Senior Program Manager - GRC Compliance Assessments

Summary

Senior Program Manager on the Governance Risk and Compliance Compliance Assessment Team leading scalable compliance programs to reduce risk and ensure audit success. This role manages complex technical assessments including PCI and partners with internal and external stakeholders to drive continuous improvement automation and standardization of control frameworks.

Responsibilities

• Lead and manage compliance assessments with external assessors and internal technical and business stakeholders
• Serve as a PCI subject matter expert and manage annual merchant assessments
• Develop and execute assessment test approaches and validation techniques across regulatory frameworks
• Manage lifecycle of risk and compliance remediation plans including documentation tracking and validation
• Drive standardization and enhancement of assessment programs and the Common Control Framework
• Provide input on security policies and standards to ensure regulatory compliance
• Define KPIs and KRIs and report on control posture and audit effectiveness
• Mentor and support growth of other program managers and foster ownership and impact

Requirements

• Bachelor or Master degree or equivalent experience
• 5 years program management and delivery experience
• 5 years managing technically complex PCI assessments end to end at a Level 1 merchant
• Proficiency with security and regulatory frameworks such as NIST PCI DSS SOX HIPAA CCPA
• Understanding of retail business channels including online phone and physical stores
• Experience with Common Control Framework development or maintenance
• Strong communication collaboration and stakeholder management skills
• Experience with assessment automation and security tooling preferred