Lead PCI Analyst (Cybersecurity)
Вакансия из Hirify Global, списка международных tech-компанийДля мэтча и отклика нужен Plus
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Lead PCI Analyst (Cybersecurity): Owning the PCI DSS Level 1 certification program and partnering with Engineering on security-by-design for payment architectures with an accent on tokenization, network segmentation, and cryptographic key management. Focus on conducting in-depth risk analysis for payment systems and AI components while coordinating with QSA assessors.
Location: Remote (United States)
Salary: $139,991 - $174,009
Company
provides end-to-end technology solutions for nonprofit organizations and Fortune 100 companies to increase social good impact.
What you will do
- Own end-to-end PCI DSS Level 1 readiness, certification activities, and coordination with QSA assessors.
- Advise Engineering and Product teams on PCI control selection, scope containment, and security-by-design for payment architectures.
- Lead and manage response to PCI Level 1 events, including investigation, evidence preservation, and remediation oversight.
- Conduct in-depth risk analysis on PCI security and AI components embedded within payment systems.
- Align PCI evidence and controls with ISO 27001 and SOC frameworks to streamline reporting.
- Maintain scope documentation, evidence, and operational reports for PCI controls.
Requirements
- 7+ years of PCI DSS program management experience with direct involvement in Level 1 assessments (DSS v4.0.1).
- Proven experience translating PCI requirements into actionable architectural guidance for engineering teams.
- Track record of leading PCI Level 1 events from initial triage through executive reporting and closeout.
- Ability to perform independent risk analysis at the requirement and architectural levels.
- Working understanding of AI/ML components (model inference, vector stores) within cardholder data environments.
- Must have current US employment authorization (no sponsorship available).
Nice to have
- PCIP, ISA (prior QSA credential strongly preferred), CISA, CISM, or CISSP certifications.
- Familiarity with ISO 27001 and cloud-native service environments.
- Experience with GRC platforms and security tooling (SIEM, vulnerability scanners).
Culture & Benefits
- Mission-driven environment focused on increasing global giving rates.
- Inclusive and equitable culture where every team member belongs.
- Comprehensive benefits package supporting health, well-being, and growth.
- Remote-first work flexibility within the United States.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →
Похожие вакансии
Senior Security Engineer (Cybersecurity)
Senior Director - Information and Cyber Security (Cybersecurity)
ISSO and Cyber Security Analyst
Security Governance Consultant (Cybersecurity)
GRC Security Analyst (Fintech)