Senior Information Security GRC Analyst

Join to apply for the Senior Information Security GRC Analyst role at WEX

Join to apply for the Senior Information Security GRC Analyst role at WEX

Get AI-powered advice on this job and more exclusive features.

About The Team/Role

We are seeking a highly experienced and proactive Information Security GRC Analyst Level 3 – PCI DSS Compliance to support our organization's PCI DSS compliance efforts. This role will focus on ensuring strict adherence to the Payment Card Industry Data Security Standard (PCI DSS) while contributing to broader governance, risk, and compliance (GRC) initiatives. The ideal candidate will possess deep expertise in PCI DSS and the ability to drive compliance programs in complex environments.

About The Team/Role

We are seeking a highly experienced and proactive Information Security GRC Analyst Level 3 – PCI DSS Compliance to support our organization's PCI DSS compliance efforts. This role will focus on ensuring strict adherence to the Payment Card Industry Data Security Standard (PCI DSS) while contributing to broader governance, risk, and compliance (GRC) initiatives. The ideal candidate will possess deep expertise in PCI DSS and the ability to drive compliance programs in complex environments.

How You'll Make An Impact

Participate and play a key role in the WEX PCI DSS compliance program, ensuring ongoing adherence to the latest PCI DSS requirements.

• Conduct and coordinate PCI DSS gap assessments, control evaluations, and risk assessments to identify and remediate deficiencies.
• Conduct and coordinate PCI DSS annual reviews in accordance with PCI DSS v4.0.1.
• Serve as the primary liaison for external audits, working closely with Qualified Security Assessors (QSAs), auditors, and regulatory bodies to ensure successful compliance certifications.
• Develop and maintain PCI DSS policies, procedures, and documentation to align with regulatory requirements and industry best practices.
• Collaborate with IT, Security, Legal, and Business teams to integrate PCI DSS controls into enterprise security and risk management frameworks.
• Implement security and compliance automation tools to enhance PCI DSS control effectiveness and efficiency.
• Stay updated on PCI DSS regulatory changes and evolving threats, advising on necessary adjustments.
• Support broader GRC initiatives, including ISO 27001, NIST, SOC 2, and risk management programs, as needed.
• Act as a subject matter expert (SME) for PCI DSS, advising stakeholders on compliance strategies, risks, and security best practices.
  
  

Experience You'll Bring

• Education: Bachelor's or Master's degree in Information Security, Computer Science, Business, or a related field (or equivalent work experience).
• Experience in information security, compliance, risk management, or a related field, with a strong focus on PCI DSS compliance. Experience with PCI issuing banks preferred.
• Technical Knowledge: In-depth understanding of PCI DSS, security frameworks (NIST, ISO 27001, SOC 2), risk management methodologies, cloud environments (AWS and Azure), and secure network architectures.
• Skills: Strong analytical, problem-solving, and project management skills; ability to communicate effectively with both technical and executive stakeholders.
• Tools & Technologies: Experience with GRC tools, security compliance platforms, vulnerability management tools, and cloud security.
• Certifications (Preferred): PCI Professional (PCIP), Qualified Security Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM).

Seniority level

• Seniority levelMid-Senior level

Employment type

• Employment typeFull-time

Job function

• Job functionInformation Technology
• IndustriesSoftware Development

Referrals increase your chances of interviewing at WEX by 2x

Sign in to set job alerts for "Senior Information Security Analyst" roles.

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

---