Jobs via Dice
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Zuplon, is seeking the following. Apply via Dice today!
Job Description PCI Security Engineer
Location Berkeley Heights, NJ / Atlanta, GA – Onsite
Job Overview The PCI Security Engineer is responsible for designing, implementing, and maintaining security controls that ensure compliance with PCI DSS (Payment Card Industry Data Security Standard). This role partners with security, infrastructure, application, and compliance teams to safeguard cardholder data, reduce risk, strengthen security posture, and support successful PCI audits and assessments.
Key Responsibilities PCI DSS Compliance & Governance
Lead and manage PCI DSS compliance activities across the organization.
Interpret PCI DSS requirements and map them to existing technical and operational controls.
Coordinate with the QSA (Qualified Security Assessor) during assessments, audits, and evidence collection.
Maintain PCI documentation including ROC, SAQ, AOC, policies, and procedures.
Perform gap assessments and readiness reviews for annual PCI audits.
Security Engineering & Architecture
Design and implement secure network and system architectures aligned with PCI DSS requirements.
Deploy and manage PCI-scoped technologies: firewalls, WAF, SIEM, IPS/IDS, tokenization, encryption, and key‑management systems.
Evaluate and enhance segmentation controls to reduce PCI scope.
Ensure secure configuration of servers, databases, applications, and cloud components in PCI environments.
Monitoring, Threat Detection & Operations
Oversee log management, monitoring, and alerting for PCI‑in‑scope systems.
Work with the SOC team to define PCI‑related use cases and investigate incidents.
Review vulnerability scans and penetration testing results; ensure timely remediation.
Perform periodic access reviews, patch validations, and security hardening.
Risk Management & Control Validation
Conduct risk assessments and recommend controls to protect cardholder data.
Validate the effectiveness of PCI‑related controls through regular testing.
Partner with DevOps/Engineering teams to ensure secure deployment pipelines for PCI systems.
Support incident response processes involving PCI data.
Documentation & Training
Develop and maintain PCI policies, procedures, runbooks, diagrams, and inventories.
Provide PCI training and guidance to engineering, product, and operations teams.
Required Skills & Qualifications
Bachelor’s degree in Computer Science, Information Security, or related field.
3‑8+ years of experience in information security; at least 2+ years focused on PCI DSS.
Strong understanding of:
PCI DSS v4.0 requirements
Cardholder data flows, payment processing, tokenization
Network security and segmentation
Encryption, key management (HSM, KMS)
Vulnerability management & SIEM tools
Hands‑on experience with:
Firewalls, WAF, IDS/IPS
Log management/SIEM (Splunk, QRadar, Elastic, etc.)
Endpoint security, DLP, EDR
Cloud security (AWS/Google Cloud Platform/Azure PCI environments)
Experience preparing for and supporting PCI DSS audits.
#J-18808-Ljbffr
Job Description PCI Security Engineer
Location Berkeley Heights, NJ / Atlanta, GA – Onsite
Job Overview The PCI Security Engineer is responsible for designing, implementing, and maintaining security controls that ensure compliance with PCI DSS (Payment Card Industry Data Security Standard). This role partners with security, infrastructure, application, and compliance teams to safeguard cardholder data, reduce risk, strengthen security posture, and support successful PCI audits and assessments.
Key Responsibilities PCI DSS Compliance & Governance
Lead and manage PCI DSS compliance activities across the organization.
Interpret PCI DSS requirements and map them to existing technical and operational controls.
Coordinate with the QSA (Qualified Security Assessor) during assessments, audits, and evidence collection.
Maintain PCI documentation including ROC, SAQ, AOC, policies, and procedures.
Perform gap assessments and readiness reviews for annual PCI audits.
Security Engineering & Architecture
Design and implement secure network and system architectures aligned with PCI DSS requirements.
Deploy and manage PCI-scoped technologies: firewalls, WAF, SIEM, IPS/IDS, tokenization, encryption, and key‑management systems.
Evaluate and enhance segmentation controls to reduce PCI scope.
Ensure secure configuration of servers, databases, applications, and cloud components in PCI environments.
Monitoring, Threat Detection & Operations
Oversee log management, monitoring, and alerting for PCI‑in‑scope systems.
Work with the SOC team to define PCI‑related use cases and investigate incidents.
Review vulnerability scans and penetration testing results; ensure timely remediation.
Perform periodic access reviews, patch validations, and security hardening.
Risk Management & Control Validation
Conduct risk assessments and recommend controls to protect cardholder data.
Validate the effectiveness of PCI‑related controls through regular testing.
Partner with DevOps/Engineering teams to ensure secure deployment pipelines for PCI systems.
Support incident response processes involving PCI data.
Documentation & Training
Develop and maintain PCI policies, procedures, runbooks, diagrams, and inventories.
Provide PCI training and guidance to engineering, product, and operations teams.
Required Skills & Qualifications
Bachelor’s degree in Computer Science, Information Security, or related field.
3‑8+ years of experience in information security; at least 2+ years focused on PCI DSS.
Strong understanding of:
PCI DSS v4.0 requirements
Cardholder data flows, payment processing, tokenization
Network security and segmentation
Encryption, key management (HSM, KMS)
Vulnerability management & SIEM tools
Hands‑on experience with:
Firewalls, WAF, IDS/IPS
Log management/SIEM (Splunk, QRadar, Elastic, etc.)
Endpoint security, DLP, EDR
Cloud security (AWS/Google Cloud Platform/Azure PCI environments)
Experience preparing for and supporting PCI DSS audits.
#J-18808-Ljbffr