100% Remote – CST Hours

About this Featured Opportunity:

We are seeking a highly skilled PCI Compliance Specialist to support internal readiness efforts for PCI DSS v4.0.1 across our cloud infrastructure. This role involves partnering closely with engineering, security, and product teams to ensure systems are designed, implemented, and documented to meet both regulatory and internal compliance standards. You’ll play a key role in readiness assessments, evidence validation, and external audits.

The Opportunity for You:

• Conducting internal readiness assessments for systems, services, and infrastructures that fall within scope of PCI DSS.
• Collaborating with cloud engineering, DevOps, Security, and product teams to assess the security and compliance posture of cloud-deployed resources (e.g., compute, storage, IAM, network configurations).
• Reviewing and validating evidence of compliance (e.g., firewall rules, encryption mechanisms, key management practices, logging configurations, vulnerability management, etc.).
• Mapping technical implementations to specific PCI DSS v4.0.1 requirements and control objectives.
• Providing clear remediation guidance for any identified compliance gaps, aligned with both PCI DSS and Apple’s internal security standards.
• Developing and maintaining PCI DSS documentation including system inventories, Policies/Procedures, and control implementation narratives.
• Supporting external QSA-led assessments by facilitating evidence collection, interviews, and control walkthroughs.
• Tracking and reporting on remediation efforts and assessment progress through completion.
  

Key Success Factors:

• 5+ years of experience in information security, risk management, or compliance roles, with at least 2 years focused on PCI DSS.
  • Must have a deep understanding of PCI DSS v4.0.1 requirements and control design.
• Strong technical background with hands-on knowledge of AWS, GCP, and Alicloud services—particularly in securing workloads, cloud networking, architectures, IAM, encryption, and logging.
  • Experience with cloud-native security tools (e.g., AWS Security Hub, GCP SCC, GuardDuty, cloud audit logs) and third-party monitoring solutions.
• Demonstrated ability to translate complex technical configurations into audit-ready evidence and plain-language control descriptions.
  • Must have excellent written and verbal communication skills; ability to communicate effectively with technical and non-technical audiences.

Nice to Haves:

• Industry certifications such as PCIP, CISA, CCSK, CISSP, or cloud-specific certifications (e.g., AWS Certified Security Specialty, Google Professional Cloud Security Engineer) are a strong plus.
• Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation) and CI/CD pipelines from a security and compliance perspective.

Our benefits package includes:

• Comprehensive medical benefits
• Competitive pay
• 401(k) retirement plan
• …and much more!

About INSPYR Solutions

Technology is our focus and quality is our commitment. As a national expert in delivering flexible technology and talent solutions, we strategically align industry and technical expertise with our clients’ business objectives and cultural needs. Our solutions are tailored to each client and include a wide variety of professional services, project, and talent solutions. By always striving for excellence and focusing on the human aspect of our business, we work seamlessly with our talent and clients to match the right solutions to the right opportunities. Learn more about us at inspyrsolutions.com.

INSPYR Solutions provides Equal Employment Opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, INSPYR Solutions complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities

25-14282