Security & Compliance Analyst - NYC Based
$90k - $110kOTG Exp
Job Title: Security & Compliance Analyst Location: Home Office Compensation: $90,000 - $110,000 per year Who We Are On the Go has elevated the dining and retail experience for travelers by bringing together world-class hospitality, award-winning dining concepts, and forward-thinking technology. With more than 300 unique dining and retail locations across North America's busiest airports, we're fueled by a passion for creating exceptional guest experiences-made possible every day by our incredible Crewmembers. At On the Go, people truly come first. We invest in our teams, and foster growth in an exciting, fast-paced environment where everyone can shine.
How We Do Business
How we work is just as meaningful as what we accomplish. Our Values- Care, Continuous Improvement, Quality, and Teamwork -guide the way we show up for our guests and for each other. We're committed to fostering an inclusive, safe, and uplifting workplace where people feel respected, empowered, and encouraged to bring their full selves to work.
Why This Job Is a Big Deal! The Security & Compliance Analyst is responsible for the organization's security posture and compliance obligations, with a primary focus on PCI DSS. This role oversees ongoing compliance efforts, conducts assessments, manages evidence collection, and supports the remediation of compliance gaps across restaurants & marketplaces, e-commerce platforms, and point-of-sale environments. The Security & Compliance Analyst works closely with IT, Engineering, Operations, and third-party business partners to maintain secure environments and achieve successful PCI DSS certification. In this Role you will... Support and maintain the organization's PCI DSS compliance program across all in-scope systems, networks, and business units. Conduct internal PCI assessments, gap analyses, and readiness reviews to identify and remediate compliance deficiencies. Maintain documentation of PCI controls, evidence, and audit artifacts in the company's Governance, Risk, and Compliance (GRC) platform. Partner with IT, Security, and Retail Operations to validate technical and procedural controls for compliance. Coordinate with Qualified Security Assessors (QSAs) during annual assessments, providing documentation and remediation updates. Monitor system changes, new technologies, and third-party services for PCI scope impact. Track and report compliance status, risks, and remediation progress to management. Develop and deliver PCI awareness training for staff and store-level employees handling payment data. Review and assess vendor compliance with PCI DSS and ensure required Attestations of Compliance (AOC) are maintained. Stay current on PCI DSS version updates, industry trends, and payment security best practices. Support broader security and compliance initiatives beyond PCI, including vendor risk management, cloud security controls (AWS), and policy development as the program matures. Qualifications Education & Experience Bachelor's degree in Information Security, Information Technology, or related field (or equivalent experience). 3-5 years of experience in IT security, compliance, or audit, preferably within a retail or financial environment. Hands-on experience with PCI DSS compliance programs, evidence collection, and remediation management. Preferred Certifications PCI Professional (PCIP) or Certified Information Systems Auditor (CISA) preferred; CISSP or equivalent a plus. Technical Skills Familiarity with network security, encryption, firewalls, vulnerability management, and logging systems. Familiarity with cloud environments, particularly AWS; experience with services relevant to secure data handling and compliance (e.g., IAM, CloudWatch, Secrets Manager, VPC segmentation) is a plus. Experience with compliance tracking, documentation, or GRC tools; familiarity with enterprise platforms such as ServiceNow or equivalent is a plus. Knowledge of POS systems, cardholder data environments, and segmentation practices. Soft Skills Strong attention to detail and analytical skills. Excellent written and verbal communication skills. Ability to work cross-functionally and manage multiple priorities in a fast-paced retail environment. Equal Opportunity Employer We're proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status. #LI-MS1
How We Do Business
How we work is just as meaningful as what we accomplish. Our Values- Care, Continuous Improvement, Quality, and Teamwork -guide the way we show up for our guests and for each other. We're committed to fostering an inclusive, safe, and uplifting workplace where people feel respected, empowered, and encouraged to bring their full selves to work.
Why This Job Is a Big Deal! The Security & Compliance Analyst is responsible for the organization's security posture and compliance obligations, with a primary focus on PCI DSS. This role oversees ongoing compliance efforts, conducts assessments, manages evidence collection, and supports the remediation of compliance gaps across restaurants & marketplaces, e-commerce platforms, and point-of-sale environments. The Security & Compliance Analyst works closely with IT, Engineering, Operations, and third-party business partners to maintain secure environments and achieve successful PCI DSS certification. In this Role you will... Support and maintain the organization's PCI DSS compliance program across all in-scope systems, networks, and business units. Conduct internal PCI assessments, gap analyses, and readiness reviews to identify and remediate compliance deficiencies. Maintain documentation of PCI controls, evidence, and audit artifacts in the company's Governance, Risk, and Compliance (GRC) platform. Partner with IT, Security, and Retail Operations to validate technical and procedural controls for compliance. Coordinate with Qualified Security Assessors (QSAs) during annual assessments, providing documentation and remediation updates. Monitor system changes, new technologies, and third-party services for PCI scope impact. Track and report compliance status, risks, and remediation progress to management. Develop and deliver PCI awareness training for staff and store-level employees handling payment data. Review and assess vendor compliance with PCI DSS and ensure required Attestations of Compliance (AOC) are maintained. Stay current on PCI DSS version updates, industry trends, and payment security best practices. Support broader security and compliance initiatives beyond PCI, including vendor risk management, cloud security controls (AWS), and policy development as the program matures. Qualifications Education & Experience Bachelor's degree in Information Security, Information Technology, or related field (or equivalent experience). 3-5 years of experience in IT security, compliance, or audit, preferably within a retail or financial environment. Hands-on experience with PCI DSS compliance programs, evidence collection, and remediation management. Preferred Certifications PCI Professional (PCIP) or Certified Information Systems Auditor (CISA) preferred; CISSP or equivalent a plus. Technical Skills Familiarity with network security, encryption, firewalls, vulnerability management, and logging systems. Familiarity with cloud environments, particularly AWS; experience with services relevant to secure data handling and compliance (e.g., IAM, CloudWatch, Secrets Manager, VPC segmentation) is a plus. Experience with compliance tracking, documentation, or GRC tools; familiarity with enterprise platforms such as ServiceNow or equivalent is a plus. Knowledge of POS systems, cardholder data environments, and segmentation practices. Soft Skills Strong attention to detail and analytical skills. Excellent written and verbal communication skills. Ability to work cross-functionally and manage multiple priorities in a fast-paced retail environment. Equal Opportunity Employer We're proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status. #LI-MS1
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Security & Compliance Analyst - NYC Based in New York, NY vacancy
$120.64k - $150.8k
...See yourself at Twilio Join the team as Twilio’s next Security Compliance & Regulatory Affairs Analyst About the job We are actively recruiting for this... ...leadership level. Location This role will be remote and based in Ontario, British Columbia or Alberta, Canada. Travel...SuggestedLocal areaRemote workWorldwideTwilio
New York, NY2 days ago$65k - $110k
...Full time Location Type Hybrid Department Compliance Compensation $65K – $110K • Offers... ...adherence by partnering with engineering, security, legal, and operations to make sure we are... ..., KYC, and AML processes and procedures based on best practices informed by operational...SuggestedFull timeWork at officeWork from homeFlexible hoursKubelt
New York, NY4 days ago$175k - $220k
...Privacy Compliance Program Manager You'll play a central role in building and scaling LangChain... ...Work directly with Engineering to embed security and privacy controls into our products,... ...on top of commitments as our customer base grows. Contribute to LangChain's...SuggestedContract workWork at officeFlexible hoursLangChain
New York, NY13 hours ago$115k - $130k
Senior Security Compliance Analyst (Remote - US) Senior Security Compliance Analyst (Remote - US) Get AI-powered advice on this job and more exclusive... ...range is provided by Jobgether. Your actual pay will be based on your skills and experience — talk with your recruiter to...SuggestedRemote jobFull timeWorldwideFlexible hours- ...Job Description The Security Risk & Compliance Analyst supports the organization’s global information security program by assisting in the identification... ...Physical Requirements This position is primarily office‑based with hybrid flexibility. The role may require occasional...SuggestedWork at office
Victaulic
New York, NY3 days ago $130k - $160k
...OpenSesame is seeking a Senior Security Analyst to strengthen the company's security posture in a fast-moving environment. You will manage... ...penetration testing, and collaborate with engineering and compliance teams. The role emphasizes the integration of AI security practices...Remote workOpenSesame
New York, NY1 day ago- ...scale their operations with compliance and creativity. Simply put, Lead... ...Bank is looking for a Senior Security Analyst to join our Security... ...vulnerability findings using risk‑based frameworks and track remediation... ...875 - $170,910 (SF/Bay Area, NYC, Seattle) #LI-AG1 #J-18808-...Flexible hoursShift work
Lead.com
New York, NY4 days ago - ...A leading crypto company seeks a senior professional for its Security Team to lead SOC examinations and develop IT control processes... ..., Engineering, and Finance to enforce audit rigor and enhance compliance. The ideal candidate has over 5 years of audit experience, strong...Remote work
Kraken
New York, NY2 days ago - ...Velera is looking for an IT Security Compliance Analyst to support compliance programs in a remote setting. This role involves auditing security configurations, developing compliance policies, and collaborating with leaders to ensure adherence to regulations. The ideal...Remote work
Velera
New York, NY13 hours ago $85k - $105k
...build, and test the PeopleSoft security to support and maintain the... ...related questions from users, analysts and managers. Ensure compliance with applicable government... ...Information In compliance with NYC's Pay Transparency Act, the annual base salary range for this position...Work experience placementNew York University
New York, NY3 days ago- Velera Solutions, LLC is seeking an IT Security Compliance Analyst who will provide critical support for IT compliance programs and collaborate with business leaders. This role includes auditing security configurations, developing compliance metrics, and ensuring adherence...
- A leading crypto firm is seeking a senior professional to lead IT audit initiatives and manage compliance programs. The position involves close collaboration with different teams to design scalable controls and improve audit outcomes. The ideal candidate has over 5 years...Remote job
- ...Velera, a premier fintech solutions provider in the United States, is seeking an IT Security Compliance Analyst to support compliance programs. This role involves auditing user and system security configurations, performing compliance verification audits, and collaborating...
Gravity Engineering Services Pvt Ltd.
New York, NY4 days ago - ...Capitol Federal Savings Bank is seeking an Information Security Risk and Compliance Analyst to join the Compliance and Risk Management team. The analyst will monitor access changes and enforce compliance with security policies, managing phishing testing programs and delivering...Work at office
Capitol Federal Savings Bank
New York, NY1 day ago $117k - $130k
...the role: We are seeking a Security Analyst to join our Security team. This... ...Garner is headquartered in NYC, but this position is available... ...and automate security-based data analytics at scale. Navigate... ...the execution of recurring compliance tasks and documentation, ensuring...Remote workWork visaFlexible hoursGarner Health
New York, NY1 day ago$115k - $125k
...Information Security Analyst Betterment HQ - New York City About Betterment Betterment... ...and ease. We're headquartered in NYC and offer hybrid NY-based positions (four days/ week in-... ...a variety of governance, risk, and compliance activities related to security....Temporary workFor contractorsSummer holidayWork at officeLocal areaFlexible hoursBetterment
New York, NY2 days ago- ...Victaulic is seeking a Security Risk & Compliance Analyst to support its global information security program across various regulatory frameworks. This role involves conducting risk assessments, managing compliance documentation, and coordinating third-party audits. Ideal...
Victaulic
New York, NY13 hours ago $100k - $140k
...Alto Networks, AWS, Demisto) and Dan (ex-Abnormal Security, Twitter) have previously built, launched, and scaled... ...to join us and support our expanding customer base. Job Overview We're looking for a Security Analyst to be at the core of what we do: reviewing real security...Artemis Llc
New York, NY1 day ago$70k - $75k
...Epic Security Analyst Location: Ohio Employment Type: Full time Location Type: On-site Compensation... ...internal controls Partnering with HR, Compliance, and IT Security on identity lifecycle... ...Epic security modules preferredCompetitive base compensation #J-18808-Ljbffr...Full timeWork experience placementVytalize
Brooklyn, NY4 days ago$100k - $130k
...by BLACKCLOAK. Your actual pay will be based on your skills and experience — talk with... ...is looking for a sharp and proactive Security Analyst to join our team. In this role, you\'ll... ...play a critical part in our continuous compliance program, help develop our threat detection...Full timeTemporary workRemote workHome officeFlexible hoursBLACKCLOAK
New York, NY2 days ago- ...We are seeking an Epic Analyst - Support & Training to provide end-user support, workflow assistance, and training, particularly during... ...clinical stakeholders Problem-solving and adaptability Perks & Benefits Competitive base compensation Health benefits #J-18808-Ljbffr...
Vytalize Health
Brooklyn, NY3 days ago - ...Dexian is seeking a Cybersecurity Analyst specialized in Kubernetes & Container Security for a position based in Atlanta, GA or Birmingham, AL. This role involves securing Kubernetes and OpenShift environments, identifying container vulnerabilities, and enhancing DevOps...Hourly pay
Dexian
New York, NY20 hours ago - ...world that we serve. The Information Technology group delivers secure, reliable technology solutions that enable DTCC to be the trusted... ...Pay and Benefits: Competitive compensation, including base pay and annual incentive Comprehensive health and life insurance...InternshipRemote workFlexible hours
Dtcc
Jersey City, NJ4 days ago - ...and strengthen the organization’s overall security posture while protecting company and... ...Active Directory ServiceNow Role-Based Access Control (RBAC) Least... ...Understanding of security governance, risk, and compliance processes. Familiarity with access...
Techvilla Solutions
Jersey City, NJ13 hours ago - ...Exciting Security / Soc Analyst III, 6 months contract opportunity in Houston, TX. 5 plus years experience in the security domain, Incident Response... ...‑on experience defining detection or protection schemes based on industry standards and frameworks. SIEM, Endpoint...Contract work
Wavestrong
New York, NY3 days ago $91k - $169k
...Warner Bros. Discovery is hiring an Analyst to enhance content security processes. This hybrid position in NYC/Burbank involves documenting workflows, developing KPIs, and collaborating with various stakeholders. Ideal candidates will have 5–7 years in content security...Warner Bros. Discovery
New York, NY4 days ago$86.46k - $126k
...Join to apply for the Senior Security Analyst role at Jack Henry Join to apply for the Senior... ...effectiveness of data security controls, compliance, and governance across the organization... ...range for this role is $86,464-$126,000 based upon experience and location. This role...Full timeLocal areaRemote workJack Henry
New York, NY2 days ago- ...automation, and intelligent insights. The Role The Security Analyst, Information Security is responsible for managing... ...and applications, including policy assessment and compliance tools, network appliances, and host-based security systems Participates in incident...Contract workFor contractorsWork experience placementLocal areaRemote work
Presidio
New York, NY3 days ago $60k - $80k
...Overview Under the direction of the Security Operations Lead, the Security Analyst plays a key role in supporting and... ...the IT environment, ensuring compliance with security policies, and maintaining... ...Position Salary Range: The annual base salary range for this full-time...Full timeRemote workImageTrend
New York, NY2 days ago$229k - $343.6k
...Security Analyst, Bridge Stripe is a financial infrastructure platform for businesses. Millions... ...the security governance, risk, and compliance programs from the ground up, while also... ...from a Stripe office). The annual US base salary range for this role is $229,000...Work at officeRemote workStripe
New York, NY2 days ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security & Compliance Analyst - NYC Based. Be the first to apply!
Related searches
- entry level security analyst New York, NY
- cloud security analyst New York, NY
- information security compliance analyst New York, NY
- application security analyst New York, NY
- security operations analyst New York, NY
- entry level information security analyst New York, NY
- information security analyst New York, NY
- bond analyst New York, NY
- work from home security analyst New York, NY
- network security analyst New York, NY