PCI Compliance Lead
Old National Bank · Chicago, IL · 3 wk ago
Finance$98k–$199k/yrFull-time
Responsibilities
- Lead the organization’s PCI Compliance Program including Payment Card Industry Data Security Standard (PCI-DSS).
- Ensure compliance with PCI Standards and PCI-DSS requirements to protect cardholder data and maintain secure payment environments.
- Drive education, communication, and training initiatives which promote behaviors which reduce risk and reinforce a strong information security and risk management culture.
- Collaborate with first-line teams and risk offices on control design, refinement, and implementation of PCI-related safeguards.
- Coordinate with Procurement and Third-Party Risk Management to evaluate and track PCI compliance obligations for vendors and partners.
- Perform PCI assessments to support compliance, safeguard cardholder data, reduce security risk, and strengthen overall security posture.
- Conduct control testing to evaluate effectiveness and identify gaps, providing actionable recommendations.
- Manage PCI audits, including evidence gathering, issue socialization, and support for remediation activities.
- Create and maintain PCI compliance dashboards, scorecards, and KPIs to monitor program effectiveness and risk trends.
- Stay current with industry regulations, frameworks, and best practices such as PCI, ISO27XXX, NIST, CRI, SCF, GLBA, and SOX.
- Proactively support identification of emerging compliance issues and recommended information security and technology risk improvements.
Qualifications
- Bachelor’s degree in Cybersecurity, Information Security, Information Technology, Business, or a related field
- 7+ years of experience in compliance, risk management, or information security, with a strong focus on PCI-DSS
- Direct experience building a PCI Compliance Program and managing the PCI-DSS compliance lifecycle from readiness to certification
- Experience working with QSA firms in a regulated environment
- Experience with frameworks and best practices such as ISO27XXX, NIST CSF, CRI, SCF
- Excellent project management, leadership, and communication skills
- Achieved or in pursuit of a globally recognized information security certification such as PCI Internal Security Assessor (ISA), PCI Professional (PCIP), CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), or equivalent preferred
- Formal project or program management certification (e.g., PMP, PgMP) strongly preferred
Benefits
Old National offers a competitive compensation package, including a salary range of $98,400-$199,000 plus incentive bonus. Additional benefits include:
- Medical, dental, and vision insurance
- 401K
- Continuing education opportunities
- An employee assistance program
- A variety of Impact Network Groups led by team members passionate about driving engagement, creating awareness of diverse backgrounds and experiences, and building inclusion across the organization