Lab Quality Manager

Job Description

Job Description

Job Title: Lab Quality Manager

Department: Product & Technology

Reports To: Sr. Director, Quality and Operational Excellence

Location: North America or UK

Fair Labor Standards Act (FLSA) Status: Exempt

SUMMARY

The Lab Quality Manager will play a significant role in the review of laboratory evaluation reports, conducting periodic lab audits, and a supporting role in the development and maintenance of PTS and Mobile standards, as well as contributing to other Council program initiatives. The Lab Quality Manager will work directly with the Lab Validation Programs team of the PCI Council, industry stakeholders and other subject matter experts in support of Lab standards. This will include the Lab General Requirements (LGR), Lab Program Guide (LPG), Lab Audit documentation, and fiduciary responsibility for development of standards that result in Lab Evaluation reports (e.g, PTS PTS POI and HSM, CPoC, SPoC, and MPoC).

What you will be doing in this role:

• Review and assessment of PTS POI, PTS HSM, SPoC, MPoC, and CPoC laboratory reports to ensure consistent and appropriate application of security testing criteria.
• Interact with PCI recognized evaluation laboratories to provide, receive, and process guidance on technical security issues, RFC, and evaluation methodologies.
• Conduct periodic audits of Lab processes and requirements per the Lab General Requirements, associated documentation for Skills, Equipment and Quality. Audits may be conducted remotely or on-site.
• Development and discussion of technical FAQs in support of the assessment of payment security devices; may also act as SME in the creation of FAQs for PCI lab evaluation programs.
• Attend and provide project management and subject matter expertise for the PCI lab evaluation Standards team that may include, but not be limited to, technologies such as Open Protocols, Encryption, Tokenization, Mobile, Cloud Computing, Wireless technologies, and Virtualization.
• Participate in the review and evaluation of discussions of PCI lab evaluation standards.

What you will bring to this role:

• Excellent written and oral communication skills; ability to express thoughts clearly, know how to listen and contribute to a team environment.
• Strong interpersonal skills with demonstrated ability to work with participants with both diverse and robust convictions and perspectives.
• Must be flexible, proactive, self-starter, quick to learn and have a can-do attitude.
• Must have a blend of curiosity, creativity, persistence, commitment, passion, and optimism.
• Strong organization and time-management skills
• Ability to work independently and as part of a team.
• Familiarity with Microsoft Office products and the ability to develop presentation material using PowerPoint.
• Willingness to travel up to 10%; domestic and international.
• Understanding of the financial and payment card processing industries.

Education & Experience:

• Minimum of 5+ years of information security, payment card technologies and payment device physical and logical security constructs.
• Familiarity with mobile payment transactions.
• Knowledge of mobile device and operating system architecture.
• Industry certifications in the areas of Information Security/Systems preferred.
• Bachelor's degree required. Experience in physical and logical security characteristics of cryptographic devices.
• Working knowledge of the financial industry and the lifecycle of payment card transactions.
• Working knowledge with payments industry software and hardware development methodologies and practices.
• Working knowledge in audit and control procedures for preventing or detecting the unauthorized alteration or substitution of secure devices during manufacturing and/or during transport.
• Working knowledge of audit methodologies and security assessment tools for physical facilities, and device evaluation processes.
• Familiarity with cryptographic key management methodologies and standards (e.g., ANS X9.143, ISO 11568, etc.) for the protection of payment card data for payment transaction processing, with emphasis on cardholder authentication data.
• Strong comprehension skills for understanding information security best practices and applying knowledge to PCI requirements.

The starting minimum salary for this role is $100,000 USD annually, plus bonus. The final compensation will be based on skills, experience, geographic location, and other relevant factors.

To learn more about the PCI Security Standards Council, visit https://www.pcisecuritystandards.org/

PCI SSC is an Equal Opportunity Employer.