Be an Early Applicant
Help Shape What's Next
The Role
The Payment Security & Compliance Program Manager leads compliance and governance for payment frameworks, ensuring continuous compliance and technical control validation while collaborating with engineering and security teams.
Summary Generated by Built In
Coupa makes margins multiply through its community-generated AI and industry-leading total spend management platform for businesses large and small. Coupa AI is informed by trillions of dollars of direct and indirect spend data across a global network of 10M+ buyers and suppliers. We empower you with the ability to predict, prescribe, and automate smarter, more profitable business decisions to improve operating margins.
Why join Coupa?
🔹 Pioneering Technology: At Coupa, we're at the forefront of innovation, leveraging the latest technology to empower our customers with greater efficiency and visibility in their spend.
🔹 Collaborative Culture: We value collaboration and teamwork, and our culture is driven by transparency, openness, and a shared commitment to excellence.
🔹 Global Impact: Join a company where your work has a global, measurable impact on our clients, the business, and each other.
Learn more on Life at Coupa blog and hear from our employees about their experiences working at Coupa.
The Impact of a Payment Security & Compliance Program Manager at Coupa:
We are seeking a highly technical and detail-oriented Payment Security & Compliance Program Manager to lead compliance and governance across our payment-related frameworks, including PCI DSS, SWIFT CSCF, and other payment assurance obligations. This role owns the scoping, readiness, documentation, control implementation tracking, and continuous compliance posture of all environments handling payment data and SWIFT-connected systems.
As the primary owner of Coupa’s payment security compliance programs, you will partner closely with Engineering, Cloud Operations, IAM, Product Security, and GRC teams to ensure technical controls are implemented properly, evidence is audit-ready, and all payment environments maintain a continuously mature and secure posture.
This is a hands-on and highly technical role requiring a deep understanding of cloud infrastructure, logging and monitoring, IAM, segmentation, encryption, CI/CD, and secure operations.
What You'll Do:
- Own and manage end-to-end PCI DSS and SWIFT CSCF programs, including scope maintenance, control applicability, compensating controls, authoritative documentation, and annual assessment readiness.
- Operate continuous compliance and evidence management, maintaining a validated, audit-ready evidence library in our GRC Platform with structured refresh cadences for all PCI/SWIFT controls.
- Provide scoping, segmentation, and architecture governance by partnering with Engineering and Cloud Ops to review CDE boundaries, trust zones, architectural changes, and enforce required technical controls.
- Monitor and validate technical security controls across IAM, encryption, segmentation, logging/monitoring, vulnerability management, and incident response; maintain control monitoring logs and drive hardening improvements.
- Lead internal-facing audit support and remediation governance, partnering with QSA/CSCF assessors, preparing audit populations, managing walkthroughs, and driving remediation tracking, prioritization, and validated closure.
- Maintain system-of-record documentation and emerging standards readiness, ensuring PCI/SWIFT artifacts meet regulatory expectations while monitoring framework updates, leading impact analyses, and planning for new requirements.
What You Will Bring to Coupa:
- 5–8+ years of experience in security compliance, cloud security, technical audit, or payment security programs.
- Deep expertise in PCI DSS (ideally PCI DSS v4.0) with hands-on experience supporting or preparing for QSA-led assessments; SWIFT CSCF or other high-security financial frameworks strongly preferred.
- Strong technical understanding of cloud platforms (AWS/Azure), IAM, encryption, logging/monitoring, network segmentation, and CI/CD pipelines.
- Proven success collaborating with engineering, cloud operations, SRE, and security engineering teams on control implementation and validation.
- Excellent documentation, governance, and process discipline, with the ability to drive multi-team remediation and maintain ongoing compliance rigor.
- Experience with GRC platforms such as TrustCloud, Archer, ServiceNow, or comparable tooling.
The estimated pay range for this role is $83,000 - 108,000
The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state.
Coupa complies with relevant laws and regulations regarding equal opportunity and offers a welcoming and inclusive work environment. Decisions related to hiring, compensation, training, or evaluating performance are made fairly, and we provide equal employment opportunities to all qualified candidates and employees.
Please be advised that inquiries or resumes from recruiters will not be accepted.
By submitting your application, you acknowledge that you have read Coupa’s Privacy Policy and understand that Coupa receives/collects your application, including your personal data, for the purposes of managing Coupa's ongoing recruitment and placement activities, including for employment purposes in the event of a successful application and for notification of future job opportunities if you did not succeed the first time. You will find more details about how your application is processed, the purposes of processing, and how long we retain your application in our Privacy Policy.
Top Skills
Archer
AWS
Azure
Grc Platforms
Pci Dss
Servicenow
Swift Cscf
Trustcloud
What the Team is Saying
Alex Moon
Operations Analyst, Order Management
Jessica Fonseca
Technical Support Specialist
Aditya Maheshwari
Sr. Software Engineer, Cloud
Jose Miguel Jimenez
Procurement
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Coupa is a global technology company that helps businesses run smarter by connecting all the ways they spend money — from procurement and expenses to payments and supply chain decisions — in one intelligent platform. In simple terms, Coupa gives organizations the visibility and control they need to make better financial choices, reduce waste, and drive real impact. It’s where technology meets purpose: helping companies manage their resources more responsibly while creating a positive ripple across their people, partners, and the planet.
Why Work With Us
At Coupa, we prioritize an inclusive and empathetic workplace where every voice is valued. Our teams are proactive and accountable, ensuring we collaborate effectively to achieve our goals. The foundation of our culture rests on our people; we believe in fostering an environment that encourages innovation and curiosity.
Gallery
Coupa Offices
Remote Workspace
Employees work remotely.
Our virtual-first approach is intentional. It gives you the freedom to do your best work in a space that supports focus, balance, and creativity, while staying connected to a global team of changemakers who are redefining the future of business spend
Typical time on-site:
None
HR
SG
Ann Arbor
Bogotá, CO
Boston, MA
Chicago, IL
Dubai, Dubai 48800
Hyderabad office
São Paulo, BR
Shivaji Nagar, IN
Tokyo Office
Uppsala, SE
Learn more
