Text

Senior PCI Engineer

Boston, MA, United States

General & Admin

Senior PCI Engineer

  • R5751
  • Remote
  • Remote, United States

Toast is driven by building the restaurant platform that helps restaurants adapt, take control, and get back to what they do best: building the businesses they love. 

Toast is seeking a PCI compliance professional to provide technical assistance in leading and managing Toast’s PCI compliance program to ensure Toast products and services are built, maintained and matured in compliance with the Payment Card Industry Data Security Standards (PCI DSS). In this highly visible role, the Senior PCI Engineer will collaborate as a program lead for Toast’s annual PCI assessments and SSF conversion as well as through partnering with the R&D, Product and FinTech organizations to strengthen and scale Toast’s solutions for long-term growth. 

 

About this roll* (Responsibilities) 

  • Assist in leading and monitoring Toast’s PCI DSS compliance program
  • Verify that all PCI DSS controls are documented, operating effectively and monitored through the course of the year; recommend, draft and review compensating controls as necessary
  • Collaborate in the development of cross functional products and services with key stakeholders; perform design and operational effectiveness validation of all technical remediation plans
  • Perform gap assessments and reviews as needed and identify, consult on, and track remediation of all  PCI compliance-related observations/findings
  • Oversee and sample periodic monitoring and review of audit logging records for appropriateness, timeliness and completeness
  • Assist Toast’s Security team with the review and/or remediation of areas such as penetration testing, vulnerability scans, external assessments or other activities
  • Support PCI-related business, customer and partner requests
  • Collaborate with technical operation teams to develop and maintain current, external facing PCI-related program documentation for sub-merchants in a central location
  • Participate in customer related due diligence exercises and investigations as needed
  • Assist in implementation and management of cloud-based GRC tool



Do you have the right ingredients*? (Requirements)

  • 6-10 years recent experience leading assessments for large Level 1 Service Providers ( FinTech / Visa TPA’s such as PayFacs) and managed service providers (MSP’s) in an AWS hosted environment.
  • CISSP, current or recent QSA and CCSP or AWS security certifications
  • Previous  experience in an internal Product Security, DevOps and Network Operations  or Administrator role 
  • Demonstrable knowledge and experience with varying technical implementations of all current PCI DSS requirements, PCI SSC guidance , SSF requirements and PayFac obligations 
  • Deep understanding of fast paced product-based SaaS organizations 
  • Cloud security knowledge 
  • Strong writing skills and the ability to communicate information about complex issues to stakeholders in a clear and easy to understand way.
  • Ability to develop creative and adaptive solutions to unique and complex inquiries

 

Special Sauce* (Nonessential Skills/Nice to Haves)

  • P2PE Experience

 

Our Spread* of Total Rewards:

  • Unlimited Vacation
  • Sabbatical opportunity after five years
  • Professional Development Reimbursement Program
  • Commitment to Employee Wellness through resources such as a quarterly Wellness Stipend
  • Various peer and company recognition programs 
  • 401(k) and matching
  • Medical, Dental, & Vision Coverage
  • Mental Health Benefits
  • Subsidized backup childcare

#LI-REMOTE

We are Toasters

Diversity, Equity, and Inclusion is Baked into our Recipe for Success.

At Toast our employees are our secret ingredient. When they are powered to succeed, Toast succeeds.

The restaurant industry is one of the most diverse industries. We embrace and are excited by this diversity, believing that only through authenticity, inclusivity, high standards of respect and trust, and leading with humility will we be able to achieve our goals.

Baking inclusive principles into our company and diversity into our design provides equitable opportunities for all and enhances our ability to be first in class in all aspects of our industry.

Bready* to make a change? Apply today!

Toast is committed to creating an accessible and inclusive hiring process. As part of this commitment, we strive to provide reasonable accommodations for persons with disabilities to enable them to access the hiring process. If you need an accommodation to access the job application or interview process, please contact candidateaccommodations@toasttab.com.

For roles based in the United States:  As part of our commitment to the health and safety of our employees and their families, all individuals entering our US workspaces are required to provide proof of full vaccination against COVID-19 unless they have an approved medical or religious accommodation.

Bready* for a change?

Apply now

Apply now

Not You?

Thank you

Notice on fraudulent jobs

We have been made aware of instances of fraudulent job postings and/or fraudulent recruiting activity by bad actors, purporting to represent Toast. These fraudulent schemes often seek monetary contributions or payments from job seekers (such as for "start up costs" or "equipment"), or seek to collect sensitive personal or banking information from job seekers.  These job postings and offers are not authorized by Toast, and Toast is not responsible for fraudulent offers or requests for personal information or payments.  Toast will never ask for any financial commitment or contribution from a candidate at any stage of the recruitment process.  Candidates who have questions about the validity of Toast job postings or offers should consult the job postings on our careers.toasttab.com career site.

Check out other rolls*