PCI DSS Specialist

Job Type IT
Location Bracknell Campus
Partnership Level 6
Closing Date 06/10/2024
Vacancy Type Permanent
Salary £56,700.00 - £91,000.00 Annual
Salary Frequency Annual
Hours of Work 35

Apply Now

We want all of our Partners to have a good work-life balance and we support flexible working. This might mean flexible or compressed hours, job sharing or shorter hour contracts, where it is possible to do so. Please discuss this further with the hiring manager during your interview.

Our Purpose

Working in Partnership for a happier world – our shared Purpose that guides us in everything we do and inspires 3 important principles; happier people, happier business, happier world. The John Lewis Partnership is a truly unique business, one that seeks to make a positive difference to the lives of everyone.

At a glance

  • Hybrid Working - This is a hybrid working role, therefore your time will primarily be split between working from home and the Bracknell Head Office. However, there will also be an expectation to visit other locations as required, such as the London Head Office and other branch locations.

  • Our Information Security team currently works from the office once a week to connect and on a more ad-hoc basis to attend key meetings, but again the frequency is dependent on the business needs.

  • Salary range - The salary range for this role is set at £56,700 - £91,000

  • Contract type - This position is a permanent position.

About the role

As part of an ever-evolving organisation and given the fast-moving cyber and compliance landscapes, there is a need for PCI DSS specialist involvement in both business as usual activities as well as a variety of projects and changes. This role is based within our Information Security team, which forms part of the Shared Capabilities of the organisation and will offer the opportunity to work across the lines of business (including John Lewis, Waitrose, John Lewis Money and Build to Rent). 

We are looking for someone to play a pivotal role in both maintaining and continuously improving our PCI position, having an opportunity to work closely with colleagues in the Information Security team as well as many key stakeholders across the organisation. This person will be the key PCI subject matter expert within the Partnership and will bring prior experience enabling them to conduct a wide variety of tasks. Stakeholder management and clear messaging are crucial in this role, so that groups and individuals understand their PCI position, including the risks and mitigations associated with them.

What you’ll do

  • Key PCI subject matter expert and representative for JLP, liaising with wider Partnership teams (both business and tech), other internal payments-focused roles and our QSA (Qualified Security Assessor) service.

  • Management of key operational PCI documentation, including the RACI, operating model, CDE (Cardholder Data Environment)) scope and compliance records.

  • Develop and embed risk management framework for Partnership PCI risks and issues, and play an active role in the regular review of these risks.

  • Review, update and support with the embedding of BAU processes and documentation, ensuring there is alignment to the PCI operating model.

  • Prepare for and lead on, the formal PCI assessments (scheduled on a regular basis).

  • Support ad-hoc requests for compliance assessments, both within larger programmes and BAU work, to ensure Policy adherence and generate risk assessments where required.

  • Chair PCI Governance Forums.

  • Conduct PCI-specific third party due diligence activities.

  • Regularly review relevant Policy and Standards documentation from an SME perspective, and liaise with the business in relation to PCI training

  • Leverage insight and internal and external networks, as appropriate, to keep abreast of key customer requirements, market conditions and trends, including technological advancements, and feed these into strategic thinking. 

What you’ll have (Essential Skills)

  • A previous accreditation or hands-on experience in a role directly relevant to PCI - specifically, either experience working as a QSA or ISA.

  • A broad information security background, with familiarity of on prem and cloud solutions, as well as strong risk management experience and knowledge.

  • Ability to work methodically, under pressure in a fast-paced environment and succeed in ambiguity.

  • Excellent communication skills and experience of stakeholder management, working with individuals from both IT and business functions. Ability to educate and challenge on controls evidenced.

  • Strong attention to detail with an analytical mind and demonstrable problem-solving skills.

What else you could bring (Desirable Skills)

  • PCI experience within a retail organisation or environment.

  • Previous experience of working to agile principles.

Additional Information

  • We occasionally close vacancies early in the event that we receive a high volume of applications. Therefore we recommend you apply as soon as possible.

 

Benefits:

💻 - Hybrid Working. 

⚖ - Excellent work life balance, including focus on well being and flexible working and our market leading  Equal Parenthood Leave Policy

🏖️ - Depending on your Partnership job level, if you work full time you’ll get between 22 and 30 days holiday a year, plus bank holiday entitlement

🐷 - The Partnership has a Defined Contribution pension scheme where your contributions, up to an agreed level, will be matched by the Partnership. In addition, after a qualifying period of service you may receive an additional Partnership contribution.

🤑 - You’ll get Partnership discount in store and online once you complete Probation. That’s 25% off in John Lewis & Partners (12% off electrical products) and 20% in Waitrose & Partners. You’ll also be able to nominate someone you live with to share your discount

🚴 -  Simple cycle to work support scheme

🏰 - We’re really proud of our exclusive hotels based in some of Britain’s most beautiful areas and once you’ve been with us for three months, you’re welcome to explore them

🌱 - Learn more about our Benefits structure, visit - https://www.jlpjobs.com/about/benefits/

#LI-Hybrid

#LI-HEADOFFICE

#LI-LS1

At the John Lewis Partnership, we embrace our differences. We want you to be you. Because, well, we know you're at your best when you're free to be yourself. Being a truly inclusive employer to us means creating an environment which celebrates your contribution, regardless of age, gender, race, ethnicity, disability, sexual orientation, social background, religion or belief. It's why we've set our own aim to become the UK’s most inclusive business - for our Partners (employees) and our customers. We firmly believe that our future success lies in diversity of thought from all Partners and it's integral in our mission to build a happier world. We welcome applications from everyone interested in working for us. And, once you're a Partner, your differences will make all the difference. Find out more about D&I in the Partnership here - https://www.jlpjobs.com/about/diversityandinclusion/

Apply Now