Key Responsibilities

• Lead the PCI DSS Certification Project: Develop, manage, and deliver the end-to-end certification plan, ensuring adherence to timelines, scope, and budget.
• Stakeholder Coordination: Serve as the central point of contact between Tuma teams (Engineering, Compliance, Operations) and external PCI DSS assessors/auditors.
• Gap Analysis & Remediation: Oversee a detailed gap assessment against PCI DSS requirements, coordinating remediation tasks with relevant teams.
• Technical Oversight: Ensure security controls, system configurations, and processes meet PCI DSS standards, including encryption, access controls, and monitoring.
• Documentation & Evidence Gathering: Drive the preparation, review, and submission of required policies, procedures, and technical evidence for audit.
• Training & Awareness: Organize PCI DSS awareness sessions for relevant team members to maintain compliance readiness.
• Risk & Issue Management: Identify project risks early, propose mitigation measures, and resolve blockers quickly to keep the project on track.

Qualifications & Experience

• Proven experience as a Technical Project Manager or Program Manager in PCI DSS certification projects or other security/compliance initiatives in the fintech/payments industry.
• Strong understanding of PCI DSS controls, network segmentation, encryption standards, secure coding, and data protection practices.
• Demonstrated ability to manage cross-functional teams, including developers, DevOps, compliance officers, and security engineers.
• Experience working with external QSAs, auditors, and vendors.
• Excellent communication, documentation, and stakeholder management skills.
• PMP, PRINCE2, CISM, CISSP, or similar certification is an advantage.