Security & Compliance Analyst - NYC Based
$90k - $110kOTG Exp
Job Title: Security & Compliance Analyst Location: Home Office Compensation: $90,000 - $110,000 per year Who We Are On the Go has elevated the dining and retail experience for travelers by bringing together world-class hospitality, award-winning dining concepts, and forward-thinking technology. With more than 300 unique dining and retail locations across North America's busiest airports, we're fueled by a passion for creating exceptional guest experiences-made possible every day by our incredible Crewmembers. At On the Go, people truly come first. We invest in our teams, and foster growth in an exciting, fast-paced environment where everyone can shine.
How We Do Business
How we work is just as meaningful as what we accomplish. Our Values- Care, Continuous Improvement, Quality, and Teamwork -guide the way we show up for our guests and for each other. We're committed to fostering an inclusive, safe, and uplifting workplace where people feel respected, empowered, and encouraged to bring their full selves to work.
Why This Job Is a Big Deal! The Security & Compliance Analyst is responsible for the organization's security posture and compliance obligations, with a primary focus on PCI DSS. This role oversees ongoing compliance efforts, conducts assessments, manages evidence collection, and supports the remediation of compliance gaps across restaurants & marketplaces, e-commerce platforms, and point-of-sale environments. The Security & Compliance Analyst works closely with IT, Engineering, Operations, and third-party business partners to maintain secure environments and achieve successful PCI DSS certification. In this Role you will... Support and maintain the organization's PCI DSS compliance program across all in-scope systems, networks, and business units. Conduct internal PCI assessments, gap analyses, and readiness reviews to identify and remediate compliance deficiencies. Maintain documentation of PCI controls, evidence, and audit artifacts in the company's Governance, Risk, and Compliance (GRC) platform. Partner with IT, Security, and Retail Operations to validate technical and procedural controls for compliance. Coordinate with Qualified Security Assessors (QSAs) during annual assessments, providing documentation and remediation updates. Monitor system changes, new technologies, and third-party services for PCI scope impact. Track and report compliance status, risks, and remediation progress to management. Develop and deliver PCI awareness training for staff and store-level employees handling payment data. Review and assess vendor compliance with PCI DSS and ensure required Attestations of Compliance (AOC) are maintained. Stay current on PCI DSS version updates, industry trends, and payment security best practices. Support broader security and compliance initiatives beyond PCI, including vendor risk management, cloud security controls (AWS), and policy development as the program matures. Qualifications Education & Experience Bachelor's degree in Information Security, Information Technology, or related field (or equivalent experience). 3-5 years of experience in IT security, compliance, or audit, preferably within a retail or financial environment. Hands-on experience with PCI DSS compliance programs, evidence collection, and remediation management. Preferred Certifications PCI Professional (PCIP) or Certified Information Systems Auditor (CISA) preferred; CISSP or equivalent a plus. Technical Skills Familiarity with network security, encryption, firewalls, vulnerability management, and logging systems. Familiarity with cloud environments, particularly AWS; experience with services relevant to secure data handling and compliance (e.g., IAM, CloudWatch, Secrets Manager, VPC segmentation) is a plus. Experience with compliance tracking, documentation, or GRC tools; familiarity with enterprise platforms such as ServiceNow or equivalent is a plus. Knowledge of POS systems, cardholder data environments, and segmentation practices. Soft Skills Strong attention to detail and analytical skills. Excellent written and verbal communication skills. Ability to work cross-functionally and manage multiple priorities in a fast-paced retail environment. Equal Opportunity Employer We're proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status. #LI-MS1
How We Do Business
How we work is just as meaningful as what we accomplish. Our Values- Care, Continuous Improvement, Quality, and Teamwork -guide the way we show up for our guests and for each other. We're committed to fostering an inclusive, safe, and uplifting workplace where people feel respected, empowered, and encouraged to bring their full selves to work.
Why This Job Is a Big Deal! The Security & Compliance Analyst is responsible for the organization's security posture and compliance obligations, with a primary focus on PCI DSS. This role oversees ongoing compliance efforts, conducts assessments, manages evidence collection, and supports the remediation of compliance gaps across restaurants & marketplaces, e-commerce platforms, and point-of-sale environments. The Security & Compliance Analyst works closely with IT, Engineering, Operations, and third-party business partners to maintain secure environments and achieve successful PCI DSS certification. In this Role you will... Support and maintain the organization's PCI DSS compliance program across all in-scope systems, networks, and business units. Conduct internal PCI assessments, gap analyses, and readiness reviews to identify and remediate compliance deficiencies. Maintain documentation of PCI controls, evidence, and audit artifacts in the company's Governance, Risk, and Compliance (GRC) platform. Partner with IT, Security, and Retail Operations to validate technical and procedural controls for compliance. Coordinate with Qualified Security Assessors (QSAs) during annual assessments, providing documentation and remediation updates. Monitor system changes, new technologies, and third-party services for PCI scope impact. Track and report compliance status, risks, and remediation progress to management. Develop and deliver PCI awareness training for staff and store-level employees handling payment data. Review and assess vendor compliance with PCI DSS and ensure required Attestations of Compliance (AOC) are maintained. Stay current on PCI DSS version updates, industry trends, and payment security best practices. Support broader security and compliance initiatives beyond PCI, including vendor risk management, cloud security controls (AWS), and policy development as the program matures. Qualifications Education & Experience Bachelor's degree in Information Security, Information Technology, or related field (or equivalent experience). 3-5 years of experience in IT security, compliance, or audit, preferably within a retail or financial environment. Hands-on experience with PCI DSS compliance programs, evidence collection, and remediation management. Preferred Certifications PCI Professional (PCIP) or Certified Information Systems Auditor (CISA) preferred; CISSP or equivalent a plus. Technical Skills Familiarity with network security, encryption, firewalls, vulnerability management, and logging systems. Familiarity with cloud environments, particularly AWS; experience with services relevant to secure data handling and compliance (e.g., IAM, CloudWatch, Secrets Manager, VPC segmentation) is a plus. Experience with compliance tracking, documentation, or GRC tools; familiarity with enterprise platforms such as ServiceNow or equivalent is a plus. Knowledge of POS systems, cardholder data environments, and segmentation practices. Soft Skills Strong attention to detail and analytical skills. Excellent written and verbal communication skills. Ability to work cross-functionally and manage multiple priorities in a fast-paced retail environment. Equal Opportunity Employer We're proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status. #LI-MS1
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Security & Compliance Analyst - NYC Based in New York, NY vacancy
$115k - $130k
...Senior Security Compliance Analyst (Remote - US) Senior Security Compliance Analyst (Remote - US) Get AI-powered advice on this job and more exclusive... ...range is provided by Jobgether. Your actual pay will be based on your skills and experience — talk with your recruiter to...SuggestedFull timeRemote workWorldwideFlexible hoursJobgether
New York, NY2 days ago$120.64k - $150.8k
...See yourself at Twilio Join the team as Twilio’s next Security Compliance & Regulatory Affairs Analyst About the job We are actively recruiting for this... ...leadership level. Location This role will be remote and based in Ontario, British Columbia or Alberta, Canada. Travel...SuggestedLocal areaRemote workWorldwideTwilio
New York, NY2 days ago$88k - $124k
...IG Compliance & Security Analyst Cooley is seeking an IG Compliance & Security Analyst to join the Information Governance & Data Privacy team.... ...position and would be eligible for a higher salary range based on experience. We offer a full range of elective benefits...SuggestedFull timeContract workTemporary workWork experience placementWork at officeFlexible hoursWeekend workCooley
New York, NY2 days ago- ...Security & Compliance Analyst Edera L3C is a fast‑growing healthcare consultancy that addresses today’s issues and helps create tomorrow’s solutions... ...Director of Technology. Compensation will be determined based on experience, employment status, and market analysis. Responsibilities...SuggestedFull timeContract workPart timeRemote workFlexible hours
National Coordination Center by Edera L3C
New York, NY2 days ago - ...Job Responsibilities: Assist in our security compliance programs, including ISO27001, ISO27701, PCI-DSS, SOC2 Type 2, and local regulations Participate... ...to meet US regulations, (CFTC, FINRA, SEC, and other US based regulators.) Are a strong commitment to personal learning and...SuggestedLocal area
Energent Media
New York, NY2 days ago $88k - $124k
IG Compliance & Security Analyst Cooley is seeking an IG Compliance & Security Analyst to join the Information Governance & Data Privacy team. Position... ...position and would be eligible for a higher salary range based on experience. We offer a full range of elective benefits...Full timeTemporary workWork experience placementFlexible hoursWeekend work$115k - $130k
...Canadian Imperial Bank of Commerce is seeking an Associate for Securities Lending in New York, NY. This full-time position involves providing... ...environment. The expected salary range is $115,000 - $130,000 based on qualifications and experience. #J-18808-Ljbffr Canadian...Full time- ...A leading crypto company seeks a senior professional for its Security Team to lead SOC examinations and develop IT control processes... ..., Engineering, and Finance to enforce audit rigor and enhance compliance. The ideal candidate has over 5 years of audit experience, strong...Remote work
Kraken
New York, NY2 days ago $130k - $160k
...OpenSesame is seeking a Senior Security Analyst to strengthen the company's security posture in a fast-moving environment. You will manage... ...penetration testing, and collaborate with engineering and compliance teams. The role emphasizes the integration of AI security practices...Remote workOpenSesame
New York, NY2 days ago- ...A leading healthcare consultancy in the United States is looking for a Security & Compliance Analyst. This role supports compliance with CMMC Level 2 requirements and focuses on documentation accuracy, monitoring, and continuous improvement of cybersecurity processes....Remote workFlexible hours
National Coordination Center by Edera L3C
New York, NY2 days ago - ...Velera is seeking a Remote Senior IT Security Compliance Analyst to support technology compliance programs. This role involves leading compliance functions, collaborating with stakeholders, and maintaining necessary security certifications. The ideal candidate will have...Remote workFlexible hours
Velera
New York, NY4 days ago $70k - $80k
...Chickasaw Nation Industries is seeking a Cybersecurity Assessment and Authorization Analyst who will execute security certifications and manage compliance with government regulations for the Department of Health and Human Services. This position requires eight years of...CHICKASAW NATION INDUSTRIES INC
New York, NY2 days ago$136k - $187k
...Secure Every Identity, from AI to Human Identity... ...As a senior level analyst of Customer Assurance,... ...reports into clear, risk-based narratives that address... ...and IT regulation and compliance standards Strong oral... ...process. In accordance with NYC Local Law 144, if you are...Work experience placementLocal areaWorldwideFlexible hoursOkta, Inc.
New York, NY1 day ago- ...Senior Security Analyst We are looking for a senior security analyst with 10+ years experience in cybersecurity to include leading or being part of an incident response team. Customer location: New York City (lower east side) Duration: 12 months Start date: End of...Day shift
Suncap Technology
New York, NY20 days ago - ...Security Analyst Job Location: NYC, NY (Looking for local Candidate - MUST be able to onsite interview for this role in NYC) Job Type: 6+ Months Contract... ...security vulnerabilities to determine the risk based on severity, threat likelihood and firm impact. Operate...Contract workWork experience placementLocal area
ClifyX
New York, NY1 day ago - ...scale their operations with compliance and creativity. Simply put... ...Bank is looking for a Senior Security Analyst to join our Security Operations... ...findings using risk-based frameworks and track remediation... ...Zone 1: $142,875 - $170,910 (SF/Bay Area, NYC, Seattle) #LI-AG1Flexible hoursShift work
Lead Bank
New York, NY4 days ago - ...Junior Security Analyst We are seeking a junior security analyst (no clearance required) with the following background: Two years general security experience. Resource will focus on triage and investigation. Will support / be exposed to the following types of technologies...Contract work
Suncap Technology
New York, NY1 day ago - OTG is looking for a Security & Compliance Analyst to support and maintain PCI DSS compliance across all in-scope systems. The role involves conducting assessments, managing evidence collection, and working with IT and operations to ensure secure environments. Candidates...Remote job
- ...Responsibilities Kforce has a client in NYC that is seeking a Information Security Analyst IV.Summary:The Information... ..., as is familiarity with compliance requirements relevant to cloud applications... ...Able to assess risk, prioritize based on business impact, and think...Hourly payContract workShift work
Kforce
New York, NY8 hours ago $70 - $80 per hour
...position is Hudson Yards, NYC or Bethlehem, PA, with a hybrid... ...: As Sr. Information Security Governance Analyst, you will perform cyber risk... ...individual who thrives on risk-based decision-making and cross-... ...on governance, risk, and compliance. • Strong communication...Contract workH1bWork at officeRemote work3B Staffing LLC
New York, NY1 day ago- ...Position: Security Risk Analyst Location: Onsite at 55 Water Street, NYC Position Type: Long Term Contract / Potential... ...CISO's strategic and process-based activities and the work of the... ...information security and compliance with HIPAA, Joint Commission,...Long term contractShift work
RIT Solutions, Inc.
New York, NY8 hours ago - ...leading international banking institute in New York City seeks a Senior IT Information Security Operation Analyst. In this role, you will manage daily security operations, ensure compliance with regulations, and drive security initiatives. Applicants should have...
$72 per hour
...enterprise environments that require experienced analysts and engineers to strengthen detection,... ...What You’ll Actually Be Doing Monitor security events and respond to incidents in real... ...SOC visibility Work onsite with NYC-based security teams Must-Haves (Don’t Apply...3 days per week$70k - $84.7k
Position Summary The Information Security Analyst Tier 1 serves as the... ...and refining detection logic based on observed activity, automating... ...investigative steps are logged for compliance and hand‑off purposes. This... ...In compliance with NYC's Pay Transparency Act, the annual...Work experience placement- Responsibilities Kforce has a client in NYC that is seeking an Information Security Analyst IV. The analyst will work in a... ..., as is familiarity with compliance requirements relevant to cloud applications... ...Able to assess risk, prioritize based on business impact, and think...Hourly payContract workShift work
$115k - $125k
...confidence and ease. We’re headquartered in NYC and offer hybrid NY‑based positions (four days per week in‑... ...We are looking for an information security professional with 2+ years... ...a variety of governance, risk, and compliance activities related to security, including...For contractorsSummer holidayWork at officeLocal areaFlexible hours$25 per hour
...services. We are the global leader in WordPress security, protecting over 5 million websites. We’re looking for a Security Analyst Support Intern to join the Wordfence team and... ...We value diversity and do not discriminate based on race, color, religion or creed, national...Hourly payCasual workInternshipLive inImmediate startRemote workWordfence
New York, NY2 days ago$105.33k - $135k
...Location Type Remote Department Security Compensation $105,333 – $135,... ...Total compensation will vary based on geographic location and... ...respectfully. As a Security Analyst you will help build a culture... ...to comply with security and compliance frameworks and standards such...Full timeWork experience placementLive inLocal areaRemote workNight shiftIndustrious Ventures
New York, NY2 days ago- ...Overview We are looking for a proactive Security Analyst to serve as the frontline defender of... ...prioritize security alerts and events based on their potential risk and impact. Analyze... ...ITIL best practices, network security, compliance, and vendor management. Experience...Work experience placement
Tactacam
New York, NY2 days ago - ...Full-time · Remote · US-based · Senior level · Reports to CISO US citizenship or Lawful... ...Unclassified Information (CUI); no security clearance required. About Lynk Lynk is building... ...CISO, you’ll own Lynk’s cybersecurity compliance program across CMMC Level 2 / NIST SP 80...Permanent employmentFull timeContract workRemote work
Lynk Inc
New York, NY2 days ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security & Compliance Analyst - NYC Based. Be the first to apply!
Related searches
- information security compliance analyst New York, NY
- application security analyst New York, NY
- network security analyst New York, NY
- junior security analyst New York, NY
- national security analyst New York, NY
- rate analyst New York, NY
- cloud security analyst New York, NY
- security analyst intern New York, NY
- security operations analyst New York, NY
- entry level security analyst New York, NY