Lead PCI Analyst in United States at Jobgether
Explore Related Opportunities
Job Description
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Lead PCI Analyst based in United States.
This senior compliance and security role sits at the intersection of payment security, enterprise risk management, and software engineering, with a strong focus on PCI DSS Level 1 program ownership. You will act as a strategic advisor to engineering and product teams, ensuring that payment systems are designed with security and compliance built in from the start. The role spans architecture review, risk analysis, and hands-on collaboration with technical teams working on modern cloud-native and AI-enabled payment systems. You will lead PCI readiness efforts, guide audit engagements, and coordinate cross-functional responses to compliance events. With exposure across engineering, security, and governance functions, you will help shape scalable control frameworks that reduce PCI scope and strengthen overall security posture. This is a high-impact position with significant visibility across enterprise risk and compliance leadership.
- Own and lead the end-to-end PCI DSS Level 1 compliance program, including readiness, certification, and coordination with external QSA assessors.
- Partner with engineering and product teams during design phases to ensure PCI security-by-design principles are embedded in payment architectures.
- Provide expert guidance on tokenization, cryptographic key management, and cardholder data environment segmentation strategies.
- Lead secure SDLC practices, including threat modeling, software supply chain security, and control validation across payment workflows.
- Oversee PCI incident and event response, including investigation, evidence collection, executive communication, and remediation tracking.
- Conduct advanced risk analysis for PCI controls and AI-enabled components within payment systems, ensuring proper scoping and compliance alignment.
- Maintain audit-ready documentation, control evidence, and compliance reporting aligned with PCI DSS, ISO 27001, and SOC frameworks.
- 7+ years of experience managing PCI DSS programs, including direct involvement in PCI DSS Level 1 assessments under v4.0.1.
- Strong background advising engineering teams on PCI requirements, translating compliance needs into actionable technical and architectural guidance.
- Proven experience leading PCI audit events, including coordination with QSAs and end-to-end remediation oversight.
- Deep expertise in risk analysis, including scoping decisions, compensating controls, and security-by-design tradeoffs in complex environments.
- Working knowledge of AI/ML systems in payment environments, including data flows, inference pipelines, and third-party AI integrations impacting PCI scope.
- Hands-on experience collaborating with engineering and infrastructure teams to validate control implementation at a technical level.
- Familiarity with cloud environments, ISO 27001, GRC tools, and security monitoring platforms.
- Strong communication skills with the ability to produce audit-ready documentation and engage confidently with senior stakeholders.
- Competitive base salary range: $139,991 – $174,009, based on experience and location.
- Comprehensive healthcare coverage including medical, dental, and vision insurance.
- 401(k) retirement plan with employer matching contributions.
- Flexible remote work arrangements supporting work-life balance.
- Generous paid time off, holidays, and parental leave programs.
- Professional development opportunities and certification support.
- Additional benefits including disability coverage, life insurance, and wellness programs.