Jobs · Legal

Sr. Security Compliance Analyst -PCI DSS & U.S. Fed

Entrust · Shakopee, MN · 5 days ago
Legal$119k–$175k/yrFull-time

Position Overview

Entrust is seeking a highly skilled Senior Security Compliance Analyst to lead and sustain compliance for multiple compliance programs including PCI DSS and U.S. Federal. This role is responsible for designing and executing continuous compliance monitoring activities, identifying gaps and leading associated remediation efforts, planning and leading third-party audits, and measuring control effectiveness across cloud-based, on-prem and hybrid environments.

Responsibilities

  • Lead and support end-to-end compliance efforts across multiple environments, including readiness assessments, audits, and continuous monitoring activities to ensure sustained security posture and audit readiness.

  • Leading PCI DSS compliance-related activities and certification;

  • Supporting U.S. Federal readiness efforts, including gap assessments against NIST SP 800-53 and tracking remediation activities (POA&M);

  • Maintaining required evidence artifacts and ensuring traceability of evidence;

  • Interpreting and operationalizing compliance requirements into actionable control activities for engineering and operations;

  • Serving as SME for PCI DSS and NIST 800-53 compliance, advising internal teams and customers;

  • Supporting development of FedRAMP artifacts (e.g., SSP, control narratives, shared responsibility matrices);

  • Partnering with control owners to ensure controls meet PCI DSS and NIST 800-53 requirements;

  • Supporting external audits by preparing evidence, responding to auditor requests, coordinating audit activities, and tracking remediation;

  • Driving coordination with third parties (e.g., service providers, hosting partners) to ensure shared control alignment;

  • Ensuring audit readiness through continuous proactive gap assessments and control sing throughout the year;

  • Identifying, assessing, and communicating compliance and security risks to stakeholders;

  • Identifying, tracking, and driving closure of audit findings and control deficiencies;

  • Contributing to the development and maintenance of security policies, standards, and procedures.

Basic Qualifications

  • 5+ years in security compliance, audit, or GRC with a strong understanding of administrative, technical, and physical controls, including how they support one another

  • Hands-on technical and audit experience with PCI DSS and NIST 800-53 compliance

  • Strong technical understanding of: Cloud environments and shared responsibility models, Access control, change management, logging and altering, and vulnerability management and other security domains

  • Experience working in SaaS or cloud-native environments

  • Experience working cross-functionally with engineering and infrastructure teams

Preferred Qualifications

  • Experience supporting multiple compliance frameworks (PCI DSS, PCI CP, SOC 2, FedRAMP, NIST 800-53/FISMA, ISO 27001/2, ISO 42001)

  • Experience with modern GRC platforms and control automation

  • Familiarity with continuous compliance / continuous monitoring models

  • Certifications such as: CISSP, CISA, CISM, CRISC, PCI ISA/QSA/PCI CP (preferred but not required)

Similar jobs

Sr. Compliance Analyst

Disney ExperiencesCelebration, FL· 6 days ago
Information Technology$112k–$140k/yrapply on disneycareers.com

Sr. Compliance Analyst

The Walt Disney CompanyCelebration, FL· 6 days ago
Legal$112k–$140k/yrapply on disneycareers.com