Project Manager -PCI DSS Compliance Upgrade

The Project Manager will lead the banks PCI DSS upgrade from version 3.2.1/3.4 to 4.0.1, ensuring full compliance with technical, security, regulatory, and business requirements. The role demands deep expertise in PCI DSS standards, project management, and cross‑functional coordination.

Responsibilities:

• Develop and manage the PCI DSS upgrade plan.
• Define scope, deliverables, timelines, and resources.
• Align with Bank Negara Malaysia (BNM) and regulatory standards.
• Collaborate with IT, Cybersecurity, Risk, Compliance, Internal Audit, and external QSAs.
• Manage vendors and third‑party service providers.
• Report progress to senior management and regulators.
• Coordinate implementation of PCI DSS 4.0.1 controls.
• Conduct gap analysis and oversee remediation.
• Ensure alignment with encryption, segmentation, and monitoring requirements.
• Support policy and evidence development for audits.
• Identify and mitigate project risks and dependencies.
• Track progress against compliance milestones.
• Lead readiness assessments, penetration testing, and remediation.
• Ensure timely certification by QSA.
• Maintain project documentation and audit trails.
• Present status reports, risk logs, and dashboards.

Requirements:

• Bachelors in IT, Computer Science, Cybersecurity, or related field.
• PMP / PRINCE2 certification preferred.
• 8-10 years in IT Project Management, ideally in banking.
• Familiarity with QSAs, auditors, and regulators.
• Strong knowledge of payment systems and cybersecurity tools.
• Excellent stakeholder and communication skills.
• Ability to manage complex technical and compliance streams.
• Familiarity with BNM regulations and ISO/NIST standards.
• PCI DSS Gap Analysis Report (v3.4 to v4.0.1)
• Remediation plan and tracking.
• Updated policies and technical configurations.
• Successful PCI DSS 4.0.1 certification.
• Final project closure report with compliance evidence.