Who we are:

Rover.com connects pet parents with the nation’s largest network of pet sitters and dog walkers. On Rover, pet parents can easily discover, book, and manage personalized care for their dogs including pet sitting, dog walking, and doggy day care. Founded in 2011 on the belief that everyone should have the opportunity to experience the unconditional love of a dog, Rover improves and simplifies life for pet parents and the dogs they love.

We're headquartered in downtown Seattle. We're an agile, fast-growing startup, and our leadership comes from some of the country's most respected tech companies. Our Senior Leadership team has been recognized by Forbes, Seattle Business, and Geekwire. We've been named among Seattle's "Best Places to Work" in Seattle Met magazine, Seattle Business Magazine, and the Puget Sound Business Journal in 2016 and 2017. We're also the recipient of World’s Most Dog-Friendly Offices in 2016 byInc.com. Needless to say (but we're going to say it anyway)—we love dogs, and we wouldn't dream of going to work without them by our sides.

Who we're looking for:

Rover.com is looking for a PCI-DSS Program Manager who will be responsible for working with our Technology, Software, Marketplace, and Product Management teams to grow and expand the Rover business in our PCI-DSS environment. In 2018, Rover identified the need to protect both our consumers, brand, and overall payment platform. The time to join our team at the ground level, to be apart of a new and exciting security challenge is what we are offering! Rover’s IT Security and Compliance Team is fastly growing, and this is an exciting opportunity come join our team! 

Job Responsibilities:

• Build, then manage the ongoing maintenance and oversight of PCI-DSS remediation observations, management responses and status tracking, along with any assessments required to monitor and improve Rover’s overall compliance posture and reporting; ensures adherence to and attainment of technology compliance / audit requirements of specific controls.
• Develop and carry out information security plans and policies as it relates to PCI-DSS-DSS capabilities and compliance.
• Awareness training of the workforce on information security standards, policies and best practices that help educate, evangelize, and grow PCI-DSS-DSS awareness
• Implement protections and help define defense-in-depth or detective layers of our cloud environment for PCI-DSS implications and help solve architecture gaps to maintain PCI-DSS attestation.
• Conduct periodic network scans to find any vulnerability and work with engineering teams to remediate the vulnerabilities for PCI-DSS maintenance
• Customarily and regularly develops and writes governance & compliance department policies and procedures including the ongoing development and maintenance of a practical PCI-DSS compliance program.
• Serves as SME to ensure team members and stakeholders including third-party suppliers and their employees are aware of compliance obligations and how to support compliant behavior and uses of technology; and participates in wider compliance awareness and training efforts
• Ensures PCI-DSS compliance policies are properly communicated to department leaders and HR; reviews all employee violations of computer security procedures, providing recommendations and solutions as required.
• Responsible for providing guidance and assistance to process owners, end-users and internal / external auditors in identifying PCI-DSS compliance requirements; evaluates related risks and control gaps, proposing solutions for new applications, workstations, distributed computing applications, servers, and local and wide-area networks and internet, intranet, and extranet.
• Facilitates the PCI-DSS Charter oversight and functions, including but not limited to, coordinating the PCI-DSS Committee status reports and meetings.
• Actively collaborates and coordinates key PCI-DSS processes with internal audit, ensuring adherence to approved policies and procedures.
• Develops and manages effective working relationships with other departments, cross functional groups, and key personnel with whom work must be coordinated and / or interfaced.
• Performs other related duties as assigned.

Qualifications:

• Bachelor’s Degree in Computer Science, IS or related field or combination of education and equivalent work experience in a related field required.
• Any of PMP, CISA, ISA, CRISC or PCIP certifications preferred or the ability to achieve within six months preferred.
• 5-7 years of experience in Payment Platform Solutions, Payment Providers or a related field.
• Minimum 3 years of experience in direct PCI-DSS compliance and / or auditing.
• Demonstrated experience with a variety of compliance concepts, practices, and procedures including understanding and building upon IFrame solution capabilities.
• Demonstrated understanding and knowledge of diverse technology landscapes; including cloud environments.
• Demonstrated experience in developing and deploying best practices, policies, procedures and processes.
• Experience in understanding IT architecture and security capabiltiies.
• Possess excellent written and verbal communication skills.

Why We'll Hire You:

• Bachelor’s Degree in Computer Science, IS or related field or combination of education and equivalent work experience in a related field required.
• Any of CISM, ISA, CRISC or PCI-DSSP certifications preferred or the ability to achieve within six months preferred.
• 5-7 years of experience in Payment Platform Solutions, Payment Providers or a related field.
• Minimum 3 years of experience in direct PCI-DSS-DSS compliance and / or auditing.
• Demonstrated experience with a variety of compliance concepts, practices, and procedures including understanding and building upon IFrame solution capabilities.
• Demonstrated understanding and knowledge of diverse technology landscapes; including cloud environments.
• Demonstrated experience in developing and deploying best practices, policies, procedures and processes.
• Experience in understanding IT architecture and security capabilities.
• Possess excellent written and verbal communication skills.

Benefits of Working at Rover.com:

• Competitive compensation
• 401k
• Stock options
• Unlimited paid time off
• Competitive benefits package, including medical, dental, and vision insurance
• Commuter benefits
• Bring your dog to work (and unlimited puppy time)
• Doggy benefits, including $1000 toward adopting your first dog
• Stocked fridges, coffee, soda, and lots of treats (for humans and dogs)
• Free catered lunches semi-monthly
• Regular team activities, including happy hours, snow tubing, game nights, and more
• 50 free dog walks a year

Rover embraces diversity and opposes discrimination.

Candidates must be eligible to work in the US.