Job Description Insight Global is seeking a Senior Manager to lead one of our large payment technology client’s Security Governance, Risk, and Compliance (GRC) program. This role focuses on PCI DSS compliance, risk management, and policy enforcement while building a team, assessing gaps, and strengthening overall security posture. Responsibilities include: -Develop and implement a GRC strategy aligned with business objectives and regulatory requirements. -Oversee PCI DSS audits, internal controls, and enterprise-wide risk assessments. -Establish and enforce security policies and frameworks (ISO 27001, NIST, GDPR). -Drive security awareness programs and measure effectiveness. -Managing frameworks, audits, compliance initiatives. -Maintaining risk registers and ensuring proper documentation. -Enforcing policies and standards across the organization. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. Skills and Requirements -12+ years in Information Security, with 5+ years in leadership roles. -Strong hands-on PCI DSS compliance and audit experience. -Proven ability to build GRC frameworks from scratch. -Expertise in regulatory frameworks (PCI DSS, ISO 27001, NIST, GDPR). -Certifications: CISM, CISSP, CRISC, CISA, or equivalent. -Background in the payments industry. -Experience managing vendor compliance and third-party risk. -Exposure to cloud and network security under PCI requirements. -Prior success in scaling teams and formalizing security programs.