Senior Program Manager - Grc - Compliance Assessments

Summary

Lead and deliver complex compliance assessment programs within the Governance Risk and Compliance team, focusing on PCI and other regulatory frameworks. Partner with internal technical and business stakeholders and external assessors to manage assessment lifecycles, drive process improvements, and enhance the Common Control Framework to improve control testing efficiency.

Responsibilities

• Lead end to end compliance assessments and coordinate with external assessors
• Manage remediation plans including documentation tracking and validation
• Serve as a PCI subject matter expert and manage annual merchant assessments
• Define and report KPIs and KRIs to measure control posture effectiveness
• Drive standardization and enhancement of assessment programs and controls
• Provide guidance on security policies and regulatory requirements
• Identify and implement process improvements and automation opportunities
• Mentor and support growth of other program managers
• Collaborate across departments to resolve technical and compliance issues

Requirements

• Bachelor or Master degree or equivalent experience
• Minimum 5 years program management and delivery experience
• Minimum 5 years managing technically complex PCI assessments end to end
• Proficiency with security and regulatory frameworks such as NIST CIS SOX HIPAA PCI DSS CCPA
• Experience with Common Control Frameworks
• Broad understanding of retail business channels including online phone and store sales
• Ability to operate autonomously and drive results
• Strong collaboration and communication skills across stakeholder levels
• Preferred experience with assessment automation security tooling and GRC platforms