PCI Security Standards Council, LLC
  • Standards
  • USA
  • Salary
  • Full Time

The Standards Development Manager will play a key role in the ongoing development of the PCI security standards, as well as contribute to other Council program initiatives. The Standards Development Manager will work directly with the PCI technical working groups to draft information security content for our portfolio of standards and develop requirements and supporting documentation for new and emerging standards. The Standards Development Manager will also be responsible for supporting project management for ongoing work assignments and status reporting of deliverables to senior leadership.  


Key Responsibilities: 

  • Contribute first-hand experience and technical security skills to develop technical security requirements for payments industry security standards 
  • Coordinate research and input from various stakeholders for inclusion in technical and business security requirements
  • Develop testing procedures and reporting frameworks to support assessments against the standards
  • Review and evaluate feedback on current standards, provide recommendations, and architect changes as agreed to by the Working Groups
  • Draft and contribute to supporting materials, covering various technologies and payment industry topics, such as EMV, mobile security, e-commerce, and wireless networking, as applicable to PCI standards
  • Participate and represent the Council in various forums, including Working Groups, Task Forces, webinars, etc.
  • Solicit and evaluate feedback to identify industry demand for guidance in particular topic areas
  • Contribute articles and content to various stakeholder communications, including marketing releases, newsletters, training programs, and webinars
  • Respond to technical inquiries received by the Council
  • Maintain proficiency with security best practices for the payments industry


Skills and Abilities: 

  • Minimum of 4+ years of information security and/or payment card industry experience
  • Security industry certifications (such as CISSP, CISA, CISM)
  • Bachelor's degree required
  • Expertise in secure software design and development, application security testing, and secure software lifecycle methodologies and principles
  • Previous experience in two or more of the following areas required:
    • Security and/or auditing of payment card production, card bureau, or card vendor environments
    • Evaluation or deployment of cardholder authentication mechanisms, such  as 3D Secure implementations  
    • Implementation of physical and logical security considerations for high security areas, such as those used for payment card provisioning, payment token (e.g. mobile wallets) provisioning, or other financial services with high security needs
    • Evaluation or deployment of cryptographic solutions for payment transactions, mobile payment applications, and/or cloud-based payment environments
    • Assessing security infrastructure for financial institutions,  large enterprise merchants, and/or service providers
    • PTS and PIN security requirements and/or assessments
  • Excellent English written and oral communication skills; ability to express thoughts clearly; strong listening skills; and the ability to communicate effectively to different audiences
  • Strong comprehension skills for understanding information security best practices and applying knowledge to different scenarios
  • Flexible, proactive, quick to learn and possessing a can-do attitude
  • A blend of curiosity, creativity, persistence, commitment, passion and optimism
  • Self-discipline with attention to detail and time management
  • Ability to work effectively in a remote team environment to meet quality and schedule deadlines


Strong preference given to those with the following experience:

  • Working knowledge of the financial and payment card processing industries and the lifecycle of payment card transactions
  • Technical understanding of mobile payment transaction architectures (e.g. Secure Element, HCE, OTA provisioning, mPOS acceptance, etc.)
  • Working knowledge of audit methodologies and security assessment tools
  • Experience developing information systems and networking diagrams
  • Business and technical writing experience, including published information security articles
  • Working experience with software development methodologies and practices
  • Ability to communicate information security and other technical concepts to diverse audiences
  • Experience with communications practices, principles, and procedures for both onsite and online presentations
  • Experience with Microsoft Office products and ability to develop presentation material using PowerPoint
  • Willingness to travel up to 30%


Additional Information:

  • Location: Remote (Work from Home) in US, UK or Canada
  • Position Type: Full-Time
  • Salary: DOE


PCI SSC is an Equal Opportunity Employer

PCI Security Standards Council, LLC
  • Apply Now

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page