SALMON ROBOTICS LIMITED
11 - 50 employees
đź’ł Fintech
🏦 Banking
đź‘Ą B2C
Fintech • Banking • B2C
SALMON ROBOTICS LIMITED is a financial technology company building digital banking and consumer finance services in the Philippines under the Salmon Group and Salmon Bank brands. Backed by experienced finance and tech leaders and international investors, it operates a licensed rural bank, offers deposit products, consumer lending, payment and QR solutions, and deploys AI and data analytics to improve security, customer experience, and inclusivity. The company emphasizes customer care, intuitive product design, partnerships with retailers and payment networks, and 24x365 dependable service to expand access to modern financial services for millions of Filipinos.
GRC Manager, PCI-DSS Focus
Job not on LinkedIn
🔥 42 minutes ago
đź“Š Check your resume score for this job
Improve your chances of getting an interview by checking your resume score before you apply.
SALMON ROBOTICS LIMITED
11 - 50 employees
đź’ł Fintech
🏦 Banking
đź‘Ą B2C
Fintech • Banking • B2C
SALMON ROBOTICS LIMITED is a financial technology company building digital banking and consumer finance services in the Philippines under the Salmon Group and Salmon Bank brands. Backed by experienced finance and tech leaders and international investors, it operates a licensed rural bank, offers deposit products, consumer lending, payment and QR solutions, and deploys AI and data analytics to improve security, customer experience, and inclusivity. The company emphasizes customer care, intuitive product design, partnerships with retailers and payment networks, and 24x365 dependable service to expand access to modern financial services for millions of Filipinos.
đź“‹ Description
• Own the PCI-DSS program end to end as a service provider: scoping, gap assessment, remediation, certification, and annual maintenance • Define and minimize the cardholder data environment; drive segmentation and scope reduction with engineering and infrastructure • Manage the QSA relationship: scoping workshops, evidence packages, assessment, and findings • Keep the certification live between audits: quarterly requirements, ongoing evidence, control monitoring • Turn PCI and other framework requirements into concrete technical and organizational solutions, working directly with engineering and infrastructure teams • Distinguish between a control that exists on paper and one that actually works, and insist on the latter • Design the processes and evidence flows that keep controls satisfied without constant manual effort • Lead internal and external audits: scope, evidence, finding responses, closure • Build and maintain an evidence base that supports continuous readiness across PCI, ISO 27001, and BSP • Coordinate the ISO 27001 surveillance cycle • Bring structure and ownership to the wider compliance and risk program • Maintain the risk register as a working document and drive treatment with system owners • Run vendor security assessments and track third-party compliance obligations • Report compliance posture clearly to leadership and governance committees
🎯 Requirements
• 6+ years in security GRC, compliance, or audit, with real ownership of a compliance program • Has led a PCI-DSS certification end to end, ideally as a service provider, and maintained the status across cycles • Has managed a QSA relationship and run a real audit, not just supported one • Has led cardholder data environment scoping and segmentation decisions with technical teams • Comfortable across at least PCI-DSS and one of ISO 27001 or a banking framework (BSP MORB or equivalent) • Worked in a regulated environment where compliance was enforced, not aspirational
🏖️ Benefits
• Health insurance • 401(k) matching • Flexible work hours • Paid time off • Professional development opportunities
Apply NowSimilar Jobs
đź•’ May 20
Regulatory Compliance & Data Protection Specialist supporting European iGaming regulations and compliance initiatives. Monitoring regulatory changes and advising internal teams on compliance obligations.
