Technical Project Manager - PCI Compliance (Phoenix)
CoreAi Consulting, Phoenix, AZ, United States
We are seeking a seasoned Technical Program Manager (TPM) specializing in
PCI DSS compliance
to lead enterprise-wide certification and compliance programs across cloud and application platforms. This role will drive
end-to-end PCI readiness, control implementation, and audit execution , while embedding security and compliance into engineering and infrastructure at scale.
Responsibilities
Lead end-to-end PCI DSS certification programs, including CDE scoping, control implementation, audit readiness, and certification
Drive implementation of PCI-aligned security guardrails across cloud and application environments (IAM, encryption, network segmentation, logging, monitoring)
Partner with engineering, security, DevOps, legal, and audit teams to operationalize PCI controls across systems
Establish and manage automated control validation, evidence collection, and continuous compliance monitoring
Track and drive remediation of vulnerabilities, audit findings, and compliance gaps to closure
Embed security-by-design principles into architecture and SDLC processes
Build executive-level reporting and dashboards for PCI readiness, risk posture, and program progress
Coordinate and lead internal and external PCI audits, including auditor engagement and response management
Define and manage risk tracking, mitigation strategies, and remediation timelines across programs
Enable scalable, repeatable compliance frameworks across multiple applications and business units
Qualifications
10+ years of experience in Technical Program/Project Management in security or compliance domains
Proven experience leading PCI DSS certification programs end-to-end (not just support)
Strong understanding of CDE scoping, control implementation, and audit processes
Experience implementing security guardrails across cloud environments (AWS/GCP/Azure)
Hands-on experience with IAM, RBAC, privileged access controls, encryption, and monitoring frameworks
Experience with automated compliance, GRC tools, and audit workflows
Strong ability to work across engineering, security, infrastructure, and executive stakeholders
Experience building risk dashboards, telemetry, and executive reporting
Familiarity with secure SDLC and cloud-native architectures
Nice to Have
Experience in financial services or highly regulated environments
Experience scaling compliance across multiple business units or platforms
Certifications such as PMP, CISSP, CISA, or PCI-related credentials
PCI DSS compliance
to lead enterprise-wide certification and compliance programs across cloud and application platforms. This role will drive
end-to-end PCI readiness, control implementation, and audit execution , while embedding security and compliance into engineering and infrastructure at scale.
Responsibilities
Lead end-to-end PCI DSS certification programs, including CDE scoping, control implementation, audit readiness, and certification
Drive implementation of PCI-aligned security guardrails across cloud and application environments (IAM, encryption, network segmentation, logging, monitoring)
Partner with engineering, security, DevOps, legal, and audit teams to operationalize PCI controls across systems
Establish and manage automated control validation, evidence collection, and continuous compliance monitoring
Track and drive remediation of vulnerabilities, audit findings, and compliance gaps to closure
Embed security-by-design principles into architecture and SDLC processes
Build executive-level reporting and dashboards for PCI readiness, risk posture, and program progress
Coordinate and lead internal and external PCI audits, including auditor engagement and response management
Define and manage risk tracking, mitigation strategies, and remediation timelines across programs
Enable scalable, repeatable compliance frameworks across multiple applications and business units
Qualifications
10+ years of experience in Technical Program/Project Management in security or compliance domains
Proven experience leading PCI DSS certification programs end-to-end (not just support)
Strong understanding of CDE scoping, control implementation, and audit processes
Experience implementing security guardrails across cloud environments (AWS/GCP/Azure)
Hands-on experience with IAM, RBAC, privileged access controls, encryption, and monitoring frameworks
Experience with automated compliance, GRC tools, and audit workflows
Strong ability to work across engineering, security, infrastructure, and executive stakeholders
Experience building risk dashboards, telemetry, and executive reporting
Familiarity with secure SDLC and cloud-native architectures
Nice to Have
Experience in financial services or highly regulated environments
Experience scaling compliance across multiple business units or platforms
Certifications such as PMP, CISSP, CISA, or PCI-related credentials