Analyst, PCI Compliance

Job Summary

As a PCI Compliance Analyst, you will be responsible for ensuring our adherence to the Payment Card Industry Data Security Standard (PCI DSS). You will lead the assessment of the organization’s security measures, implement necessary controls, and maintain ongoing compliance with PCI DSS 4.0 requirements. We are seeking someone with strong information security experience, solid knowledge of PCI DSS regulations, and a background in compliance audits.

Key Accountabilities

• Lead evidence collection, adopt security policy adjustments, and oversee other essential tasks required for successful PCI compliance audits;
• Work closely with external auditors and assessors to support PCI DSS compliance audits;
• Contribute to the development and implementation of PCI DSS training and awareness initiatives for our staff as part of the broader security awareness program;
• Stay up to date on evolving PCI DSS requirements and industry best practices, ensuring our organization remains compliant with the latest standards;
• Continuously assess and refine our security posture to mitigate risks and strengthen overall security;
• Develop policies and procedures governing PCI data security across all cardholder data environments;
• Act as the point of contact for all PCI DSS–related requests and communications;
• Provide guidance and support to internal stakeholders on matters related to PCI DSS compliance; and
• Lead and carry out projects aimed at improving cybersecurity governance and risk management, including but not limited to mitigating risks of non‑compliance with PCI DSS requirements.

Job Requirements

• Bachelor’s degree in Information Technology, Computer Science, or equivalent practical experience;
• A minimum of three (3) years of hands‑on experience in information security, with a focus on PCI DSS compliance;
• Strong knowledge of PCI DSS standards;
• Proficiency in implementing and maintaining compliance controls;
• Strong understanding of information security principles and best practices;
• Proven experience conducting security assessments and audits;
• Ability to thrive both independently and collaboratively in a dynamic environment;
• Meticulous attention to detail with a commitment to accuracy and excellence;
• Knowledge of NIST, ISO, and other cybersecurity standards is an asset;
• Knowledge of privacy regulations is an asset;
• Commitment to continuous learning with the ability to adapt and evolve quickly; and
• Bilingual (French and English), with working knowledge of Spanish considered an asset.