PCI Security Standards Council, LLC
  • Stakeholder Engagement
  • USA
  • Full Time

Reporting directly to the PCI Security Standards Council's Director of Training Programs, you will play a key role in the development and delivery of PCI training materials, throughout the full range of our training, from PCI Awareness to Point-to-Point Encryption (P2PE) training. You will understand and teach the intent of the Council's standards to information security professionals, using your former assessor and information security experience to share the applicability of the PCI requirements, as well as providing insight from previous assessment work. You will help shape and improve the future development of the Council's training materials.


Key Responsibilities:

  • Work with the Director of Training Programs and PCI SSC to develop and maintain a robust volume of training material

  • Conduct training courses, both on-site and online, for Payment Card Industry Security Standards Council (PCI SSC); courses will be intended to train assessors, merchants, acquirers and other entities regarding the intent of the PCI standards

  • Design and develop technical training curriculum and programs, both on-site and online, for security professionals, merchants and other entities; training will support all PCI SSC programs such as the Qualified Security Assessor (QSA), 3-D Security (3DS)) and Qualified PIN Assessor training programs

  • Evaluate prerequisite skills and knowledge for trainees; ensure that training courses address all levels of employees, including Continuing Education credit required for recertification

  • Review and analyze course evaluations to determine effectiveness of training sessions

  • Implement revisions to course materials as necessary to improve training effectiveness

  • Keep informed of and maintain proficiency with security best practices, current PCI standards, as well as cryptographic and tokenization practices

Skills and Abilities:

  • Bachelor's degree (or equivalent) with a minimum of 7+ years of hands-on security assessment, technical training and/or PCI DSS experience

  • Strong understanding of information systems and networking diagrams; experience assessing the security infrastructure for large merchants or service providers
  • Experience working with communications practices, principles and procedures for both on-site and online presentations

  • Strong working knowledge of the financial industry and the lifecycle of payment card transactions, audit methodologies and security assessment tools, coupled with working experience with software development methodologies and practices

  • Blend of curiosity, creativity, persistence, commitment, passion and optimism, as well as flexible, proactive, quick to learn and possessing a can-do attitude

  • Excellent communication skills; the ability to express thoughts clearly both orally and in writing

  • Knowledge of how to listen and ability to contribute in a team environment required

  • Scanning networks for vulnerabilities such as that conducted by an Approved Scanning Vendor (ASV)

  • Presenting both technical and non-technical concepts to audiences with diverse understanding of information security

  • Understanding information security best practices and applying that knowledge to PCI requirements

  • Strong organization and time-management skills

  • Comfortable working independently and as part of a team

  • Experience with productivity tools (such as Microsoft Office) and ability to develop effective presentation materials

  • Willingness to travel 30% or more

Strong preference given to applicants with the following experience:

  • Industry certifications (such as QSA, ISA, PCIP, CISSP, CISA, CISM)
  • Project lead for a PCI DSS, Card Production, Qualified PIN Assessor or other PCI led effort
  • Knowledge of point-to-point encryption (P2PE) implementations, methodologies and other techniques for the protection of cardholder account data

  • Knowledge of PCI PIN security standards and Key Management techniques used to protect PIN data
  • Card Production Assessor experience with either physical or logical security requirements
  • Experience with secure software development processes or participation with secure software development lifecycle techniques (SDLC)
  • Knowledge of cryptographic key management methodologies for the protection of payment card data for payment transaction processing, with emphasis on cardholder authentication data and HSMs

  • Knowledge and understanding of EMV technology

  • Experience or knowledge with cloud based technologies and services
  • Experience of creating effective training content for online Learning Management Systems (LMS), hands on experience with online authoring tools or LMS


Additional Information:

Location: Work From Home; and available in US/Canada

Position Type: Full-Time

Salary: DOE

PCI Security Standards Council, LLC
  • Apply Now

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page