PCI Manager

Amex GBT is a place where colleagues find inspiration in travel as a force for good and – through their work – can make an impact on our industry. We’re here to help our colleagues achieve success and offer an inclusive and collaborative culture where your voice is valued.

• Lead the planning, coordination, and execution of PCI DSS assessments, including interactions with Qualified Security Assessors (QSAs).
• Maintain and update PCI scope documentation, including network diagrams, asset inventories, data flows, and evidence repositories.
• Manage remediation efforts and work closely with internal stakeholders (IT, Product, Engineering, and Risk teams) to address gaps and implement required controls.
• Ensure ongoing compliance through continuous monitoring, self-assessments, control validations, and evidence collection.
• Establish and enforce policies, procedures, and standards aligned with PCI DSS and other relevant regulatory requirements.
• Provide subject matter expertise on PCI requirements across access control, encryption, application security, vulnerability management, and logging/monitoring.
• Drive compliance automation and continuous control monitoring initiatives to improve audit readiness and efficiency.
• Educate teams across the organization on PCI obligations and support secure implementation practices during application development and infrastructure changes.
• Track regulatory and industry updates to PCI standards and guide the organization through evolving requirements.

• Extensive Knowledge of PCI DSS: Strong understanding of PCI DSS 4.0 framework, including the ability to interpret requirements and apply them in complex, distributed environments.
• Hands-On PCI Audit Experience: Demonstrated experience managing the full lifecycle of PCI audits, including readiness assessments, evidence management, QSA coordination, and remediation tracking.
• Technical Competence: Familiarity with application and infrastructure architectures, including secure software development practices, authentication methods, access control mechanisms, and data protection.
• Program Management Skills: Strong organizational and project management capabilities to coordinate across multiple teams and manage deadlines, deliverables, and risk mitigation activities.
• Communication & Influence: Proven ability to engage with technical and business stakeholders, explain compliance requirements clearly, and drive cross-functional alignment.
• Analytical Mindset: Ability to assess control effectiveness, identify process gaps, and recommend practical, risk-based solutions.
• Experience in Large-Scale Environments: Prior experience operating in enterprise-level environments with diverse systems, third parties, and hybrid (cloud/on-prem) infrastructure.
• Certifications Preferred: PCI ISA, CISA, CISSP, or other relevant compliance/security certifications.
• Strong familiarity with project management methodologies and best practices.
• Travel industry, Travel Operations or TMC experience is a plus.
• Exceptional leadership and team management skills, with the ability to inspire and motivate cross-functional teams.
• Excellent communication and interpersonal skills, with the ability to manage stakeholder expectations and build strong relationships.
• Strong problem-solving skills and the ability to make decisions under pressure.
• Excellent written and verbal communication skills.
• Ability to navigate the organization, collaborate effectively with multiple stakeholders and overcome project barriers.
• Fast learner with the ability to quickly adapt and prioritize focus.
• Solid follow through with minimal management.
• Good business & technical acumen.
• Detail-oriented with a commitment to delivering high-quality results.
• Strong sense of personal accountability regarding decision-making and managing teams

Location

The US national annual base salary range for this position is from $70,000 to $140,000.  The national range provided includes the base salary that GBT expects to pay for the role.  Actual base salary will be based on factors including the scope and complexity of the role and the successful candidate’s relevant experience, skills, knowledge, and work location.

In addition to base salary, this role is eligible for our Annual Incentive Award plan, which rewards participants based on company and individual performance.  For information about our comprehensive US benefits programs and eligibility, please review our Benefits-at-a-Glance document.

Benefits at a glance

The #TeamGBT Experience

Work and life: Find your happy medium at Amex GBT.

• Flexible benefits are tailored to each country and start the day you do. These include health and welfare insurance plans, retirement programs, parental leave, adoption assistance, and wellbeing resources to support you and your immediate family.

• Travel perks: get a choice of deals each week from major travel providers on everything from flights to hotels to cruises and car rentals.

• Develop the skills you want when the time is right for you, with access to over 20,000 courses on our learning platform, leadership courses, and new job openings available to internal candidates first.

• We strive to champion Inclusion in every aspect of our business at Amex GBT. You can connect with colleagues through our global INclusion Groups, centered around common identities or initiatives, to discuss challenges, obstacles, achievements, and drive company awareness and action.

• And much more!

All applicants will receive equal consideration for employment without regard to age, sex, gender (and characteristics related to sex and gender), pregnancy (and related medical conditions), race, color, citizenship, religion, disability, or any other class or characteristic protected by law.

Click Here for Additional Disclosures in Accordance with the LA County Fair Chance Ordinance.

Furthermore, we are committed to providing reasonable accommodation to qualified individuals with disabilities. Please let your recruiter know if you need an accommodation at any point during the hiring process. For details regarding how we protect your data, please consult the Amex GBT Recruitment Privacy Statement.

What if I don’t meet every requirement? If you’re passionate about our mission and believe you’d be a phenomenal addition to our team, don’t worry about “checking every box;" please apply anyway. You may be exactly the person we’re looking for!