for the payments industry Skills and Abilities: Minimum of 4+ years of information security and/or payment card industry experienceSecurity industry certifications (such as CISSP, CISA, CISM)Bachelor's degree requiredExpertise in secure software design and development, application security testing, and secure software lifecycle methodologies and principlesPrevious experience in two or more of the following areas required:Security and/or auditing of payment card production, card bureau, or card vendor environmentsEvaluation or deployment of cardholder authentication mechanisms, such as 3D Secure implementations Implementation of physical and logical security considerations for high security areas, such as those used for payment card provisioning, payment token (e.g. mobile wallets) provisioning, or other financial services with high security needsEvaluation or deployment of cryptographic solutions for payment transactions, mobile payment applications, and/or cloud-based payment environmentsAssessing security infrastructure for financial institutions, large enterprise merchants, and/or service providersPTS and PIN security requirements and/or assessmentsExcellent English written and oral communication skills; ability to express thoughts clearly; strong listening skills; and the ability to communicate effectively to different audiencesStrong comprehension skills for understanding information security best practices and applying knowledge to different scenariosFlexible, proactive, quick to learn and possessing a can-do attitudeA blend of curiosity, creativity, persistence, commitment, passion and optimismSelf-discipline with attention to detail and time managementAbility to work effectively in a remote team environment to meet quality and schedule deadlines Strong preference given to those with the following experience:Working knowledge of the financial and payment card processing industries and the lifecycle of payment card transactionsTechnical understanding of mobile payment transaction architectures (e.g. Secure Element, HCE, OTA provisioning, mPOS acceptance, etc.)Working knowledge of audit methodologies and security assessment toolsExperience developing information systems and networking diagramsBusiness and technical writing experience, including published information security articlesWorking experience with software development methodologies and practicesAbility to communicate information security and other technical concepts to diverse audiencesExperience with communications practices, principles, and procedures for both onsite and online presentationsExperience with Microsoft Office products and ability to develop presentation material using PowerPointWillingness to travel up to 30% Additional Information:Location: Remote (Work from Home) in US, UK or CanadaPosition Type: Full-TimeSalary: DOE PCI SSC is an Equal Opportunity EmployerFor more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.\"
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.