GRC Manager, PCI-DSS Focus
Location
Europe
Posted
23 days ago
Salary
0
Seniority
Senior
Job Description
GRC Manager, PCI-DSS Focus
SALMON ROBOTICS LIMITED
• Own the PCI-DSS program end to end as a service provider: scoping, gap assessment, remediation, certification, and annual maintenance • Define and minimize the cardholder data environment; drive segmentation and scope reduction with engineering and infrastructure • Manage the QSA relationship: scoping workshops, evidence packages, assessment, and findings • Keep the certification live between audits: quarterly requirements, ongoing evidence, control monitoring • Turn PCI and other framework requirements into concrete technical and organizational solutions, working directly with engineering and infrastructure teams • Distinguish between a control that exists on paper and one that actually works, and insist on the latter • Design the processes and evidence flows that keep controls satisfied without constant manual effort • Lead internal and external audits: scope, evidence, finding responses, closure • Build and maintain an evidence base that supports continuous readiness across PCI, ISO 27001, and BSP • Coordinate the ISO 27001 surveillance cycle • Bring structure and ownership to the wider compliance and risk program • Maintain the risk register as a working document and drive treatment with system owners • Run vendor security assessments and track third-party compliance obligations • Report compliance posture clearly to leadership and governance committees
Job Requirements
- 6+ years in security GRC, compliance, or audit, with real ownership of a compliance program
- Has led a PCI-DSS certification end to end, ideally as a service provider, and maintained the status across cycles
- Has managed a QSA relationship and run a real audit, not just supported one
- Has led cardholder data environment scoping and segmentation decisions with technical teams
- Comfortable across at least PCI-DSS and one of ISO 27001 or a banking framework (BSP MORB or equivalent)
- Worked in a regulated environment where compliance was enforced, not aspirational
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Professional development opportunities
Related Guides
Related Categories
Related Job Pages
More Compliance Jobs
Compliance Specialist – Inpatient
Duke UniversityDuke University, a private research university located in Durham, North Carolina, is an institution "fueled by creativity" and "informed by scholarship." Founde
• Implement and maintain Compliance programs in accordance with the Office of Inspector General's work plan. • Educate providers regarding compliance with government regulations. • Assist in performing analysis of current situations and recommend priorities and goals for future clinic needs. • Identify coding and billings risk areas, conduct focused reviews, and implement corrective action as needed. • Conduct routine internal audits of provider documentation on a timely basis. • Collaborate with physicians and internal staff in development of improved capabilities in the areas of documentation, coding, and compliance. • Review internal controls, policies, and procedures to ensure compliance with appropriate guidelines. • Communicate with Medicare/Medicaid Carriers and third party payers regarding policies and procedures. • Promote Compliance initiatives with clinical faculty and administration.
• Create oversight program for regulatory reporting, work with operations, advisory, business units/partners and IT to bridge gaps or provide compliance expertise. • Lead improvement efforts to correct any gaps or deficiencies identified in internal reviews, audits, or regulatory examinations. • Oversee and lead various task forces or discussion groups to address compliance related matters and develop enhancement strategies. • Develop and implement approach for developing metrics and reporting. • Analyze data and create presentations for the Board, Management and other stakeholders. • Develop, revise, and implement Bank-wide compliance policies and procedures and address various compliance matters. • Drive strategy for enhancing the Compliance Risk Assessment, including process, risk and control inventory management. • Lead Compliance technology initiatives, managing relationship and execution • Manage requests from outside regulators and internal audit. • Maintain proficient knowledge of the rules and regulations, including but not limited to, Regulation E, Truth in Savings Act, Unfair, Deceptive or Abusive Acts or Practices (UDAAP), FACTA, Reg Z-Truth in Lending, Reg B-Equal Credit Opportunity Act, Fair Credit Reporting Act. • Builds and maintains strong relationships with key stakeholders and team members. • Provide internal service in accordance with Coastal Core Values. • Because we are a rapidly changing organization, there will be other duties as assigned.
Senior Regulatory Manager
AceableWe work hard to make learning & education easy, enjoyable & accessible for everyone because that’s the way it should be.
• Own the system and requirements behind renewals and approvals across verticals, ensuring deadlines, documentation, and fees are met on time and active approvals remain compliant • Research, verify, and interpret state and jurisdiction-specific laws, regulations, and licensing requirements to identify operational and curriculum requirements for entering new markets and maintaining existing ones • Prepare, compile, and submit regulatory applications and supporting documentation required for new market approvals, school licensure, and course accreditation across multiple states and verticals • Partner with cross-functional teams to translate new market regulatory requirements into actionable operational, product, and content standards ahead of market entry • Work with partners across Product, Engineering, Customer Experience, Finance, Marketing and Learning Experience on regulatory opportunities, questions, and improvements • Establish and document, the regulatory processes, rules, and standards that the broader team follows • Serve as a primary point of contact with regulatory agencies and government bodies, building goodwill and the relationships that move approvals forward • Design and implement scalable regulatory frameworks along with AI assisted systems, and workflows that support expansion into new states and verticals • Mentor junior regulatory staff and set the quality bar others work to, reviewing work, and sharing standards across the team
• Serve as designated compliance officer owning enterprise-wide compliance management, BSA/AML/OFAC policies, procedures and program documentation • Monitor federal and state regulatory developments, assess business impact, advise stakeholders on emerging risks, and implement controls to mitigate them • Design, build implement and monitor an end-to-end, comprehensive and scalable Enterprise Risk and Compliance program • Perform comprehensive risk assessments and policy analysis to determine BSA/AML and other risk exposures, collaborate with cross-functional teams to develop mitigating controls and monitoring strategies. • Develop end-to-end banking-as-a service compliance programs including customer onboarding, ongoing risk assessments, financial transactions review and reporting • Manage bank partner relationships and oversee partner due diligence and cannabis specific program reviews • Lead necessary organizational audits and oversee third-party compliance risk assessments • Build, mentor, and scale a high-performing compliance team • Develop and deliver compliance training for product, operations, and client-facing teams • Drive selection and implementation of specific compliance tools, including AML transaction monitoring, verifications, and case management platforms • Champion a culture of integrity and proactive risk management in a high growth environment




