Reporting directly to the PCI Security Standards Council's Director of Emerging Standards, the Emerging Standards Manager will develop international information security standards for the protection of payment data to address emerging payment technology and payment processing. This is also a research position where the individual will also conduct professional research in these and other areas to provide recommendations for future development and/or industry guidance for existing security requirements within PCI standards. Specific to this position is an emphasis on mobile technology including technical experience with iOS and Android, app development and app store procedures, Google SafetyNet, API development, embedded technologies (e.g., NFC, BT, WiFi, cellular, GPS, motion sensors, camera, USB, and storage), and experience assessing technical vulnerabilities or countering threat vectors associated with mobile.
ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.
Leads/chairs one or more working groups, task forces, or special interest groups (SIG) that are involved in the development of international standards or guidance
Produces technical and/or cybersecurity research documents on various topics associated with security of payments
Provides subject matter expert (SME) assistance to PCI SSC colleagues on technical matters related to mobile payments, security on mobile platforms, etc.
Documents and reviews new or revised policies, procedures, processes and/or related documents in support of mobile technology and compliance with associated regulatory guidelines
Interfaces with management and staff to determine appropriate policy, procedure, and methods requirements
Assists in identifying improvements to the processes for creating, publishing and maintaining policies, procedures, processes and/or related documents
May participate in the creation and presentation of materials for webinars, blogs, and in-person presentations. Public speaking experience is desirable.
Applies analytical skills, research skills, and interpersonal skills to a broad range of technical, process, and human-factor issues in support of payment industry standards, guidance, and education.
Additional Information: Location: Work From Home - North America or United Kingdom Position Type: Full-Time Salary: DOE
PCI SSC is an Equal Opportunity Employer
SKILLS AND ABILITIES REQUIRED:
At least 5-7 years of technical experience in one or more of the following subject areas:
Mobile (e.g., cellular, Android/iOS, protocols, and devices)
Mobile app development or related laboratory assessment of mobile devices
Payment technology infrastructure
Cryptography
Cloud computing (e.g., HCE, containers, and visualization)
At least 3-5 years of technical experience in cybersecurity, with preference for work associated with PCI standards
One or more of the following professional certifications or equivalent:
CISA
CISSP
Other relevant technical/security credentials (e.g., C|EH, CCFP, and GIAC)
Bachelor's or Master's degree or graduate certification in Computer Science, Engineering, Cyber Security or similar
Experience in writing business documentation such as policies, standards & procedures, and/or training documentation.
Experience documenting industry standards
Ability to interact with various users, including management, to resolve outstanding questions/issues and proactively identify ways to enhance end-user experience
Ability to prioritize support requests and to effectively manage workload
Ability to perform comfortably in a fast-paced, deadline-oriented work environment
Ability to work as a team member, as well as independently
Ability to process information with high levels of accuracy
Excellent written and oral communication skills.
About PCI Security Standards Council
The PCI Security Standards Council is a global forum for the ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection.
