What are the responsibilities and job description for the Information Security GRC Manager position at WEX?
WEX is the global commerce platform for fuel and fleet, employee benefits, and business payments. Simplify your business and let WEX handle the complex.
Interested in learning more about this job Scroll down and find out what skills, experience and educational qualifications are needed.
The WEX Information Security Governance Risk & Compliance Team promotes security policy and standards throughout WEX by establishing and maintaining security policies and standards, delivering cybersecurity awareness and training activities, and executing Vendor / Supply Chain security risk management processes. Additionally, the team is responsible for managing PCI-DSS, HITRUST, SOX, SOC, FDIC, and customer audits across all lines of business and providing security evidence to support audit and customer inquiries.
How you’ll make an impact
- Lead and manage the PCI DSS compliance program, including annual assessments, remediation activities, and continuous monitoring.
- Coordinate and conduct internal audits to ensure compliance with PCI DSS requirements.
- Develop, implement, and maintain PCI policies, procedures, and documentation.
- Collaborate with various departments, including IT, legal, and operations, to ensure compliance with PCI DSS.
- Manage relationships with external Qualified Security Assessors (QSAs) and facilitate on-site assessments.
- Monitor and report on compliance status, risks, and issues to senior management.
- Provide training and guidance to staff on PCI DSS requirements and best practices.
- Stay current with changes in PCI DSS and related security standards, ensuring timely updates to compliance programs.
- Participate in incident response efforts related to payment card security breaches.
Experience you’ll bring
J-18808-Ljbffr
