PCI Analyst

About The Position

Requirements

• 5 or more years of PCI DSS program management experience with direct involvement in Level 1 merchant or service provider assessments under DSS v4.0.1
• Demonstrated ability to conduct independent risk analysis at the requirement level, including scoping determinations, compensating control construction, and risk acceptance documentation
• Experience engaging QSAs from an authoritative posture, substantiating risk positions with documented evidence rather than deferring to QSA interpretation
• Hands-on field experience working directly within engineering and infrastructure teams to evaluate control implementation at the technical layer and translate requirements into actionable remediation tasks
• Familiarity with ISO 27001 and cloud-native service environments
• Strong analytical, organizational, and communication skills with the ability to produce defensible compliance documentation under audit conditions
• Experience with GRC platforms, ticketing systems, and security tooling (for example SIEM or vulnerability scanners)

Nice To Haves

• PCIP, ISA (prior QSA credential strongly preferred), CISA, CISM, CISSP

Responsibilities

• Collaborate with Information Security, Risk & Compliance team members and control owners companywide
• Lead PCI DSS Level 1 readiness, certification activities, and coordination with QSA assessors
• Maintain scope documentation, evidence, and operational reports for PCI controls
• Partner with Product Security on modernization initiatives that reduce PCI scope and improve control design
• Manage issues, exceptions, and risk acceptance tracking with timely remediation
• Align PCI evidence and controls with ISO 27001 and SOC frameworks to streamline reporting
• Support audits, vendor assessments, and customer due-diligence requests related to PCI
• Maintain compliance ticket queues, supplier/control registers, and awareness activities

Benefits

• Comprehensive benefits package that supports your health, well-being and growth