Manager, Information Technology Compliance

Teleflora•Paragould, OK

1d•Onsite

About The Position

Teleflora is seeking a highly organized, detail-oriented, and collaborative Manager, IT Compliance to support its IT Infrastructure and Engineering teams. This role is ideal for a compliance generalist with strong project management, time management, and organizational skills who enjoys coordinating across multiple teams and regulatory domains. The Manager, IT Compliance will be responsible for the day-to-day coordination and oversight of Teleflora's Payment Card Industry (PCI) compliance efforts, including management of the annual PCI DSS Level 1 Service Provider audit and PCI Software Security Framework (PCI-SSF) audits for its Point-of-Sale (POS) applications. In addition to PCI, this role will support broader compliance and privacy initiatives, including evolving privacy regulations such as the California Privacy Rights Act (CPRA) and the General Data Protection Regulation (GDPR). While this position does not require deep hands-on engineering work, it works closely with IT engineers, security teams, and compliance leadership to track requirements, manage evidence, coordinate remediation efforts, and ensure compliance activities stay on schedule. The ideal candidate is comfortable balancing multiple initiatives, organizing complex documentation, and serving as a central point of coordination across technical and compliance stakeholders.

Requirements

5+ years of experience supporting Payment Card Industry Data Security Standard (PCI DSS) compliance efforts, preferably in a Level 1 Service Provider environment.
Familiarity with Payment Card Industry Software Security Framework (PCI-SSF), California Privacy Rights Act (CCPA), General Data Protection Regulation (GDPR), and general IT compliance practices.
Strong organizational and communication skills, with the ability to coordinate across multiple technical teams.
Experience working with Qualified Security Assessors (QSAs) or external auditors is a plus.
Awareness of Systems and Organization Controls (SOC)-2 and International Organization for Standardization (ISO)-27001 frameworks is beneficial.

Responsibilities

Coordinate the annual Payment Card Industry Data Security Standard (PCI DSS) Level 1 audit process, including scheduling meetings, tracking deliverables, and managing timelines.
Support development teams in preparing for Payment Card Industry Software Security Framework (PCI-SSF) audits by organizing evidence collection and facilitating communication with auditors.
Serve as the primary point of contact for the Qualified Security Assessor (QSA) on day-to-day audit activities and evidence submission.
Assist in maintaining compliance with privacy regulations such as California Privacy Rights Act (CPRA) and General Data Protection Regulation (GDPR).
Monitor changes in compliance requirements and help update internal documentation accordingly.
Collaborate with the compliance program owner to ensure alignment with company policies and regulatory expectations.
Work closely with system engineers, network engineers, IT security engineers, database administrators, and developers to gather and validate compliance evidence.
Facilitate internal meetings and working sessions to ensure timely progress on compliance initiatives.
Help review and update IT and security policies in response to changes in compliance frameworks.
Ensure documentation is well-organized, audit-ready, and reflects current practices.