Accelerate your career.

Explore opportunities across TA's portfolio

PCI-DSS Compliance Program Manager

MRI Software

MRI Software

Legal, Operations
Cleveland, OH, USA
Posted on Saturday, June 1, 2024

From the day we opened our doors in 1971, MRI Software has built flexible, game-changing real estate software solutions to improve people’s lives. The only way to carry out that mission is to hire the absolute best employees on earth. People like you.

Work hard, play hard. Always. Our relentless commitment to client success, our employee resource groups and our promise to empower our teams to reach their full potential are a few examples of what makes MRI Software special.

And we’re insanely dedicated to creating a work environment that you look forward to every single day. That’s why we invest heavily in our employee engagement, so you enjoy the tech industry’s best perks. Together with the whole Pride, (lion roar for "family") employees, customers, and partners, we’re on a mission to break new ground and lead the real estate industry into a digital-first future.

We understand the need to provide a flexible working environment partnered with team collaboration and socialization. Therefore, we operate a hybrid working model with 3 days in-office and 2 days remotely. This role is based at our HQ in Solon, Ohio.

Applicants must be authorized to work for ANY employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.

The Role:

The PCI-DSS Compliance Program Manager will be responsible for overseeing and managing the organization's PCI-DSS compliance program, ensuring that all processes, systems, and product offerings adhere to the latest audit requirements. This role will collaborate with various cross-functional teams, including Information Technology, Information Security, Product Development, Support, Talent Development, and Legal, to ensure a comprehensive and integrated approach to compliance. As such, this position will require a team player and a self-starter with extensive experience working in cross-functional, tactical and detail-oriented projects to achieve business, operations, compliance and technical goals. The successful candidate will possess strong project management skills, excellent communication abilities. Must have strong understanding of General IT controls, SAP process and configurations, Cloud computing, and a solid grasp of security and privacy concepts. Must be able to quickly understand the essence of multiple new technical ideas and identify potential control weaknesses, breakdowns, and risk areas.

You Will:

  • Develop, implement, and continuously improve the organization's PCI-DSS compliance program, including governance, gap assessments, remediation planning, and ongoing monitoring.
  • Collaborate with cross-functional teams to ensure PCI-DSS requirements are seamlessly integrated into processes, systems, and product offerings.
  • Manage internal and external PCI-DSS assessments, related audits (SOC 1, SOC 2), and work closely with third-party auditors and Qualified Security Assessors (QSAs).
  • Develop and implement PCI-DSS policies, standards, procedures, and security enhancement projects to address new or changing compliance requirements.
  • Perform vulnerability management, review compliance reports, drive remediation efforts, and stay updated on the latest security threats and vulnerabilities.
  • Ensure periodic security scanning (ASV scans) and penetration testing are conducted, risks assessed, and remediation activities are completed within expected timelines.
  • Coordinate with third-party risk management, privacy, legal, and other teams to maintain a comprehensive view of compliance and business needs.
  • Educate and build awareness of PCI-DSS compliance requirements across the organization.
  • Collaborate with product development teams, product owners, and engineering teams to integrate security and compliance requirements into product roadmaps and development processes.
  • Demonstrate strong project management skills, ability to prioritize and deliver against aggressive schedules and shifting priorities, while navigating organizational dynamics and fostering a culture of security and compliance across teams.
  • Demonstrate ability to drive teams to complete projects within allotted time scales and budget.

You Have:

  • Bachelor's degree in Computer Science, Information Technology, or a related field, or equivalent work experience.
  • Minimum of 5 years of experience in project management, information security, audit compliance, or related fields.
  • In-depth knowledge project and program management, including as it relates to audit, targeted risk assessments, and compliance monitoring.
  • Solid understanding of information security policies, standards, industry best practices, and frameworks.
  • Familiarity with cloud architecture (Azure, Entra ID), shared responsibility models, data loss prevention (DLP), and cloud security best practices (DevSecOps, Secure SDLC, etc.).
  • Extensive expertise in security policy creation and compliance monitoring, auditing methodology, and conducting technology risk assessments.
  • Advanced experience with web application and network/endpoint vulnerability scanning and remediation, pen testing, sensitive data discovery and data loss prevention systems.
  • Understanding of network/host firewalls, application gateways/proxies, anti-malware, patch management, disk encryption, centralized configuration, log management, system hardening practices, and related security issues and approaches.
  • Expertise in security concepts like cryptography, identity and access management, logging and monitoring, network/endpoint vulnerability scanning and remediation, pen testing, and data discovery / protection.
  • Proven track record of successfully collaborating with product development teams, product owners, and engineering teams to identify and integrate security and compliance requirements into product roadmaps and development processes.
  • Experience with compliance standards and frameworks, examples include PCI-DSS, SOC, ISO 27001, HIPAA, NIST, and FedRAMP.
  • Experience with audit management tools.
  • Strong project management skills, ability to prioritize and deliver against aggressive schedules and shifting priorities.
  • Excellent communication skills (interpersonal, verbal, written, presentation) and a collaborative mindset.

We’re obsessed with making this the best job you’ve ever had!

We want our teams to love working here, so we’ve created some incredible perks for you to enjoy:

  • Join our employee-led groups to maximize your experience at work such as our Diversity, Equity and Inclusion committee, employee resource groups such as Women and Allies, and our Pride Event Group
  • Enjoy peace of mind over yours and your family’s health with our medical coverage options and HSA benefit
  • Invest in our competitive 401k plan and help set you up for your future
  • Big on family? So are we! We understand family is important and being able to spend quality time with your family is a wonderful experience. Our Parental Leave Program is designed to give you the opportunity to spend even more time with your new arrival(s)
  • Enjoy a fantastic work-life balance with 20 days PTO plus observed Holidays, plus 16 hours of ‘Flexi’ time a year
  • Further your professional development and growth with our generous Tuition Reimbursement offerings
  • Enjoy the flexibility of working from anywhere in the world for two weeks out of the year

At MRI, our company culture is more than a talking point – it’s what makes us shine! We value your hard work and encourage you to be your whole self while you do it. Passion, integrity, and inclusion mixed with a healthy dose of fun is what makes us the best fit for your next career move!

MRI continues to strive to amaze as a global industry leader in real estate software. Whether you are joining as a new pride member or bringing your expertise back, your talent is important to maintaining MRI’s high client experience standard and continuing our growth in the PropTech space.

Amazing growth takes amazing employees. Are you up to the challenge?

We are not accepting unsolicited resumes from agencies and/or search firms for this job posting.

MRI Software is an Equal Opportunity Employer. Regardless of your race, color, religion, sex, national origin, sexual orientation, gender identity, disability, age, veteran status, you are welcome here.