Jobs · Legal

Sr. Security Compliance Analyst - PCI DSS & SOC 2 (East Coast)

Entrust · NAMER · 6 days ago
RemoteRemoteLegal$119k–$175k/yrFull-time

Position Overview

Entrust is seeking a highly skilled Senior Security Compliance Analyst to lead and sustain compliance for multiple PCI DSS environments while supporting the maturity and execution of our SOC 2 program.

Responsibilities

  • Lead and support end-to-end compliance efforts across multiple environments, including readiness assessments, audits, and continuous monitoring activities to ensure sustained security posture and audit readiness.
  • Leading PCI DSS compliance-related activities and certification;
  • Serving as SME for PCI DSS and SOC 2 compliance, advising internal teams and customers;
  • Partnership with control owners to ensure controls meet PCI DSS requirements and Trust Services Criteria (Security, Availability, Confidentiality, etc.);
  • Supporting external audits by preparing evidence, responding to auditor requests, coordinating audit activities, and tracking remediation;
  • Driving coordination with third parties (e.g., service providers, hosting partners) to ensure shared control alignment;
  • Ensuring audit readiness through continuous proactive gap assessments and control sing throughout the year;
  • Identifying, assessing, and communicating compliance and security risks to stakeholders;
  • Identifying, tracking, and driving closure of audit findings and control deficiencies;
  • Contributing to the development and maintenance of security policies, standards, and procedures.

Basic Qualifications

  • 5+ years in security compliance, audit, or GRC with a strong understanding of administrative, technical, and physical controls, including how they support one another;
  • Hands-on technical and audit experience with PCI DSS and SOC 2 compliance;
  • Strong technical understanding of: Cloud environments and shared responsibility models, Access control, change management, logging and altering, and vulnerability management and other security domains;
  • Experience working in SaaS or cloud-native environments;
  • Experience working cross-functionally with engineering and infrastructure teams;
  • Must be a US citizen.

Preferred Qualifications

  • Experience supporting multiple compliance frameworks (PCI DSS, PCI CP, SOC 2, FedRAMP, ISO 27001, etc.);
  • Experience with modern GRC platforms and control automation;
  • Familiarity with continuous compliance / continuous monitoring models;
  • Certifications such as: CISSP, CISA, CISM, CRISC, PCI ISA/QSA/PCIP (preferred but not required).

Similar jobs

Sr Security Analyst

QuickbaseBoston, MA· 1 wk ago
Information Technology$91k–$144k/yrapply on quickbase.wd504.myworkdayjobs.com

Sr. Security Analyst

Motion RecruitmentAtlanta, GA· 6 days ago
$42.1–$47.1/hrapply on motionrecruitment.com

Sr. Security Analyst

NLB ServicesAtlanta, GA· 1 wk ago
Information Technologyapply on www2.jobdiva.com