Global PCI Manager

About The Position

Requirements

• Deep knowledge of PCI DSS standards, requirements, and assessment processes.
• Strong project management and organizational skills; capable of managing large, multi-brand compliance programs.
• Excellent written and verbal communication skills, with ability to translate technical concepts for non-technical stakeholders.
• Proven experience managing relationships with external assessors, vendors, and auditors.
• Ability to balance global consultation needs with U.S. compliance ownership and accountability.
• Bachelor’s degree in Information Security, Computer Science, or related field.
• 7–10 years of experience in PCI compliance, security auditing, or IT governance.
• Required ISA certification with Yum!.
• Experience managing enterprise-level PCI programs across diverse technology environments.

Nice To Haves

• Working knowledge of generative AI Tools and the creation of Custom GPTs for enhancing workflows
• Master’s preferred
• Current PCI ISA/QSA certification preferred
• Experience with cloud and hybrid infrastructures (AWS, GCP, Azure) preferred.

Responsibilities

• Own the PCI DSS compliance roadmap for Yum! and all U.S. brands and products.
• Ensure timely completion of quarterly scans, annual assessments, and documentation submissions.
• Oversee PCI scope identification, evidence collection, gap remediation, and reporting across product and infrastructure teams.
• Maintain an up-to-date inventory of in-scope systems, merchants, and service providers.
• Serve as Yum’s Internal Security Assessor (ISA), managing all QSA engagements and assessments.
• Coordinate external assessments, ensuring consistency of evidence and responses across brands.
• Partner with Security, Risk, and IT teams to develop and implement remediation plans.
• Maintain Yum’s central PCI compliance dashboard and compliance scorecard for all brands.
• Provide regular compliance status updates to the Senior Manager of Compliance and Brand Technology leadership.
• Recommend policy, process, and tooling improvements aligned with evolving PCI standards.
• Respond to PCI-related inquiries from Yum’s global and domestic businesses and franchise partners, ensuring timely, accurate, and consistent guidance.
• Represent Yum! at PCI Council and industry conferences, sharing emerging trends and requirements.
• Build internal PCI training programs and awareness sessions to strengthen compliance culture.
• Foster strong relationships with brand and global stakeholders to ensure alignment on compliance objectives.

Benefits

• Employees (and their eligible family members) may enroll in the following types of insurance coverage: medical, dental, vision, legal, and accidental death and dismemberment, as well as FSA/HSA (depending on enrolled medical plan).
• Yum! also provides short-term disability, long-term disability, and life insurance.
• Employees may enroll in our 401(k) plan.
• Yum! provides 4 weeks of vacation, paid sick leave, 10 paid holidays, a floating day off and 2 paid days for volunteer time each calendar year.