IT Compliance Analyst
About The Position
Our Opportunity: Chewy is seeking a GRC Analyst I to join our Cyber Governance Risk & Compliance team (GRC) in Plantation FL. At Chewy, we’re passionate about pets and just as passionate about protecting the systems, data and experiences that support pet parents everywhere. As a GRC Analyst I, you will help us keep our compliance program purring smoothly and our risk posture on a short leash. This is an entry-level opportunity designed for someone eager to grow their cybersecurity career in a fast paced e-commerce environment. You will get hands on experience with frameworks like PCI and NIST while partnering with teams across the organization to ensure our controls are strong, our assessments are well groomed and our risk management practices are anything but ruff.
Requirements
- Bachelor's degree or higher in Computer Science, Computer Information Systems, or similar; or equivalent experience.
- Familiarity with industry frameworks and standards such as PCI-DSS, NIST CSF, NIST 800-53, SOC 2 or similar.
- Comfortable reading, interpreting and analyzing policy documents, audit reports and technical control descriptions.
- Strong attention to detail and ability to organize and manage documentation effectively.
- Basic understanding of IT infrastructure, cloud environments, applications and security controls.
- Strong written and verbal communication skills with the ability to collaborate across technical and non-technical teams.
- Ability to prioritize tasks and manage multiple initiatives in a structured, deadline-driven environment.
- A proactive mindset with a desire to learn and grow within the GRC domain.
Nice To Haves
- Experience supporting PCI environments (Levels 1 – 3) or participating in formal PCI assessments.
- Experience working in organizations with strong adoption of AI technologies and understanding associated governance or compliance considerations.
- Exposure to GRC tooling (e.g., AuditBoard, Drata, Vanta, etc.).
- Relevant certifications such as Security+, CISA or similar.
Responsibilities
- Assist in assessing risk statements and mapping controls to established compliance frameworks such as PCI and NIST.
- Participate in the execution of PCI assessments across the organization, including evidence collection, documentation review and coordination with control owners.
- Support subject matter experts in maintaining and validating control effectiveness, audit readiness and risk management processes.
- Contribute to governance, risk & compliance initiatives by assisting with compliance framework implementations.
- Help maintain risk registers, track remediation activities and follow up on action plans.
- Support internal and external audit activities by organizing documentation, coordinating stakeholders responses and validating evidence.
- Assist with policy and procedure reviews to ensure alignment with evolving regulatory and industry standards.
- Partner with technical teams to understand system environments and document control implementations accurately.
Benefits
- 401k
- new hire and annual equity grant
- medical/Rx
- vision
- dental
- life
- disability
- hospital indemnity
- critical illness
- accident
- parental leave
- family services benefits
- backup dependent care
- flexible spending accounts
- telemedicine
- pet adoption reimbursement
- employee assistance program
- 10% off pet insurance
- 20% off at Chewy.com
- unlimited PTO, subject to manager approval
- six paid holidays per year
- paid sick and family leave in compliance with applicable state and local regulations
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Entry Level
