Salary is commensurate with education and experience.
The University of Washington (UW) is proud to be one of the nation's premier educational and research institutions. Our people are the most important asset in our pursuit of achieving excellence in education, research, and community service. Our staff not only enjoys outstanding benefits and professional growth opportunities, but also an environment noted for diversity, community involvement, intellectual excitement, artistic pursuits, and natural beauty.
Financial Accounting has an outstanding opportunity for a PCI Merchant Services Director. PCI Merchant Services Director will lead and have overall responsibility for Payment Card Industry Data Security Standards (PCI-DSS) compliance activities for the University of Washington (UW), and be the primary point of contact, technical expert and central program owner for UW card acceptance / merchant services activities.
This position will develop and implement a strategy for maintaining a structural compliance approach that enables UW merchant account holders to adhere to PCI-DSS compliance and will work closely with the UW existing governance structures to set priorities based on risk and facilitate a culture of compliance that is cognizant of and cohesive with UW other compliance obligations that are of a similar nature.
The individual in this position will serve as the primary point of contact for UW PCI compliance, use the Prioritized Milestone Approach to document progress of the PCI compliance program, and report out to the UW's merchant processor as required. They will acquire and implement card acceptance tools and payment applications, such as P2PE, in an effort to meet PCI compliance requirements, audit each location to ensure the payment acceptance environment remains PCI compliant, and coordinate activities with UW QSA and UW-IT as needed.
This position will require a comprehensive understanding of merchant services activity and point-of-sale solution best practices, and their application at the UW. They will provide leadership for the institutional day-to-day management of the merchant services program, including managing staff providing technical and operational support. The UW merchant services program is large, with approximately 150 campus departments processing credit cards with over 200 merchant accounts (MIDs). Adding to the complexity are the various intake points with varying terminal types, gateway and POS terminals / software, and web applications.
The PCI Merchant Services Director will form strategic partnerships across the university to better understand departmental business needs and regulatory / compliance issues (PHI, FERPA, HIPAA, etc.), acquire and / or develop technology, policies and procedures for the UW merchant services program that are aligned with meeting PCI compliance requirements, and create tools that will allow central monitoring of all card transaction activity in an effort to identify opportunities for improvement and mitigate risk. Additionally, this person will audit each payment location once per year to ensure proper internal controls are in place, establish a vendor management program for payment services relationships, and create a merchant services training program for all university employees, students and volunteers that handle cardholder data.
Oversee activities to facilitate University-wide compliance with the PCI-DSS, industry regulations, and UW policies and procedures as they relate to credit card and/or payment operations. Maintain a campus wide PCI compliance plan. Work with representatives of the University and third party vendors to oversee compliance with the PCI-DSS requirements for all payment card processing, and the University of Washington-related policies, technical security processes, infrastructure, and long range planning requirements. Provide leadership and guidance for UW merchant account holders in all aspects of the PCI-DSS with emphasis on safeguarding payment card data, thus protecting the interests of the cardholders and business units, and the overall University brand.
Monitor and manage the day-to-day activity for merchant services at the UW, provide guidance and support for new initiatives and programs which will generate merchant activity and impact the cardholder data environment and PCI compliance efforts. Ensure a high level of customer service and foster productive working relationships for the vendor and the merchant account holders.
Direct and supervise the Merchant Services Specialist position
Participate in the Finance Transformation project, and on university-wide teams for process improvement and development of process enhancements related to merchant services operations, point of sale solutions and PCI compliance.
Supervise the Merchant Services Specialist, providing leadership and mentoring, and technical advice and support. This includes:
Plan and assign tasks, establish goals and ensure deadlines are met;
Meet as necessary to share ideas, give direction, and resolve problems;
Implement and maintain University policies related to personnel issues;
Ensure that staff are aware of their performance and performance expectations;
Help to train staff and ensure adequate cross training of critical processes;
Participate in interviews and selection of new employees;
Document employee performance problems in accordance with Personnel Board and University requirements and recommend disciplinary action when necessary.
For detailed information on Benefits for this position click here.
Bachelor's Degree in Computer Science, Information Security or related field.
At least five years of experience in a business or information security-related position.
Deep understanding of PCI-DSS 3.0/3.1 and preceding version requirements including prior experience leading a Level 1 or Level 2 organization's PCI-DSS compliance effort.
Management of third party services that are required by PCI-DSS, such as overseeing ISA and QSA work.
Operational experience and/or knowledge of financial/payment systems, credit card/bank processing, and e-commerce practices;
Customer-facing experience in an IT, audit, or compliance environment;
Development and management of bank/credit card awareness & training for merchant account holders;
Development and implementation of technical PCI compliance solutions and controls.
Knowledge of information security and risk management practices.
Excellent ability to communicate both verbally and in writing with all levels of an organization, including both business and technical audiences.
Demonstrated leadership skills and ability to pull cross-functional teams together to determine short-term and long-term objectives and set priorities.
Self-motivated with interpersonal skills required to work effectively with a broad range of University / Medical System employees and external contacts.
Ability to manage and prioritize multiple projects / tasks simultaneously.
Ability to evaluate systems and be able to develop solutions for compliance issues.
Understanding of information security and risk management concepts / practices.
Ability to interpret and articulate PCI-DSS security requirements.
Ability to query complex databases, prepare analyses, and create verbal and written reports.
Requires solid understanding of network architecture, segmentation, firewalls, scanning and monitoring, authentication, and configuration management as relevant for PCI-DSS.
Proficient working knowledge of MS Office Suite (Word, Access, Excel, Power Point), html editing, etc.
The candidate must be analytical, detail oriented, possess strong data management and technical skills, as well as superior customer service and organizational skills.
Equivalent education/experience will substitute for all minimum qualifications except where there are legal requirements such as license/certification/registration.
Deep understanding of PCI-DSS 3.0/3.1 and preceding version requirements including 2+ years prior experience leading a Level 1 or Level 2 organization's PCI-DSS compliance effort.
Application Process: The application process for UW positions may include completion of a variety of online assessments to obtain additional information that will be used in the evaluation process. These assessments may include Workforce Authorization, Criminal Conviction History, Cover Letter and/or others. Any assessments that you need to complete will appear on your screen as soon as you select Apply to this position. Once you begin an assessment, it must be completed at that time; if you do not complete the assessment you will be prompted to do so the next time you access your My Jobs page. If you select to take it later, it will appear on your "My Jobs" page to take when you are ready. Please note that your application will not be reviewed, and you will not be considered for this position until all required assessments have been completed.
Appointment to this position is contingent upon obtaining satisfactory results from a criminal background check.
Founded in 1861, the University of Washington is one of the oldest public institutions in the west coast and one of the preeminent research universities in the world. The University of Washington is a multi-campus university comprised of three different campuses: Seattle, Tacoma, and Bothell. The Seattle campus is made up of sixteen schools and colleges that serve students ranging from an undergra...duate level to a doctoral level. The university is home to world-class libraries, arts, music, drama, and sports, as well as the highest quality medical care in Washington State and a world-class academic medical center. The teaching and research of the University’s many professional schools provide undergraduate and graduate students the education necessary toward achieving an excellence that will serve the state, the region, and the nation. As part of a large and diverse community, the University of Washington serves more students than any other institution in the Northwest.