Security and Compliance Officer

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services.  Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results.  We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions.  Join our dynamic team and make your mark on the payments technology landscape of tomorrow. 

Security and Compliance Officer

About the company:

Global Payments Inc. (NYSE: GPN) is a leading payments technology company delivering innovative software and services to our more than 4.6 million customers, including 1,500 financial institutions and 4,000 technology partners in 100 countries. Our technologies, services, and team member expertise allow us to provide a broad range of solutions that enable our customers to operate their businesses more efficiently across a variety of channels around the world. The Merchant Solutions division enables businesses of all sizes to securely accept card, check and digital forms of payment. Unlike some payment solution providers, we manage end-to-end processing of the payments. We also provide specialty point-of-sale and integrated business management software that is industry-specific, with analytics, marketing customer engagement, employee/worker management, payroll and reporting services for our business customers. Our Marketing Vision: The global marketing function of Global Payments is responsible for Brand, Product Marketing, Operations, Growth and Revenue Performance for the Merchant Acquirer Solutions of Global Payments. Our team’s vision is to drive growth by putting the customer at the front and center of everything we do and to be accountable for driving the best outcomes for our customers, our employees, and our business. We aim to understand the customer experience from their first engagement with us through their entire relationship and to constantly drive improved value to them.

Role Overview:

We are seeking a highly skilled and technically minded Security and Compliance Officer to join our team. This role will be crucial in ensuring our marketing technology stack and internal processes meet Global Payments' architectural, security, privacy, and risk standards. The ideal candidate will act as a centralized point of contact, facilitating and streamlining the Architectural Review Committee (ARC) process, managing compliance with relevant regulations (GDPR, CCPA, etc.), and championing security best practices within the marketing organization. This position requires a deep understanding of technical documentation, security assessments, and risk management principles.

Key Responsibilities:

• ARC/ Risk Process Facilitation: Serve as the primary point of contact for all marketing technology initiatives requiring ARC review. Guide marketing teams through the process, ensuring all necessary documentation (technical architecture documents, security assessments, etc.) is complete and accurate. Collaborate with Architecture, Security, Privacy, and Risk teams to expedite reviews and approvals. Identify opportunities to improve the ARC process beyond intake and queue management, focusing on streamlining the technical workstreams.

• Compliance Management: Develop, implement, and maintain policies and procedures to ensure compliance with relevant data privacy regulations (GDPR, CCPA, etc.), accessibility guidelines (WCAG), and other applicable standards. Oversee the implementation and maintenance of consent management (OneTrust) and accessibility (Userway/Deque) platforms.

• Risk Assessment & Mitigation: Conduct regular risk assessments of marketing technologies and processes. Identify potential vulnerabilities and develop mitigation strategies. Work closely with security and risk teams to address identified risks and ensure compliance with Global Payments' security policies.

• Security Advocacy: Champion security best practices within the marketing organization. Provide training and guidance to marketing teams on secure development practices, data protection, and other relevant security topics.

• Collaboration & Communication: Work closely with various stakeholders, including marketing teams, IT, legal, and compliance, to ensure alignment on security and compliance initiatives. Communicate effectively with both technical and non-technical audiences.

• Vendor Management: Evaluate the security and compliance posture of third-party vendors used by the marketing organization. Ensure that vendor agreements include appropriate security and privacy provisions.

• Platform Management: Manage, administer and govern OneTrust (consent management), Userway/Deque (accessibility), and Macroscope (security) platforms.

Qualifications:

Required Skills and Experience:

• 5+ years of professional experience in security, compliance, or a related field, preferably within a global organization.

• Strong understanding of architectural, security, privacy, and risk management principles.

• Experience with developing and implementing security and compliance policies and procedures.

• Familiarity with data privacy regulations (GDPR, CCPA, etc.), accessibility guidelines (WCAG), and other relevant standards.

• Experience with conducting risk assessments and developing mitigation strategies.

• Excellent communication and interpersonal skills, with the ability to effectively interact with technical and non-technical audiences.  

• Strong analytical and problem-solving skills.

• Ability to work independently and as part of a team.  

• Experience working in a fast-paced and evolving environment.

• Prior experience building and presenting security and compliance plans, including requirements, in preparation for implementation.

Additional Desired Skills:

• Experience with OneTrust, Userway/Deque, or similar platforms.

• Familiarity with scripting languages (e.g., Python, JavaScript).

• Experience with data quality assurance and testing.

• Relevant certifications (e.g., CISSP, CIPP).

• Knowledge of web technologies and security vulnerabilities.

Nice to have:

• Experience using OneTrust for consent management

• Experience using Userway or Deque for Accessibility

• Experience using Macroscope for security

Please note that this job description is a general overview and may not encompass all responsibilities and requirements. As the role evolves, additional tasks and responsibilities may be added.

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact jobs@globalpay.com.