Yum! Brands Logo

Yum! Brands

Global PCI Manager

Posted 2 Days Ago
Be an Early Applicant
Remote
Hiring Remotely in United States
125K-147K Annually
Senior level
Remote
Hiring Remotely in United States
125K-147K Annually
Senior level
Lead global PCI DSS compliance for Yum! Brands, serving as Internal Security Assessor (ISA). Manage QSA engagements, assessments, scope identification, evidence collection, remediation, and reporting. Partner with Product, Infrastructure, and Brand Technology to embed compliance, maintain inventories and dashboards, provide guidance to global stakeholders, and represent Yum! at PCI industry events.
The summary above was generated by AI

The Global PCI Manager is responsible for leading and managing Payment Card Industry (PCI) compliance activities across Yum! and its global brands — including Byte Commerce, Byte Engage, KFC, Taco Bell, Pizza Hut, and Habit Burger Grill. This role ensures timely and sustained PCI DSS compliance across all platforms, products, and environments where cardholder data is stored, processed, or transmitted or its security may be impacted.

As Yum’s Internal Security Assessor (ISA), the Global PCI Manager serves as the primary liaison with Qualified Security Assessors (QSAs), oversees annual assessments, and ensures assessment readiness across brands and digital ecosystems. The role partners closely with Product, Infrastructure, and Brand Technology teams to ensure compliance is embedded in the product lifecycle.

In addition, this position provides global subject matter expertise on PCI-related matters by responding to inquiries from Yum’s domestic and international business units, franchisees, and partners, helping ensure consistent understanding and execution of PCI DSS standards across the global Yum system. The role will also have one or more international/national direct report(s). 

The Global PCI Manager will represent Yum! Brands at PCI Council events and industry forums, contributing to continuous improvement of Yum’s security and compliance practices.

Responsibilities

PCI Compliance Leadership

  • Own the PCI DSS compliance roadmap for Yum! and all U.S. brands and products.

  • Ensure timely completion of quarterly scans, annual assessments, and documentation submissions.

  • Oversee PCI scope identification, evidence collection, gap remediation, and reporting across product and infrastructure teams.

  • Maintain an up-to-date inventory of in-scope systems, merchants, and service providers.

Audit and Relationship Management

  • Serve as Yum’s Internal Security Assessor (ISA), managing all QSA engagements and assessments.

  • Coordinate external assessments, ensuring consistency of evidence and responses across brands.

  • Partner with Security, Risk, and IT teams to develop and implement remediation plans.

Governance, Risk & Reporting

  • Maintain Yum’s central PCI compliance dashboard and compliance scorecard for all brands.

  • Provide regular compliance status updates to the Senior Manager of Compliance and Brand Technology leadership.

  • Recommend policy, process, and tooling improvements aligned with evolving PCI standards.

  • Respond to PCI-related inquiries from Yum’s global and domestic businesses and franchise partners, ensuring timely, accurate, and consistent guidance.

Industry and Stakeholder Engagement

  • Represent Yum! at PCI Council and industry conferences, sharing emerging trends and requirements.

  • Build internal PCI training programs and awareness sessions to strengthen compliance culture.

  • Foster strong relationships with brand and global stakeholders to ensure alignment on compliance objectives.

Required Skills

  • Deep knowledge of PCI DSS standards, requirements, and assessment processes.
  • Strong project management and organizational skills; capable of managing large, multi-brand compliance programs.
  • Excellent written and verbal communication skills, with ability to translate technical concepts for non-technical stakeholders.
  • Proven experience managing relationships with external assessors, vendors, and auditors.
  • Ability to balance global consultation needs with U.S. compliance ownership and accountability.
  • Working knowledge of generative AI Tools and the creation of Custom GPTs for enhancing workflows
Qualifications
  • Bachelor’s degree in Information Security, Computer Science, or related field (Master’s preferred).
  • 7–10 years of experience in PCI compliance, security auditing, or IT governance.
  • Current PCI ISA/QSA certification preferred (Required ISA certification with Yum!).
  • Experience managing enterprise-level PCI programs across diverse technology environments.
  • Experience with cloud and hybrid infrastructures (AWS, GCP, Azure) preferred.

Salary Range: $125,200-$147,200 annually + bonus eligibility. This is the expected salary range for this position. Ultimately, in determining pay, we'll consider the successful candidate’s location, experience, and other job-related factors.

Benefits: Employees (and their eligible family members) may enroll in the following types of insurance coverage: medical, dental, vision, legal, and accidental death and dismemberment, as well as FSA/HSA (depending on enrolled medical plan). Yum! also provides short-term disability, long-term disability, and life insurance. Employees may enroll in our 401(k) plan. Yum! provides 4 weeks of vacation, paid sick leave, 10 paid holidays, a floating day off and 2 paid days for volunteer time each calendar year. To learn more about working at Yum! -Click here. 

At Yum!, one of our core values is to Believe in ALL People. This means seeing the value in everyone and unlocking their full potential to be their best self. YUM! Brands, Inc. (including its subsidiaries Yum Restaurant Services Group, LLC (“YRSG”) and Yum Connect, LLC (“Yum Digital and Technology”)(collectively, “Yum”) is proud to be an equal opportunity employer and is committed to equity, inclusion, and belonging for all dimensions of diversity.  We do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other protected characteristic. Yum! is committed to working with and providing reasonable accommodation to applicants with disabilities or special needs.

US Job Seekers/Employees - Click here to view the “Know Your Rights” poster and supplement and the Pay Transparency Policy Statement.

Similar Jobs

Yesterday
Easy Apply
Remote or Hybrid
Easy Apply
102K-128K Annually
Junior
102K-128K Annually
Junior
Cloud • Information Technology • Security • Software • Cybersecurity
Drive automation-first reliability for a global, multi-cloud platform: build scalable infra (AWS/GCP/bare-metal), write automation (Python/Go), implement observability (Prometheus/Grafana/OpenTelemetry), lead incident response/on-call, define SLIs/SLOs, and partner on operability reviews and post-incident analysis.
Top Skills: AnsibleAWSAzureBgpC/C++DnsGCPGoGrafanaGreHaproxyHelmIpsecItilLinuxOpentelemetryPrometheusPythonRhelTemporalTerraform
Yesterday
Remote or Hybrid
118K-201K Annually
Senior level
118K-201K Annually
Senior level
Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Lead supplier quality for Printed Wiring Boards: audit suppliers, perform source and first-article inspections, drive root-cause analysis and corrective actions, implement process improvements, and ensure compliance with PWB and aerospace standards to deliver first-time quality.
Top Skills: ApqpAs9100As9102Asme Y14.5Asme Y15.1Black BeltControl PlanFirst Article InspectionGreen BeltIpc-6012Ipc-6013Ipc-6018Ipc-A-600Ipc-A-610Ipc-Tm-650Lean Six SigmaMil-Prf-31032Mil-Prf-38534Mil-Prf-55110Mil-Std-883PfmeaPpapSource Inspection
Yesterday
Remote or Hybrid
District of Columbia, USA
127K-215K Annually
Mid level
127K-215K Annually
Mid level
Aerospace • Hardware • Information Technology • Security • Software • Cybersecurity • Defense
Support and maintain complex applications and infrastructure for a government customer: monitor and triage events, troubleshoot Linux/Windows servers, deploy and integrate software (AWS, CloudFormation, RDS), use Salt for configuration management, work with databases (Oracle, MongoDB, PostgreSQL, MySQL), write SOPs, manage security groups, and support after-hours deployments. Requires strong communication and collaboration with developers and vendors.
Top Skills: AWSCloudFormationElasticsearchJavaScriptLinuxMongoDBMySQLOraclePostgresPythonRdsSaltstackWindows Server

What you need to know about the Austin Tech Scene

Austin has a diverse and thriving tech ecosystem thanks to home-grown companies like Dell and major campuses for IBM, AMD and Apple. The state’s flagship university, the University of Texas at Austin, is known for its engineering school, and the city is known for its annual South by Southwest tech and media conference. Austin’s tech scene spans many verticals, but it’s particularly known for hardware, including semiconductors, as well as AI, biotechnology and cloud computing. And its food and music scene, low taxes and favorable climate has made the city a destination for tech workers from across the country.

Key Facts About Austin Tech

  • Number of Tech Workers: 180,500; 13.7% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Dell, IBM, AMD, Apple, Alphabet
  • Key Industries: Artificial intelligence, hardware, cloud computing, software, healthtech
  • Funding Landscape: $4.5 billion in VC funding in 2024 (Pitchbook)
  • Notable Investors: Live Oak Ventures, Austin Ventures, Hinge Capital, Gigafund, KdT Ventures, Next Coast Ventures, Silverton Partners
  • Research Centers and Universities: University of Texas, Southwestern University, Texas State University, Center for Complex Quantum Systems, Oden Institute for Computational Engineering and Sciences, Texas Advanced Computing Center

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account