Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Bonterra

PCI Analyst

Bonterra

Senior PCI Compliance Analyst overseeing PCI DSS Level 1 certification and supporting ISO 27001 and SOC frameworks. Collaborating across teams and ensuring operational excellence.

Posted 5/6/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $100,000 - $120,000 per yearWebsite

Tech Stack

Tools & technologies
Cloud

About the role

Key responsibilities & impact
  • Collaborate with Information Security, Risk & Compliance team members and control owners companywide
  • Lead PCI DSS Level 1 readiness, certification activities, and coordination with QSA assessors
  • Maintain scope documentation, evidence, and operational reports for PCI controls
  • Partner with Product Security on modernization initiatives that reduce PCI scope and improve control design
  • Manage issues, exceptions, and risk acceptance tracking with timely remediation
  • Align PCI evidence and controls with ISO 27001 and SOC frameworks to streamline reporting
  • Support audits, vendor assessments, and customer due-diligence requests related to PCI
  • Maintain compliance ticket queues, supplier/control registers, and awareness activities

Requirements

What you’ll need
  • 5 or more years of PCI DSS program management experience with direct involvement in Level 1 merchant or service provider assessments under DSS v4.0.1
  • Demonstrated ability to conduct independent risk analysis at the requirement level, including scoping determinations, compensating control construction, and risk acceptance documentation
  • Experience engaging QSAs from an authoritative posture, substantiating risk positions with documented evidence rather than deferring to QSA interpretation
  • Hands-on field experience working directly within engineering and infrastructure teams to evaluate control implementation at the technical layer and translate requirements into actionable remediation tasks
  • Familiarity with ISO 27001 and cloud-native service environments
  • Strong analytical, organizational, and communication skills with the ability to produce defensible compliance documentation under audit conditions
  • Experience with GRC platforms, ticketing systems, and security tooling (for example SIEM or vulnerability scanners)
  • Preferred certifications: PCIP, ISA (prior QSA credential strongly preferred), CISA, CISM, CISSP

Benefits

Comp & perks
  • Comprehensive benefits package that supports your health, well-being and growth
  • Bonuses
  • Incentives
  • Equity
  • Comprehensive benefits program

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
PCI DSSrisk analysiscontrol implementationcompensating control constructionremediation tasksISO 27001cloud-native servicescompliance documentationauditingvendor assessments
Soft Skills
analytical skillsorganizational skillscommunication skills
Certifications
PCIPISACISACISMCISSP