Lead Technical Program Manager - PCI Compliance

Who we are   

We are a dedicated team of security and information technology professionals focused on evolving Mindbody’s security posture. Our collective goal is to protect the future, fostering increased opportunities for wellness businesses worldwide to empower their customers in leading secure and healthy lives. Committed to a higher purpose, we continuously challenge ourselves and our organization to excel, understanding the strength derived from collaborative efforts towards a common objective. We are advocates for a diverse workplace, fostering an environment where individuals can bring their authentic selves to contribute to our shared success. At the heart of our achievements lies the belief in the value of our people. If you share our passion and vision, consider joining our team, and let's explore the remarkable feats we can achieve together!  

Your role  

Mindbody + Classpass is seeking a Lead Technical Program Manager, Governance Risk and Compliance to manage the continuous monitoring of our PCI-DSS compliance program. As a Sr. Technical Program Manager, you’ll use your technical expertise and background in Cyber Security to lead compliance efforts. The right person for this role will have deep technical discussions with our engineering teams to understand controls, processes and iterate on ways to meet the intent of compliance requirements. This means not only understanding multiple technical frameworks but also having a technical understanding of common technologies and systems. 

You will 

• As a Lead Technical Program Manager on the Governance, Risk, and Compliance (GRC) team, you will perform continuous monitoring of PCI standards and understand the potential impacts of change as they apply to the organization. 

• Assist the Compliance team and the Business with all required PCI compliance related documentation and its maintenance. 

• Collaborate across Security and Engineering teams, Leadership and all other stakeholders to drive Mindbody’s PCI Program compliance. 

• Provides guidance to the business on PCI compliance and security-related matters.  

• Coordinate audit-related tasks to ensure the readiness of managers and their teams for audit testing and facilitate the timely resolution of any audit findings. 

• Understands compliance requirements (ISO, NIST, SOX, PCI, HIPAA, GDPR and other regulatory compliance). 

• Participate in the development and implementation of new business initiatives to ensure functionality required to support PCI compliance. 

• Report on deliverables, and project status to management and key technical and business stakeholders. 

• Collaborates with our BISOs to advise Business Partners on the appropriate implementation of security compliance controls and requirements to maintain our information security and privacy posture. 

• Manages any internal and external audit requests related to PCI-DSS, and other compliance requests as needed.   

You’ll thrive in this role with experience in:  

• 5+ years’ experience leading PCI attestation efforts. 

• Extensive experience as a Program/Project Manager in GRC (Governance, Risk and Compliance). 

• Background in auditing security controls, networks, and system security. 

• Technical knowledge and familiarity with information security standards such as PCI DSS, and NIST Cybersecurity Framework. 

• Collaborate across Security and Engineering teams, Leadership and all other stakeholders to drive Mindbody + Classpass PCI Program. 

• Ability to express technical concepts in business terms. 

• Able to work well under deadlines in a changing environment and complete multiple PCI projects effectively and concurrently. 

• Preferred certifications: PMP, ISA/QSA, CISSP, CISA. 

Pay Transparency

It is Mindbody’s intent to pay all Team Members competitive wages and salaries that are motivational, fair, and equitable. The goal of Mindbody’s compensation program is to be transparent, attract potential employees, meet the needs of all current employees, and encourage Team Members to stay with our organization.

Actual compensation packages are based on several factors that are unique to each candidate, including but not limited to skill set, depth of experience, certifications, and specific work location.

The base salary range for this position in the United States is $92,000 to $160,000. The total compensation package for this position may also include performance bonuses, benefits and/or other applicable incentive compensation plans.