PCI Analyst

About The Position

Requirements

• 3-5 years in PCI, risk, compliance program management (or relevant education/certifications)
• Experience leading PCI DSS v4.0.1 assessments and coordinating with QSAs
• Familiarity with ISO 27001 and cloud service environments
• Strong analytical, organizational, and communication skills
• Experience with GRC, ticketing, and security tools (for example SIEM or vulnerability scanners)
• At this time, we are unable to consider candidates who require current or future sponsorship for employment authorization.

Nice To Haves

• Preferred certifications: PCIP, ISA, CISA, CISM, CISSP

Responsibilities

• Collaborate with Information Security, Risk & Compliance team members and control owners companywide
• Lead PCI DSS Level 1 readiness, certification activities, and coordination with QSA assessors
• Maintain scope documentation, evidence, and operational reports for PCI controls
• Partner with Product Security on modernization initiatives that reduce PCI scope and improve control design
• Manage issues, exceptions, and risk acceptance tracking with timely remediation
• Align PCI evidence and controls with ISO 27001 and SOC frameworks to streamline reporting
• Support audits, vendor assessments, and customer due-diligence requests related to PCI
• Maintain compliance ticket queues, supplier/control registers, and awareness activities

Benefits

• We offer a comprehensive benefits package that supports your health, well-being and growth - explore full details here.
• Compensation and benefits for this role apply to full-time employees in the United States and may vary based on local standards, laws and norms.
• Pay is determined by location, skills, experience, and education, and is one part of Bonterra’s total rewards package, which may also include bonuses, incentives, equity, and a comprehensive benefits program.