Lead compliance and governance for payment security frameworks like PCI DSS and SWIFT. Manage control implementation, maintain compliance, and collaborate with various teams to ensure ongoing security posture.
Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins.
Why join Coupa?
🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend.
🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence.
🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other.
Learn more on Life at Coupa blog and hear from our employees about their experiences working at Coupa.
The Impact of a Payment Security & Compliance Program Manager at Coupa:
We are seeking a highly technical and detail-oriented Payment Security & Compliance Program Manager to lead compliance and governance across our payment-related frameworks, including PCI DSS, SWIFT CSCF, and other payment assurance obligations. This role owns the scoping, readiness, documentation, control implementation tracking, and continuous compliance posture of all environments handling payment data and SWIFT-connected systems.
As the primary owner of Coupa’s payment security compliance programs, you will partner closely with Engineering, Cloud Operations, IAM, Product Security, and GRC teams to ensure technical controls are implemented properly, evidence is audit-ready, and all payment environments maintain a continuously mature and secure posture.
This is a hands-on and highly technical role requiring a deep understanding of cloud infrastructure, logging and monitoring, IAM, segmentation, encryption, CI/CD, and secure operations.
What You'll Do:
- Own and manage end-to-end PCI DSS and SWIFT CSCF programs, including scope maintenance, control applicability, compensating controls, authoritative documentation, and annual assessment readiness.
- Operate continuous compliance and evidence management, maintaining a validated, audit-ready evidence library in our GRC Platform with structured refresh cadences for all PCI/SWIFT controls.
- Provide scoping, segmentation, and architecture governance by partnering with Engineering and Cloud Ops to review CDE boundaries, trust zones, architectural changes, and enforce required technical controls.
- Monitor and validate technical security controls across IAM, encryption, segmentation, logging/monitoring, vulnerability management, and incident response; maintain control monitoring logs and drive hardening improvements.
- Lead internal-facing audit support and remediation governance, partnering with QSA/CSCF assessors, preparing audit populations, managing walkthroughs, and driving remediation tracking, prioritization, and validated closure.
- Maintain system-of-record documentation and emerging standards readiness, ensuring PCI/SWIFT artifacts meet regulatory expectations while monitoring framework updates, leading impact analyses, and planning for new requirements.
What You Will Bring to Coupa:
- 5–8+ years of experience in security compliance, cloud security, technical audit, or payment security programs.
- Deep expertise in PCI DSS (ideally PCI DSS v4.0) with hands-on experience supporting or preparing for QSA-led assessments; SWIFT CSCF or other high-security financial frameworks strongly preferred.
- Strong technical understanding of cloud platforms (AWS/Azure), IAM, encryption, logging/monitoring, network segmentation, and CI/CD pipelines.
- Proven success collaborating with engineering, cloud operations, SRE, and security engineering teams on control implementation and validation.
- Excellent documentation, governance, and process discipline, with the ability to drive multi-team remediation and maintain ongoing compliance rigor.
- Experience with GRC platforms such as TrustCloud, Archer, ServiceNow, or comparable tooling.
The estimated pay range for this role is $83,000 - 108,000
The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state.
Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees.
Please be advised that inquiries or resumes from recruiters will not be accepted.
By submitting your application, you acknowledge that you have read Coupa’s Privacy Policy and understand that Coupa receives/collects your application, including your personal data, for the purposes of managing Coupa's ongoing recruitment and placement activities, including for employment purposes in the event of a successful application and for notification of future job opportunities if you did not succeed the first time. You will find more details about how your application is processed, the purposes of processing, and how long we retain your application in our Privacy Policy.
Top Skills
AWS
Azure
Ci/Cd
Encryption
Iam
Pci Dss
Swift Cscf
Coupa Chicago, Illinois, USA Office
350 N. Orleans St, Chicago, IL, United States, 60654
Similar Jobs at Coupa
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Senior Salesforce Architect is responsible for designing and implementing Salesforce solutions, ensuring alignment with business needs, managing technical solutions, and optimizing operational efficiency.
Top Skills:
ApexLwcMiddleware SolutionsRest ApiSalesforceSalesforce FlowSoap ApiWorkato
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
The Solution Advisor - Coupa Pay Specialist provides expertise in Coupa's Payment solutions during the pre-sales process, supports sales teams, and collaborates on product management and departmental strategies.
Top Skills:
AchBacsCoupa PayH2HPayment SolutionsPcardsSaaSSwiftTreasury Management
Artificial Intelligence • Fintech • Information Technology • Logistics • Payments • Business Intelligence • Generative AI
As a Lead Application Security Engineer, you will drive security architecture, perform design reviews, and mentor teams while enhancing Coupa's security features and compliance.
Top Skills:
.NetJavaPython
What you need to know about the Chicago Tech Scene
With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.
Key Facts About Chicago Tech
- Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
- Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
- Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
- Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory
