Compliance Consultant V - PCI DSS Compliance

Compliance Consultant V - PCI DSS Compliance will report to the Privacy Security and Technology Compliance Director and work alongside members of the PCI Sustainment team conducting compliance readiness functions and facilitation of the annual Data Security Standards (PCI DSS) external assessment. This role will work closely with various stakeholders across markets, business and enterprise security/IT functions, including front line operations, as well as other stakeholders which support payment applications or security functions.

In further detail, this role-s primary responsibility will be to provide subject matter expertise on the PCI DSS and to maintain a comprehensive and integrated program that monitors PCI readiness and performs assessments where necessary. The individual will be responsible for monitoring a broad portfolio of IT systems and business processes that are part of our cardholder data environment in scope for the annual PCI report on compliance (ROC).  This role will directly support the annual PCI ROC assessment, liaising with our external qualified security assessor (QSA) and ultimately ensuring successful & timely delivery of the ROC while contributing to projects and initiatives that will improve sustainment -Business as Usual- and the overall maturity of the PCI compliance at Kaiser Permanente.

This position drives ITRM process and/or methodology for designated ITRM initiatives by leading or directing team members in the documentation of process and/or service requirements and guiding and influencing leadership in the development of the ITRM strategy. This role partners with leadership to help define goals, objectives, deliverables, and guardrails within the governance framework to ensure the development and implementation of efficient, effective, measurable, and sustainable ITRM processes and controls.  This role also executes and plans ITRM compliance assessments, drives and manages the design and implementation of appropriate controls, and manages large-scale ITRM service delivery and engagements from planning to completion, including financials.

• Conducts or oversees business-specific projects by applying deep expertise in subject area; promoting adherence to all procedures and policies; developing work plans to meet business priorities and deadlines; determining and carrying out processes and methodologies; coordinating and delegating resources to accomplish organizational goals; partnering internally and externally to make effective business decisions; solving complex problems; escalating  issues or risks, as appropriate; monitoring progress and results; recognizing and capitalizing on improvement opportunities; evaluating recommendations made; and influencing the completion of project tasks by others.
• Practices self-leadership and promotes learning in others by building relationships with cross-functional stakeholders; communicating information and providing advice to drive projects forward; influencing team members within assigned unit; listening and responding to, seeking, and addressing performance feedback; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership and mentoring junior team members; creating and executing plans to capitalize on strengths and improve opportunity areas; and adapting to and learning from change, difficulties, and feedback.
• Drives ITRM processes and/or methodology for designated ITRM initiatives by leading or directing team members in the documentation of process and/or service requirements and acceptance criteria from process owners and key stakeholders; guiding and influencing leadership in the development of the ITRM strategy; partnering with leadership to help define goals, objectives, deliverables, and guardrails within the governance framework to ensure the development and implementation of efficient, effective, measurable, and sustainable ITRM processes and controls; and collecting, analyzing, and reporting performance metrics using company software and reporting tools.
• Executes and plans ITRM compliance assessments and consulting projects by leading intake, planning and coordination activities for new or revisions to technology systems or services; and driving and managing the design and implementation of appropriate controls through the sustainment phase.
• Manages large-scale ITRM service delivery and engagements from planning to completion by managing multiple workstreams, including stakeholder communications and team mentorship; and managing and monitoring financials for assigned initiatives.