Payment Card Industry (PCI) Compliance Lead

Payment Card Industry (PCI) Compliance Lead

Location: Hyderabad, India

Employment Type: Full-Time

Experience Level: 4-6 Years

Position Overview

We are seeking a skilled and motivated Technical Lead, Payment Card Industry (PCI) Compliance to join our IT Risk Management team in Hyderabad, India. The candidate will be responsible for managing the end-to-end PCI compliance lifecycle, including internal assessments, evidence collection, control validation, and audit readiness. The ideal candidate will bring deep expertise in PCI DSS (v3.2.1 and above), strong program management capabilities, and the ability to collaborate across technical and business teams to ensure the security of payment card data and alignment with broader risk and compliance objectives.

Key Responsibilities

• Lead internal PCI DSS assessments in collaboration with information security officers, application owners, and service teams.
• Manage the PCI compliance program roadmap, including evidence preparation, control testing, and remediation tracking.
• Map PCI requirements to internal controls and ensure alignment with enterprise risk and GRC frameworks.
• Conduct gap analyses, risk assessments, and root cause analysis for PCI-related findings.
• Develop and maintain PCI-related policies, procedures, and documentation.
• Coordinate with QSAs and internal stakeholders during formal assessments and audits.
• Identify and implement opportunities for automation, including GenAI use cases for evidence collection and control testing.
• Define and track key performance and risk indicators (KPIs/KRIs) to measure program effectiveness.
• Provide regular reporting to leadership on compliance status, risk posture, and remediation progress.
• Collaborate with cross-functional teams across IT and the business to enable results and deliver outcomes.

Required Skills & Experience

• 5+ years of experience supporting or leading PCI-DSS compliance efforts for Level 1 or 2 organizations.
• Strong understanding of PCI DSS v3.2.1 or later, including testing methodology and control requirements.
• Experience with both on-premise and cloud-based environments.
• Proven ability to collaborate with cross-functional teams and drive compliance initiatives to completion.
• Strong problem-solving skills and attention to detail.
• Experience developing and implementing PCI policies, standards, and procedures.
• Excellent communication, documentation, and stakeholder engagement skills.
• Must obtain PCI ISA certification within 612 months of hire (if not already certified).

Nice to Have Skills

• PCI QSA, ISA, or PCIP certification.
• Additional certifications such as CISSP, CISM, GIAC, etc
• Experience with GRC platforms (e.g., Archer, ServiceNow GRC).
• Familiarity with financial services environments.
• AWS experience

What We Offer

• Opportunity to work closely with teams of information security professionals, data engineers, and business leaders to bring actionable insights to the business via enhanced metrics and innovative solutions.
• Collaborative work environment with global teams.
• Competitive salary and comprehensive benefits.
• Continuous learning and professional development opportunities.