Information Security Engineer

PCI Compliance Expert, Information Security Denver, CO (Hybrid)

Do you thrive in compliance and PCI audits within cybersecurity? Are you excited to learn and grow your skills? Are you interested in joining a globally diverse financial services organization?

Then it’s time to join Western Union as a PCI Compliance Expert.

Western Union powers your pursuit.

In this individual contributor role, you will be responsible for leading Western Union’s global effort to ensure compliance with the Payment Card Industry Data Security Standards (PCI DSS).

This role will be responsible for managing and ensuring the organization’s compliance with PCI DSS, leading the planning and execution of internal and external PCI assessments, providing guidance to PCI-related projects, identifying gaps and risks, and tracking and driving remediation efforts for non-compliance with the standard.

Role Responsibilities

• Lead the planning and execution of PCI audits and assessments for Western Union.
• Coordinate with external assessors, process / control owners, and other key internal / external stakeholders to streamline the assessment process.
• Ensure Western Union maintains compliance with PCI DSS by coordinating efforts to meet all required controls, policies, and standards.
• Work closely with IT and other departments to implement and maintain security controls.
• Drive remediation of control deficiencies and non-compliance issues.
• Oversee and coordinate regular PCI vulnerability scans and ensure timely remediation of identified issues.
• Monitor and report on compliance status to senior management.
• Stay up to date with changes in PCI DSS requirements and industry best practices.
• Will routinely interact and communicate with internal and external stakeholders.
• Will follow and evaluate existing processes. Will be responsible for enhancing and / or creating new processes.
• Will provide guidance on existing and / or new processes.
• Collaborate with various departments and stakeholders. Influences internally and externally.
• Contribute to the GRC’s objectives and goals. Understands how individual responsibilities align with the broader Cybersecurity and enterprise-wide goals.
• Think critically and creatively to analyze and solve moderately to highly complex problems.

Role Requirements

• Minimum 5 years’ experience in Security GRC, IT Security, or a related field with a focus of PCI compliance.
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Requires a PCI-related certification, such as, Qualified Security Assessor (QSA), Payment Application Qualified Security Assessor (PA-QSA), or PCI Professional (PCIP).
• In-depth knowledge of PCI DSS and associated frameworks (i.e., NIST). Has advanced knowledge of cybersecurity concepts, best practices, and technologies.
• Should have strong knowledge or awareness of cybersecurity principles, governance frameworks, risk management methodologies, and compliance standards.
• Excellent written and verbal communication skills. Able to think logically and analytically.
• Demonstrated problem solving skills and the ability to work collaboratively with other departments and business functions.
• Ability to work independently and as part of a team with limited guidance

Salary

The base salary range is $120,000 135,000 USD per year, total on target compensation includes a base salary and short-term (15% of base) incentives that align with individual and company performance.

Actual salaries will vary based on candidates’ qualifications, skills, and competencies.

Benefits

You will also have access to short-term incentives, multiple health insurance options, accident and life insurance, and access to best-in-class development platforms, to name a few ().

Please see the location-specific benefits below and note that your Recruiter may share additional role-specific benefits during your interview process or in an offer of employment.

Your United States specific benefits include :

Family First Program

Flexible Time off

Medical, Dental and Life Insurance

Tuition Assistance Program

Parental Leave

Western Union values in-person collaboration, learning, and ideation whenever possible. We believe this creates value through common ways of working and supports the execution of enterprise objectives which will ultimately help us achieve our strategic goals.

By connecting face-to-face, we are better able to learn from our peers, problem-solve together, and innovate.

Our Hybrid Work Model categorizes each role into one of three categories. Western Union has determined the category of this role to be Hybrid.

This is defined as a flexible working arrangement that enables employees to divide their time between working from home and working from an office location.

The expectation is to work from the office a minimum of three days a week.