The Global PCI Manager is responsible for leading and managing Payment Card Industry (PCI) compliance activities across Yum! and its global brands — including Byte Commerce, Byte Engage, KFC, Taco Bell, Pizza Hut, and Habit Burger Grill. This role ensures timely and sustained PCI DSS compliance across all platforms, products, and environments where cardholder data is stored, processed, or transmitted or its security may be impacted.

As Yum’s Internal Security Assessor (ISA), the Global PCI Manager serves as the primary liaison with Qualified Security Assessors (QSAs), oversees annual assessments, and ensures assessment readiness across brands and digital ecosystems. The role partners closely with Product, Infrastructure, and Brand Technology teams to ensure compliance is embedded in the product lifecycle.

In addition, this position provides global subject matter expertise on PCI-related matters by responding to inquiries from Yum’s domestic and international business units, franchisees, and partners, helping ensure consistent understanding and execution of PCI DSS standards across the global Yum system. The role will also have one or more international/national direct report(s).

The Global PCI Manager will represent Yum! Brands at PCI Council events and industry forums, contributing to continuous improvement of Yum’s security and compliance practices.

• Bachelor’s degree in Information Security, Computer Science, or related field (Master’s preferred).
• 7–10 years of experience in PCI compliance, security auditing, or IT governance.
• Current PCI ISA/QSA certification preferred (Required ISA certification with Yum!).
• Experience managing enterprise-level PCI programs across diverse technology environments.
• Experience with cloud and hybrid infrastructures (AWS, GCP, Azure) preferred.

Salary Range: $147,00 - $210,000 annually + bonus eligibility. This is the expected salary range for this position. Ultimately, in determining pay, we'll consider the successful candidate’s location, experience, and other job-related factors.

Benefits: Employees (and their eligible family members) may enroll in the following types of insurance coverage: medical, dental, vision, legal, and accidental death and dismemberment, as well as FSA/HSA (depending on enrolled medical plan). Yum! also provides short-term disability, long-term disability, and life insurance. Employees may enroll in our 401(k) plan. Yum! provides 4 weeks of vacation, paid sick leave, 10 paid holidays, a floating day off and 2 paid days for volunteer time each calendar year. To learn more about working at Yum! -Click here.

At Yum!, one of our core values is to Believe in ALL People. This means seeing the value in everyone and unlocking their full potential to be their best self. YUM! Brands, Inc. (including its subsidiaries Yum Restaurant Services Group, LLC (“YRSG”) and Yum Connect, LLC (“Yum Digital and Technology”)(collectively, “Yum”) is proud to be an equal opportunity employer and is committed to equity, inclusion, and belonging for all dimensions of diversity. We do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, disability status, age, or any other protected characteristic. Yum! is committed to working with and providing reasonable accommodation to applicants with disabilities or special needs.

US Job Seekers/Employees - [Click here](https://nam11.safelinks.protection.outlook.com/?url=https://www.dol.gov/agencies/ofccp/posters&data=05|01|Erica.

Sherrard@yum.com|3660c56f3ee04ac9a72608dac91373e4|2ba9001dd7f943a3a0986a927ac715ca|0|0|638043382639632622|Unknown|TWFpbGZsb3d8eyJWIjoiMC4w LjAwMDAiLCJQIjoiV2lu MzIiLCJBTiI6Ik1ha WwiLCJXVCI6Mn0=|3000|||&sdata=/o9fI4ti Dc9ZzKCVe In8e RmCig UkLI1hvoi21r VwESs=&reserved=0) to view the “Know Your Rights” poster and supplement and the Pay Transparency Policy Statement.

PCI Compliance Leadership:

• Own the PCI DSS compliance roadmap for Yum! and all U.S. brands and products.

• Ensure timely completion of quarterly scans, annual assessments, and documentation submissions.

• Oversee PCI scope identification, evidence collection, gap remediation, and reporting across product and infrastructure teams.

• Maintain an up-to-date inventory of in-scope systems, merchants, and service providers.

Audit and Relationship Management:

• Serve as Yum’s Internal Security Assessor (ISA), managing all QSA engagements and assessments.

• Coordinate external assessments, ensuring consistency of evidence and responses across brands.

• Partner with Security, Risk, and IT teams to develop and implement remediation plans.

Governance, Risk & Reporting

• Maintain Yum’s central PCI compliance dashboard and compliance scorecard for all brands.

• Provide regular compliance status updates to the Senior Manager of Compliance and Brand Technology leadership.

• Recommend policy, process, and tooling improvements aligned with evolving PCI standards.

• Respond to PCI-related inquiries from Yum’s global and domestic businesses and franchise partners, ensuring timely, accurate, and consistent guidance.

Industry and Stakeholder Engagement:

• Represent Yum! at PCI Council and industry conferences, sharing emerging trends and requirements.

• Build internal PCI training programs and awareness sessions to strengthen compliance culture.

• Foster strong relationships with brand and global stakeholders to ensure alignment on compliance objectives.

Required Skills:

• Deep knowledge of PCI DSS standards, requirements, and assessment processes.
• Strong project management and organizational skills; capable of managing large, multi-brand compliance programs.
• Excellent written and verbal communication skills, with ability to translate technical concepts for non-technical stakeholders.
• Proven experience managing relationships with external assessors, vendors, and auditors.
• Ability to balance global consultation needs with U.S. compliance ownership and accountability.
• Working knowledge of generative AI Tools and the creation of Custom GPTs for enhancing workflows