Senior PCI Analyst
CSI · United States · 3 wk ago
RemoteRemoteBusiness DevelopmentFull-time
What You’ll Do
- Credits PCI DSS compliance assessments to identify gaps and risks supporting ongoing security and compliance.
- Develops, implements, and maintains PCI-related security policies, standards, and procedures to ensure consistent protection of cardholder data.
- Maintains regulatory adherence by monitoring and validating compliance with PCI DSS requirements across systems and processes.
- Executes comprehensive validation of PCI DSS scope across enterprise environments, ensuring accurate identification and classification of in-scope systems, applications, and data flows.
- Collaborates with cross-functional teams to assess segmentation controls, cardholder data locations, and business processes to confirm scope boundaries align with PCI DSS requirements.
- Documents scope rationale and provides evidence-based recommendations to reduce scope where feasible, while maintaining compliance integrity.
- Develops PCI-related deliverables assigned to the Enterprise Information Security Services department.
- Serves as an internal resource for all business units for PCI DSS compliance consultations.
What To Bring
- A minimum of 5 years of experience in a PCI DSS compliance role.
- At least one relevant certification (e.g., PCIP, QSA, CISSP, ISA) is required.
What Would Be Nice For You To Have
- A senior-level professional with in-depth knowledge, experience, and expertise with the ability to resolve complex issues.
- An excellent understanding of PCI DSS requirements and security frameworks (e.g., PCI DSS 4.0.1, NIST Cybersecurity Framework, ISO 27001).
- A strong knowledge of network security, encryption, and secure system configurations.
- A strong technical expertise in network security, encryption, vulnerability management, and secure system design.
- A strong risk management capability including the ability to identify, assess, and mitigate compliance and security risks within payment card environments.
- Demonstrated proficiency using compliance management platforms (e.g., Archer, Qualys, ServiceNow).