Compliance

• Lead the end-to-end PCI DSS Level-1 Service Provider assessment process in collaboration with the external QSA, from planning through final Report on Compliance (ROC) delivery
• Serve as the primary liaison with QSAs, external auditors, and internal stakeholders to ensure timely deliverables, effective communication, and resolution of findings
• Interpret PCI DSS requirements and provide actionable guidance to technical and business teams for effective implementation
• Oversee evidence gathering, review, and validation to support PCI DSS, SOX ITGC, operational audits in conjunction with Hyatt Internal Audit, and other compliance assessments
• Manage SOX ITGC audit activities, including coordinating with control owners, addressing deficiencies, maintaining control documentation, and overseeing remediation activities with the control owners
• Support other IT compliance initiatives such as vendor risk management, ISO 27001 alignment, and regulatory or contractual audits
• Develop and maintain compliance-related policies, procedures, and control documentation
• Track, monitor, and report compliance metrics to management and senior leadership
• Stay informed on regulatory and industry changes, advising stakeholders on potential impacts and required adjustments
• Drive process improvements to strengthen the organization’s overall compliance posture and reduce risk exposure
• Act as the 2nd line of defense for IT compliance engagements

Senior Governance, Risk, and Compliance Analyst

Salary

Job Level

Tech Stack

About the role

Requirements

Associate Cyber Governance, Risk & Compliance Analyst

Manager, Corporate Governance, Risk, and Compliance (GRC)- Remote (Anywhere in the U.S.)

Senior GRC Analyst

Security & Compliance Lead

Cybersecurity Threat Analyst