ZipRecruiter

Log In

1

Pci Compliance Program Manager Jobs (NOW HIRING)

Axon

ITAR Compliance Program Manager

Scottsdale, AZ ยท On-site

Managing Axon's ITAR compliance program including; * Product classification * ITAR license management and administration * Helping guide and enforce Axon ITAR compliance policy and procedure

Ramp

Product Compliance Program Manager

New York, NY ยท Remote

$144K - $220K/yr

About the Role Ramp is seeking an experienced Product Compliance Program Manager to join our Regulatory Compliance team, with a focus on domestic and international money movement and digital asset ...

Son

DHHS Compliance Program Manager II

Kearney, NE

$31.19/hr

JR2026-00027334 DHHS Compliance Program Manager II (Open) Applications No Longer Accepted On (If no date is displayed, job is posted as open until closed): 07-02-2026 Are you detailed and have a ...

Son

DHHS Compliance Program Manager II

Lincoln, NE ยท On-site

$31.19/hr

JR2026-00027334 DHHS Compliance Program Manager II (Open) Applications No Longer Accepted On (If no date is displayed, job is posted as open until closed): 07-02-2026 Are you detailed and have a ...

Carrier

HR Compliance Program Manager

Charlotte, NC ยท On-site

$96K - $192K/yr

The HR Compliance Program Manager drives project execution, cross-functional integration, and program governance across our U.S. and Canada compliance landscape. They keep work visible, accountable ...

Ramp

Product Compliance Program Manager

San Francisco, CA ยท Remote

$144K - $220K/yr

About the Role Ramp is seeking an experienced Product Compliance Program Manager to join our Regulatory Compliance team, with a focus on domestic and international money movement and digital asset ...

next page

Showing results 1-20

All JobsPci Compliance Program JobsPci Compliance Program Manager Jobs

Pci Compliance Program Manager information

See salary details

$38.5K

$95.1K

$157K

How much do pci compliance program manager jobs pay per year?

As of Jun 24, 2026, the average yearly pay for pci compliance program manager in the United States is $95,103.00, according to ZipRecruiter salary data. Most workers in this role earn between $70,000.00 and $116,500.00 per year, depending on experience, location, and employer.

What is the difference between Pci Compliance Program Manager vs Pci Compliance Analyst?

AspectPci Compliance Program ManagerPci Compliance Analyst
CertificationsPCI DSS certifications, project management credentialsPCI DSS certifications, security or audit certifications
Work EnvironmentOversees compliance programs, manages teams, strategic planningPerforms audits, analyzes compliance data, supports implementation
Employer & Industry UsageFinancial institutions, payment processors, large retailersSimilar industries, often within compliance or security teams

The Pci Compliance Program Manager focuses on leading and managing PCI compliance initiatives, ensuring organizational adherence to PCI DSS standards. In contrast, the Pci Compliance Analyst primarily conducts audits, analyzes compliance data, and supports the implementation of security measures. Both roles require PCI DSS certifications but differ in scope and responsibilities, with the manager handling strategic oversight and the analyst focusing on technical compliance tasks.

What does a compliance program manager do?

A PCI Compliance Program Manager oversees an organization's efforts to meet Payment Card Industry Data Security Standard (PCI DSS) requirements, ensuring secure handling of payment card data. They develop, implement, and monitor compliance policies, coordinate audits, and work with technical teams to address security gaps, often utilizing tools like compliance management software and maintaining relevant certifications such as PCI Professional (PCIP).

Is PCI compliance Manager legit?

A PCI Compliance Program Manager is a legitimate role responsible for ensuring organizations meet Payment Card Industry Data Security Standard (PCI DSS) requirements. The position involves managing compliance efforts, conducting risk assessments, and maintaining security protocols to protect cardholder data. It is a recognized and essential role in organizations handling payment card transactions.

What is a PCI compliance manager?

A PCI compliance manager is a professional responsible for ensuring that an organization meets the Payment Card Industry Data Security Standard (PCI DSS) requirements for handling credit card information. They develop, implement, and monitor security policies, conduct audits, and coordinate with technical teams to maintain compliance and protect payment data.

How much does a PCI auditor make?

A PCI auditor typically earns between $70,000 and $120,000 annually, depending on experience, certifications, and the complexity of the assessments they perform. Senior auditors or those with specialized skills may earn higher salaries, especially in consulting or management roles within PCI compliance programs.
Infographic showing various Pci Compliance Program Manager job openings in the United States as of June 2026, with employment types broken down into 2% As Needed, and 98% Full Time. Highlights an 94% Physical, 2% Hybrid, and 4% Remote job distribution, with an average salary of $95,103 per year, or $45.7 per hour.
PCI DSS SAQ D Service Provider Lead

PCI DSS SAQ D Service Provider Lead

FYI For Your Information Inc

Silver Spring, MD โ€ข On-site

Full-time

Retirement

Posted 8 days ago

Job description

FYI - For Your Information, Inc. is an SBA certified, Woman-Owned Small Business and GSA schedule holder that is a premier provider of Human Capital, Training, and Information Technology services. We have won awards for being a Great Place to Work and continue to make ground-breaking advancements. For four years in a row, we have been on Inc. Magazine's 5000 list and were recently named one of Inc.'s 2024 Mid-Atlantic Fastest Growing companies.
About the role
FYI is seeking a PCI DSS SAQ D Service Provider Lead to support an active PCI compliance program for a SaaS/cloud/payment-adjacent environment. This role will own the PCI domain in a fractional capacity, including PCI scoping support, evidence sufficiency review, quarterly scan cadence, penetration testing evidence, remediation tracking, and responses to auditors, QSAs, processors, banks, or other requesting entities. The right candidate has done this work before and can drive their lane without constant prompting.
Essential responsibilities and duties
  • Support PCI DSS SAQ D Service Provider readiness, scoping, evidence review, and control interpretation.
  • Review PCI scope assumptions, in-scope systems, applications, integrations, service providers, and payment/data-flow considerations.
  • Coordinate and review evidence for quarterly external ASV scans and internal vulnerability scans.
  • Coordinate PCI-relevant penetration testing evidence, including scope, rules of engagement, final report review, remediation, and retest evidence.
  • Review evidence for file integrity monitoring, encryption, MFA, IAM, logging, monitoring, change control, secure development, vulnerability management, and remediation tracking where relevant to PCI DSS.
  • Identify weak, incomplete, stale, unclear, or nonresponsive evidence before submission.
  • Draft or review PCI-related auditor, QSA, processor, or requesting-entity responses.
  • Support tracking of PCI remediation items, exceptions, compensating-control discussions, and risk acceptance needs.
  • Help define and maintain recurring PCI compliance cadence, including quarterly scans and annual validation activities.
  • Provide concise written status updates, blockers, risks, and next actions to the project manager and CISO/vCISO.

Required qualifications
  • 8+ years of cybersecurity, GRC, IT audit, compliance, security consulting, or related experience.
  • Direct hands-on experience supporting PCI DSS assessments.
  • Direct experience with PCI DSS SAQ D; Service Provider experience is strongly preferred.
  • Experience with SaaS, cloud-hosted, fintech, payment, or payment-adjacent environments.
  • Working knowledge of ASV scanning, internal vulnerability scanning, penetration testing evidence, vulnerability remediation, IAM/MFA, encryption, logging, monitoring, FIM, change control, and secure development requirements.
  • Ability to translate PCI requirements into practical tasks for engineering, IT, security, and business stakeholders.
  • Strong written communication skills and ability to produce audit-ready summaries and responses.
  • Ability to work through ambiguity and distinguish sufficient evidence from weak or incomplete evidence.

Nice to have
  • Prior QSA, ISA, or QSA-firm experience.
  • PCI DSS v4.x experience.
  • CISA, CISSP, CISM, Security+, or equivalent certification.
  • Experience with Drata, Vanta, Secureframe, Hyperproof, Jira, Confluence, AWS, Azure, GCP, or similar platforms.
  • SOC 2 familiarity, especially where controls overlap with PCI DSS.

Expected deliverables
  • PCI DSS SAQ D evidence and gap tracker inputs.
  • PCI scope notes, assumptions, and issue summaries.
  • ASV and internal vulnerability scan evidence checklists.
  • Penetration testing evidence checklist and report sufficiency review notes.
  • PCI remediation tracker updates and risk summaries.
  • PCI auditor/requesting-entity response drafts.
  • PCI quarterly and annual compliance calendar inputs.

Operating style required
This role requires a senior operator who can own the PCI lane in a fractional capacity. The contractor must communicate clearly, document next actions, identify blockers early, and coordinate through the project manager. This is not a casual side task. Responsiveness, ownership, and clean written work product are required.
FYI's Benefits/Incentives: What is in it for you?
  • Opportunity to work a hybrid work schedule
  • A knowledgeable, high-achieving, diverse, experienced, and fun team.
  • The chance to be part of a rapidly growing company and the next success story.
  • A competitive base salary with a loaded benefits package plus 401K.
  • Tuition/education assistance, personal computer allowance, pet insurance.

Apply