Security Manager – IT Risk & PCI

About The Position

Requirements

• Bachelor’s or Master’s Degree with an emphasis in security, technology, or engineering or equivalent work experience
• At least 6 years work experience in information technology, cyber security, or information security
• At least 3 years of experience coaching, mentoring, and developing a team of people as a manager of people
• Demonstrated experience owning information security compliance programs including supporting policies, standards, and procedures, to execute, maintain, and align controls to organizational needs and frameworks
• Demonstrated continuous improvement mindset, with experience designing and evolving security, compliance, and audit workflows, including leveraging GRC platforms (e.g., Vanta) to build and maintain scalable controls

Nice To Haves

• PCI Internal Security Assessor (ISA) (strongly preferred)
• CISSP (preferred)

Responsibilities

• Manage and lead execution of the PCI DSS compliance program, including annual scoping, assessments, remediation tracking, and ongoing compliance for Patterson business entities and payment environments.
• Perform PCI security reviews for Patterson products and merchant-facing solutions, ensuring required controls are designed, implemented, and operating effectively (e.g. payment service providers, payment platforms and solutions, merchant services).
• Serve as the primary point of coordination with external assessors, auditors, and payment stakeholders, including support for merchant auditing and payment-related compliance activities.
• Own and maintain security policies, standards, and procedures, ensuring alignment with PCI DSS, NIST CSF, ISO, SOX ITGC, and applicable regulatory requirements.
• Translate regulatory, audit, and product security requirements into operational controls and workflows, partnering with Technology and business teams to embed compliance into system design and operations.
• Ensure audit readiness and evidence integrity by maintaining clear documentation, control ownership, and tracking within GRC tooling (e.g., Vanta, ServiceNow), and driving remediation through closure.
• Accountable for setting goals, performance development, source developmental opportunities and provide long-term career guidance to team members
• Support hiring, onboarding, and development of team members as the program scales, including delegation of execution-focused work.
• Provide day-to-day leadership, guidance, and mentoring to analysts and contract resources supporting compliance and audit activities.
• Contribute to cross-functional risk management activities, including issue tracking, risk acceptance support, and alignment with enterprise risk processes.
• Support third-party security and vendor risk activities related to PCI-relevant vendors and payment partners.
• Develop and deliver compliance metrics, status reporting, and audit-readiness views for leadership and executive stakeholders.

Benefits

• Full Medical, Dental, and Vision benefits and an integrated Wellness Program
• 401(k) Match Retirement Savings Plan
• Paid Time Off (PTO)
• Holiday Pay & Floating Holidays
• Volunteer Time Off (VTO)
• Educational Assistance Program
• Full Paid Parental and Adoption Leave
• LifeWorks (Employee Assistance Program)
• Patterson Perks Program