Wealthsimple

Program Manager, PCI Compliance

Wealthsimple • $90K — $120K *
Toronto, ON M3C 0E3In-Person
Finance & Insurance
Less than 5 years of experience
3 days ago
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 3+ years in PCI DSS roles within payments environments
  • Certified (CISSP, CISA, CISM, PCIP, PCI QSA)
  • Deep knowledge of network architecture for payment data security
  • Proficient in information security frameworks and standards
  • Independent worker capable of managing multiple tasks
  • Strong communication skills for technical and non-technical collaboration
  • Exceptional organizational skills and project management capabilities

Responsibilities

  • Maintain and manage PCI DSS scope including periodic reviews
  • Coordinate annual external assessments with QSA
  • Define and manage vendor/third-party assessment processes
  • Ensure compliance of systems and applications with PCI DSS
  • Identify and mitigate security risks related to payment card data
  • Provide status reports on compliance findings and remediation
  • Create and maintain necessary PCI DSS documentation

Benefits

  • Top-tier health benefits and life insurance
  • Long-term group savings with employer match
  • 20 vacation days and 4 wellness days, plus unlimited sick days
  • Opportunity to work outside Canada for up to 90 days annually
  • Supportive employee resource groups for diverse communities
  • Hybrid work environment with a collaborative team culture
Full Job Description
The Security GRC team plays a critical role in maintaining compliance over security frameworks and creating a space for risk mitigation and oversight. We want to ensure that Wealthsimple maintains a secure operational environment by implementing and monitoring controls designed to protect information, systems and infrastructure.

Within the compliance management domain, we aim to ensure Wealthsimple meets the necessary requirements and obligations set forth by regulatory bodies, industry standards, contractual agreements and internal policies. Monitoring controls to ensure continuous compliance and control improvements.

In this role you'll have the opportunity to:
  • Maintain and manage the PCI DSS scope, including periodic scoping exercises and CDE boundary reviews
  • Coordinate and conduct an annual external assessment with a QSA
  • Define and manage the vendor/third-party assessment process for entities that handle or touch cardholder data (SAQ collection, contractual requirements)
  • Ensure systems, applications and internal processes comply with latest PCI DSS requirements
  • Work cross-functionally to identify, mitigate and manage security risks related to payment card data
  • Provide status reports for findings and provide relevant recommendations for remediation
  • Own the PCI DSS impact assessment process for new products, features, and infrastructure changes, providing sign-off before launch
  • Create and maintain relevant documentation and policies as required by PCI DSS
  • Facilitate cross functional team coordination to ensure controls are operating effectively and help identify areas for improvement
  • Develop and deliver PCI DSS awareness training for relevant internal teams
  • Leverage automated compliance tooling to monitor control health, track remediation, and generate reporting for leadership
  • Own preparation of PCI DSS status reporting for management and audit committee meetings

We are looking for someone who has:
  • 3+ years of experience focused on PCI DSS in a payments environment
  • CISSP, CISA, CISM, PCIP, PCI QSA and/or other relevant certifications
  • Solid understanding of network architecture to ensure payment card data is secure
  • Strong knowledge of information security frameworks and standards
  • Ability to work independently and handle multiple priorities
  • Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and communicate both technical and non-technical audit requirements
  • Holds self and others accountable to meet commitments
  • Demonstrates exceptional organizational and project management skills by maintaining detailed documentation and ensuring timely follow up on action items


🌸 Top-tier health benefits and life insurance

Long-term group savings with employer match, through Wealthsimple for Business

20 vacation days, 4 wellness days, and unlimited sick and mental health days per year

90 days away: work outside Canada for up to 90 days per year

Employee resource groups, including Rainbow (2SLGBTQ), Women of WS, and Black at WS

We are a hybrid team with over 1,500 employees across North America. The people are one of the best parts of working here: you'll collaborate with incredibly talented, curious, and driven teammates who are deeply committed to doing great work.

About Wealthsimple

Wealthsimple is a financial services company that provides online investment management and trading services. The company's platform allows users to invest in a variety of financial products, including stocks, bonds, and exchange-traded funds (ETFs), and offers a range of tools and resources to help users manage their investments. Wealthsimple also offers a high-interest savings account and a tax preparation service. The company was founded in 2014 and is headquartered in Toronto, Canada.
Learn more about Wealthsimple
Size
500 employees
Industry
Finance & Insurance
Founded
2014
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Wealthsimple

More Finance & Insurance Jobs

Find similar Program Manager, PCI Compliance jobs:

NationwideToronto, ON