PayJunction is hiring a
Director of Compliance

Summary

PayJunction is seeking a Director of Compliance to help manage compliance audits, draft GRC policies, and reduce compliance burdens. The company values long-term relationships and fosters a collaborative work environment. The position requires a bachelor's degree in a related field, over 5 years of proven experience in a compliance role, and at least 3 years of experience in a leadership role.

Requirements

• Bachelor of Science degree in software or computer engineering, computer science, information technology, information security, business administration, finance, law, or related field
• Over 5 years of proven experience in a compliance role, demonstrating comprehensive understanding and application of regulatory requirements
• Minimum 3 years of experience in a compliance leadership role, showcasing adeptness in leading compliance initiatives and teams

Responsibilities

• Contact, schedule, and contract with compliance auditors as necessary to maintain compliance across multiple standards
• Stay informed with all applicable compliance, regulatory, and legal requirements for our industry
• Help draft update policies for executive leadership to adopt and approve
• Develop a strategy to reduce compliance burdens across multiple standards, by factoring out common denominator requirements
• Implementing comprehensive compliance training specific to PCI DSS, NIST, HIPAA, etc
• Regular risk assessments and mitigation strategies in line with multiple compliance standards
• Document risk reviews, host tabletop exercises, and perform other tasks as necessary to ensure leadership teams and the company are fulfilling their required / scheduled risk management requirements
• Maintaining meticulous records for compliance with various standards
• Communicate with stakeholders on compliance-related issues, updates, and strategies as necessary to fulfill the mission of the compliance department

Preferred Qualifications

• Previous experience as a Qualified Security Assessor (QSA), highlighting expertise in assessing and ensuring compliance with industry standards
• Direct involvement in PCI DSS audits, demonstrating hands-on experience and proficiency in ensuring adherence to payment card industry standards
• Proficiency in at least 2 of the following compliance standards: NIST CyberSecurity, SOC2, HIPAA, CCPA / CPRA
• Demonstrated experience with automated security scans, indicating proficiency in leveraging technological tools for compliance purposes
• Track record of generating and analyzing PCI reports, showcasing strong analytical skills and attention to detail in compliance documentation
• Basic experience in penetration testing, reflecting a foundational understanding of security vulnerabilities and testing methodologies
• Familiarity with Governance, Risk Management, and Compliance (GRC) tools and software

Benefits

• Health, dental, and vision paid 100% by company for you and your dependents
• 401k with 6% match
• FSA and Dependent Care FSA
• Long-term & short-term disability coverage for you paid 100% by company
• 8 paid company holidays per year
• 2 paid floating holidays per year
• 1 paid volunteer day per year
• Paid Time Off
• Home office equipment stipend
• Annual Learning Stipend
• Quarterly “fun budgets” for team bonding events
• Opportunity to be part of a company that is changing a whole industry
• Opportunity for growth within the company
• Opportunity for remote, in-office, or hybrid work