Resolving PCI Compliance issues

WP Engine technically is not PCI Compliance: That means if an ecommerce website requires the website to be scanned as part of PCI compliance it may or maybe not pass. If it doesn’t pass there isn’t any guarantee WP Engine will be able to fix the issues and will require other workarounds

Reducing the need of PCI scans by switching WooCommerce plugin

There are 4 plugins for WooCommerce. AIM allows customers to directly enter payment info on the website however requires higher level of PCI compliance (server scans). The SIM plugin is completely offsite and doesn’t require server scans however not as good as an experience from the customer perspective.
The DPM plugin appears to be the sweet spot. It’s technically offsite however to the customer it appears they are still on your website through the tricky use of overlaying an iframe directly on your website. Switching from AIM to DPM will remove the need of PCI scans.