Information Security Compliance Manager

				Overview:

Our Technology teams challenge the status quo and reimagine capabilities across industries. Whether through research and development, technology innovation or solution engineering, our team members play a vital role in connecting consumers with the products and platforms of tomorrow.

Responsibilities:

Candidates must be willing to participate in at least one in-person interview, which may include a live whiteboarding or technical assessment session.

We are seeking an experienced and highly motivated Compliance Manager to join our Information Security Governance, Risk, and Compliance (GRC) team. You will play a critical role in protecting EchoStar's assets and customer data as this position is crucial for maintaining our organization's alignment with regulatory and industry standards, with a particular focus on Payment Card Industry (PCI) compliance. The ideal candidate will be a GRC professional responsible for developing, implementing, and overseeing our compliance program, ensuring that our systems and processes meet all required obligations.
Key Responsibilities:
* Involved in leadership of the development and maintenance of the organization's compliance management framework, covering PCI, CPNI, NYDFS and other regulatory requirements
* Serve as a key point of contact and subject matter expert for all PCI- and compliance-related activities; including managing the annual PCI Data Security Standard (PCI DSS) assessments, coordinating with Qualified Security Assessors (QSAs), and ensuring continuous compliance throughout the year
* Translate regulatory requirements into actionable standards and procedures
* Work closely with the GRC and wider Information Security team to identify, assess, and manage risks related to compliance obligations
* Coordinate and lead internal and external audits, providing documentation, evidence, and clear communication of control effectiveness
* Develop and deliver compliance training programs to internal stakeholders to foster a culture of compliance awareness across the organization
* Partner with cross-functional teams, including Legal, IT, and business units, to ensure compliance requirements are integrated into business processes and technology solutions
* Implement and maintain continuous monitoring activities to track compliance status and report on outcomes and key metrics to senior leadership

Qualifications:

Education & Experience:

* Bachelor's degree in a relevant field such as Information Technology, Cybersecurity, Business, or a related discipline
* A minimum of 5 years of dedicated experience in a compliance or GRC role with a strong focus on PCI DSS
* Professional certifications such as PCI Professional (PCI-P) or Internal Security Assessor (ISA) are required
* Additional relevant certifications (e.g., CISA, CISSP, CRISC) are a nice to have

Skills and Qualifications:

* Deep understanding of the PCI DSS standard and its application in a technology environment
* Familiarity with NIST frameworks is beneficial
* Excellent communication, organizational, and problem-solving skills with the ability to work collaboratively across all levels of the organization
* Ability to lead and create strategic plans for the business on regulatory strategy

Visa sponsorship not available for this role
			

Apply

Share this job:

Share this Job

View company profile

EchoStar

Connect To Our Company