Home » Jobs » GRC Analyst w/PCI

GRC Analyst w/PCI

Job Description:

We are looking for a GRC (Governance, Risk, and Compliance) Analyst with experience in PCI DSS and SOC 2 audits to join our team. The ideal candidate will have 2-3 years of experience in the field, with a strong understanding of regulatory requirements and best practices in information security.


  • Conduct assessments and audits to evaluate compliance with PCI DSS and SOC 2 standards.
  • Develop and maintain policies, procedures, and controls to ensure adherence to regulatory requirements and industry best practices.
  • Collaborate with internal teams to identify and mitigate risks related to information security and data privacy.
  • Provide guidance and support to business units on security-related matters, including risk assessments, control implementation, and remediation activities.
  • Participate in the development and implementation of security awareness training programs for employees.
  • Stay abreast of emerging threats, vulnerabilities, and regulatory changes affecting the organization’s security posture.


Bachelor’s degree in computer science, Information Security, or related field.

  • 2-3 years of experience in governance, risk management, and compliance, with a focus on PCI DSS and SOC 2.
  • Familiarity with regulatory frameworks such as HIPAA, GDPR, and NIST Cybersecurity Framework.
  • Professional certifications such as CISSP, CISA, or CISM are highly desirable.
  • Experience working with Qualified Security Assessors (QSAs) is a plus.
  • Strong analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions.
  • Excellent communication skills, with the ability to effectively communicate technical concepts to non-technical stakeholders.
  • Ability to work independently and collaboratively in a fast-paced, dynamic environment.