Security and Compliance Manager Remote

David's Bridal•King of Prussia, PA

9h•Remote

About The Position

From Aisle to Algorithm and for All Life’s Moments, at David’s Bridal, we empower our customers and our employees to stay true to their dreams and find the one, whether that means the event or the wedding dress that matches a personal style—or the career that is a perfect fit. Protect what matters—while shaping the future of retail technology. We’re seeking a forward-thinking Security and Compliance Manager to lead critical initiatives across cloud, AI, corporate, and store IT environments. In this remote, (EST or CST preferred) role, you’ll be at the forefront of safeguarding digital infrastructure, driving compliance with CCPA and PCI standards, and managing IT risk with precision. If you bring deep expertise in network security, infrastructure, and retail tech—and thrive in a fast-paced, cross-functional setting—this is your chance to make a lasting impact on how we secure innovation If you are passionately enthusiastic, endlessly curious, and customer obsessed, say “I do” and apply today! Security and Compliance Manager We are seeking a highly experienced and proactive Security and Compliance Manager to lead our cybersecurity, data protection, and regulatory compliance efforts. In this role, you will be responsible for developing, implementing, and managing security programs that protect our digital and physical retail environments including monitoring and control of servers, databases, networks, corporate mobile devices, information security, and applications. This role owns the audit and compliance functions and is the primary security officer of the company. You will play a critical role in ensuring the company meets industry standards and regulatory requirements (e.g., PCI-DSS, CCPA), while supporting a secure customer and employee experience.

Requirements

Bachelor’s degree in Computer Science, Information Security, or related field (Master’s preferred).
8+ years of progressive experience in information security, compliance, or IT risk management.
3+ years in a leadership or managerial capacity, preferably within a retail or consumer-facing environment.
In-depth knowledge of security standards and frameworks (e.g., NIST, ISO 27001, CIS).
Hands-on experience with PCI-DSS compliance and retail security challenges.
Strong understanding of cloud security, endpoint protection, identity management, and network security.
Relevant certifications such as CISSP, CISA, CISM, or PCI ISA/QSA are highly desirable.
Excellent communication, leadership, and project management skills.

Nice To Haves

Working knowledge of compliance requirements related to data privacy laws (e.g., CCPA, GDPR).
Experience securing eCommerce platforms (Shopify, Magento, Salesforce Commerce, etc.).
Familiarity with modern cloud environments (AWS, GCP, Azure) and associated security tools

Responsibilities

Lead the design, implementation, and maintenance of the company’s cybersecurity and compliance programs.
Oversee PCI-DSS compliance across online and in-store payment systems, working closely with IT, Store Ops, and Finance.
Develop and manage security policies, standards, and procedures aligned with industry best practices.
Monitor and respond to security incidents and data breaches, ensuring timely reporting and remediation.
Conduct regular risk assessments, vulnerability scans, and penetration testing.
Collaborate with internal stakeholders (Legal, HR, Finance, E-commerce) to ensure compliance with evolving privacy regulations.
Manage security awareness training programs to educate employees on safe practices.
Partner with third-party vendors, auditors, and service providers to manage security posture and ensure contractual compliance.
Lead internal audits and coordinate external audits as needed.
Track, analyze, and report security metrics to executive leadership.
Accountable for the yearly audit of PCI and other compliance requirements.
Partners closely with one or more application leaders and architects to understand and internalize the architecture/design of solutions and ensures proper controls are in place for ongoing operations.