Business Compliance Project Manager
Who Are We?
MerchantE is an innovative, technology-focused company providing a full-service platform to support the payment processing needs for merchants of all sizes, including small business retail shops, B2B wholesalers, and global eCommerce enterprises. We partner with financial institutions, software developers, independent sales organizations, and agents to bring our solutions to market.
Why Join Us?
We’re growing and we’re looking for collaborative, innovative, and hard-working individuals to grow with us! We offer a modern and inspiring work environment where your ideas and contributions are valued. Come experience, first-hand, the impact of your contributions.
The Business Compliance Project Manager will be responsible for 1) coordinating and ensuring the on-time and successful completion of all IT-related audit activities including but not limited to PCI DSS, SOC 1 and SOC 2 assessments, 2) training employees on compliance-related topics, and 3) ensuring the day-to-day compliance and operational success of the MerchantE Privacy program. The role will report to the Chief Information Security Officer.
Your Responsibilities will require you to:
- Serve as liaison and primary IT point-of-contact with external audit firms as well as any ME internal audit functions.
- Maintain an annual audit calendar and proactively communicate audit requirements and expectations to affected stakeholders to maximize likelihood of success.
- Submit and track audit requests through JIRA ticketing system.
- Respond promptly to auditor requests and questions.
- Review audit submissions and evidence for completeness and accuracy.
- Escalate and manage remediation of any compliance risks or violations.
- Process data privacy requests from customers and partners, engaging with other internal departments as necessary.
- Assist with the creation and launch of internal and external security awareness campaigns and training sessions.
- Assist the CISO with various projects related to existing and emerging privacy regulations.
- Establish transparent and measurable metrics and reporting for the ME IT Compliance Program.
- Support continuous improvement and process optimization efforts related to your areas of responsibility.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required:
Required Education, Skills or Experience:
- 2+ years of experience in a related field such as in IT risk, privacy, data security, or audit functions.
- Bachelors degree in relevant field.
- Customer-focused mindset with a passion to deliver results for our partners and customers.
- Highly organized and adept at multi-tasking and adapting to evolving priorities.
- Strong interpersonal skills with the presence and ability to clearly communicate compelling messages to senior and executive management, clients, peers, and team members.
- Team oriented, collaborative, diplomatic, and flexible, with strong presentation skills.
- Openly shares feedback, information, ideas, and best practices.
- Ability to execute plans with limited supervision.
- Proficiency with business productivity toolsets, including Microsoft and Atlassian tools, and an ability to master other critical software applications required to perform job functions.
Preferred Skills or Experience:
- Hands on experience with PCI-DSS and SOC assessments.
- Hands on experience supporting privacy compliance initiatives related to CCPA and GDPR.
- Working knowledge of privacy regulations demonstrated by certifications such as CIPP, CIPT or CIPM preferred.
- Familiarity with credit card brand rules and payment industry regulations.
- Experience supporting enterprise-wide technology initiatives.
- Experience creating a risk- and security-aware culture.