10 days old

Sr. Principal PCI Compliance Specialist- 90293425 - Washington

Washington, DC 20004

Your success is a train ride away.

Amtrak connects businesses and communities across the country and we move Americas workforce toward the future. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority and the success of our railroad is the result of our employees.

Are you ready to join our team?

The Sr. Principal PCI Compliance Specialist evaluates the design and effectiveness of information technology controls throughout the business cycle. As a senior level IT auditor, it is accountable for supporting and overseeing the ongoing assessment and monitoring of the Company's IT control environment, ensuring IT control findings and risk exposures are identified and addressed in a timely manner.

The Sr.Principal PCI Compliance Specialist assess compliance and supervisory risks before and as they emerge. Responsible for managing risk assessment and the operation of multiple Compliance functions within Amtrak.
Exercises judgment and influences business partners to ensure adherence to policy, procedural and/or regulatory requirements, while maintaining an appropriate risk and reward balance to support business growth. This role manages team resources, ensuring the needed roles, skills, and knowledge are identified and supported.


Leverages domain expertise of compliance control frameworks, including risk assessments, compliance testing, monitoring, and governance systems to ensure adherence to policy, procedural and/or regulatory requirements.

Responsible for coordinating and leading the PCI Compliance program

Plan, schedule and manage the annual Report on Compliance (RoC) process

Demonstrate strong analytic capacity and experience adding structure in a complex, ambiguous environment in order to identify risk trends and draft solutions.

Draft and implement compliance policies and procedures

Draft and maintain policies, procedures and processes to prevent and detect compliance issues.

Manage all non-security related policies and procedures.

Own all IT policy catalog / repository and conduct IT policy reviews.

Review, revising, and where appropriate, proposing new policies and procedures to ensure compliance with applicable laws and regulations.

Work with IT Risk & Compliance team members to develop new or updated IT related policies.

Identify major risk factors which may prevent Amtrak from achieving its strategic, operational, financial reporting and compliance objectives.

Provide support and oversight to Amtrak's various IT audit projects and testing initiatives, including audits of internal controls; identifying internal IT controls, assessing their design and operational effectiveness, determining risk exposures and developing remediation plans.

Participate in the development of IT audit budgets. Tracks and takes appropriate steps to stay within budget.

Work with the Director IT Risk & Compliance and other appropriate leadership to formulate, develop and review audit responses.

Meets regularly with team to gather work status; discuss work progress and obstacles; provide guidance, encouragement and constructive feedback.

Identify the roles, skills and knowledge required. Ensure staff has the resources and skills needed to support all work initiatives. Participates in IT workforce deployment activities.

Generates appropriate communication, process and educational plans for mitigating the disruption of change. Identifies and removes obstacles to change

Effectively perform all IT Controls as applicable

8+ years of payment card data security, with direct experience in PCI-DSS, information security, and audit.

PriorQSA or ISA experience

Experience performing PCI DSS assessments

Extensive knowledge of PCI DSS requirements Information Security experience (e. g. Firewall, Network Admin,Architecture, Engineering, Pen Testing, etc.)

Bachelors Degree in accounting, information systems or computer science with 9+ years relevant experience or equivalent work experience
13+ years of relevant work experience to satisfy education and experience requirements

Masters Degree
Experience working in large complex companies, that heavily rely on real time 24x7 operations to successfully service external customers
Experience in the transportation industry.
SAP ERP security audit experience
At least 11+ years of broad IT audit experience to include executing internal audit or risk management consulting engagements.

9 or more years of IT audit experience to include Big 4 experience
Certified Information System Auditor (CISA)


Must have excellent oral and written communication skills.


Requisition ID:62648
Posting Location(s):District of Columbia
Job Family/Function:Information Technology
Relocation Offered:No
Travel Requirements:Up to 25%

Amtrak employees power our progress through their performance.

We want your work at Amtrak to be more than a job we want it to be a fulfilling experience where you find challenging and rewarding opportunities, respect among colleagues, competitive pay, benefits that protect you and your family, and a high performance culture that recognizes and values your contributions and helps you reach your career goals.

We proudly support and encourage U.S. Veterans to apply for Amtrak job opportunities.

All positions require pre-employment background verification, medical review and pre-employment drug screen. Amtrak is committed to a safe and drug-free workplace and performs pre-employment substance abuse testing. All new hires are required to undergo a hair drug test which detects the presence of illegal drugs for months prior to testing.Marijuana,notwithstanding any statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession ofmarijuana, whether for medical, recreational, or other use. Candidates who engage in the usage ofmarijuanawillnotbe qualified for hire.We appreciate your cooperation in keeping Amtrak safe and drug-free.

In accordance with DOT regulations (49 CFR section 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety- sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, he/she will not permitted to perform safety-sensitive functions.

Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.

Amtrak is an Affirmative Action/Equal Opportunity Employer and we welcome all to apply. We consider candidates regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability (including blindness), or veteran status.

POSTING NOTES: Information Technology|| Information Technology



  • Transportation
Posted: 2021-07-16 Expires: 2021-08-15

Amtrak, the national rail operator, connects America in safer, greener and healthier ways. With 21,000 route miles in 46 states, the District of Columbia and three Canadian provinces, Amtrak operates more than 300 trains each day — at speeds up to 150 mph — to more than 500 destinations. Amtrak is the operator of choice for state-supported corridor services in 17 states and for four commuter rail agencies.

Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Principal PCI Compliance Specialist- 90293425 - Washington

Washington, DC 20004

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast