Senior PCI Program Manager
Who we are:
Rover.com connects pet parents with the nation’s largest network of pet sitters and dog walkers. On Rover, pet parents can easily discover, book, and manage personalized care for their dogs including pet sitting, dog walking, and doggy day care. Founded in 2011 on the belief that everyone should have the opportunity to experience the unconditional love of a dog, Rover improves and simplifies life for pet parents and the dogs they love.
We're headquartered in downtown Seattle. We're an agile, fast-growing startup, and our leadership comes from some of the country's most respected tech companies. Our Senior Leadership team has been recognized by Forbes, Seattle Business, and Geekwire. We've been named among Seattle's "Best Places to Work" in Seattle Met magazine, Seattle Business Magazine, and the Puget Sound Business Journal in 2016 and 2017. We're also the recipient of World’s Most Dog-Friendly Offices in 2016 byInc.com. Needless to say (but we're going to say it anyway)—we love dogs, and we wouldn't dream of going to work without them by our sides.
Who we're looking for:
Rover.com is looking for a Senior level program manager who will be responsible for working with our Technology, Software, Marketplace, and Product Management teams to grow and expand the Rover business in our PCI environment. In 2018, Rover identified the need to protect both our consumers, brand, and overall payment platform. The time to join our team at the ground level, to be apart of a new and exciting security challenge is what we are offering! Rover’s IT Security and Compliance Team is fastly growing, and this is an exciting opportunity come join our team!
- Build, then manage the ongoing maintenance and oversight of PCI remediation observations, management responses and status tracking, along with any assessments required to monitor and improve Rover’s overall compliance posture and reporting; ensures adherence to and attainment of technology compliance / audit requirements of specific controls.
- Performs compliance impact assessments for all project requests, including related reviews for products, features and ongoing development; reports on control gaps and escalating possible critical issues that impact SOX compliance, as required.
- Customarily and regularly develops and writes governance & compliance department policies and procedures including the ongoing development and maintenance of a practical SOX and PCI compliance program.
- Serves as SME to ensure team members and stakeholders including third-party suppliers and their employees are aware of compliance obligations and how to support compliant behavior and uses of technology; and participates in wider compliance awareness and training efforts
- Ensures SOX and PCI compliance policies are properly communicated to department leaders and HR; reviews all employee violations of computer security procedures, providing recommendations and solutions as required.
- Responsible for providing guidance and assistance to process owners, end-users and internal / external auditors in identifying and assessing SOX and PCI compliance requirements; evaluates related risks and control gaps, proposing solutions for new applications, workstations, distributed computing applications, servers, and local and wide-area networks and internet, intranet, and extranet.
- Coordinates quarterly / annual SOX and PCI compliance programs including process reviews, control updates, control test planning and execution, gap and issue identification, and remediation status reporting.
- Facilitates the PCI Charter oversight and functions, including but not limited to, coordinating the PCI Committee status reports and meetings.
- Actively participates in corporate-wide risk and compliance related communities.
- Actively collaborates and coordinates key IT SOX and PCI processes with internal audit, ensuring adherence to approved policies and procedures.
- Develops and manages effective working relationships with other departments, cross functional groups, and key personnel with whom work must be coordinated and / or interfaced.
- Performs other related duties as assigned.
- Bachelor’s Degree in Computer Science, IS or related field or combination of education and equivalent work experience in a related field required.
- Any of PMP, CISA, ISA, CRISC or PCIP certifications preferred or the ability to achieve within six months preferred.
- 5-7 years of experience in Payment Platform Solutions, Payment Providers or a related field.
- Minimum 3 years of experience in direct PCI-DSS compliance and / or auditing.
- Demonstrated experience with a variety of compliance concepts, practices, and procedures including understanding and building upon IFrame solution capabilities.
- Demonstrated understanding and knowledge of diverse technology landscapes; including cloud environments.
- Demonstrated experience in developing and deploying best practices, policies, procedures and processes.
- Experience in understanding IT architecture and security capabiltiies.
- Possess excellent written and verbal communication skills.
Why We'll Hire You:
- You're qualified for the position and your values align withRover's Core Values.
- You get along well with others and thrive in a collaborative, team-oriented environment.
- You're eager to learn and improve your craft as a SOX and PCI guru!
- You're able to take loose requirements, work with others to figure out what needs to be done, and drive a project forward.
Benefits of Working at Rover.com:
- Competitive compensation
- Stock options
- Unlimited paid time off
- Competitive benefits package, including medical, dental, and vision insurance
- Commuter benefits
- Bring your dog to work (and unlimited puppy time)
- Doggy benefits, including $1000 toward adopting your first dog
- Stocked fridges, coffee, soda, and lots of treats (for humans and dogs)
- Free catered lunches semi-monthly
- Regular team activities, including happy hours, snow tubing, game nights, and more
- 50 free dog walks a year
Rover embraces diversity and opposes discrimination.
Candidates must be eligible to work in the US.
Read Full Job Description