Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Security GRC Analyst (PCI ISA Specialist)

$88.95k - $150.43k

BigCommerce

  • # Senior Security GRC Analyst (PCI ISA Specialist)Applyremote type: Hybridlocations: Austin, TXtime type: Full timeposted on: Posted 2 Days Agojob requisition id: JR102484# **Welcome to the Agentic Commerce Era**## At Commerce, our mission is to empower businesses to innovate, grow, and thrive with our open, AI-driven commerce ecosystem. As the parent company of BigCommerce, Feedonomics, and Makeswift, we connect the tools and systems that power growth, enabling businesses to unlock the full potential of their data, deliver seamless and personalized experiences across every channel, and adapt swiftly to an ever-changing market. We believe in harnessing AI responsibly to unlock new possibilities, and we’re looking for individuals who use it intentionally to solve problems, accelerate outcomes, and expand what’s possible in their role. Our purpose is to help businesses confidently solve complex commerce challenges so they can build smarter, adapt faster, and grow on their own terms. If you want to be part of a team of bold builders, sharp thinkers, and technical trailblazers who shape the future of commerce, this is the place for you.As a **Senior Security GRC Analyst and Internal Security Assessor (ISA)****,** you will serve as the primary Subject Matter Expert (SME) for our global PCI DSS program at Commerce. We operate a highly mature PCI DSS 4.0 environment; your mission is to lead the continuous evolution of this program, ensuring that compliance is integrated into our "business as usual" (BAU) operations.While your primary focus is PCI, you will be a key player in our broader GRC function, supporting our SOC2 and ISO 27001 certifications. You will act as the technical bridge between our Engineering, Infrastructure, and IT teams and external auditors, ensuring that our high-security standards are documented, validated, and maintained.## What You'll Do:### PCI SME & Internal Security Assessor (ISA)* ISA Leadership: Serve as the officially designated PCI ISA for the organization. Manage the annual assessment lifecycle, including scoping, evidence collection, and validation of controls.* PCI 4.0 Evolution: Direct the ongoing maintenance of our PCI 4.0 program, with a specific focus on managing Targeted Risk Analyses (TRAs) and the customized approach where applicable.* Scoping & Segmentation: Partner with Cloud Engineering to validate PCI scope across our global footprint, ensuring effective network segmentation and data flow isolation.* QSA Liaison: Act as the primary point of contact for our external QSA, defending our control environment and streamlining the audit process to minimize disruption to technical teams.* Continuous Compliance: Operationalize PCI requirements (e.g., quarterly scans, penetration test remediation) into automated workflows.### ### Multi-Framework Audit Management* Unified Control Framework: Support the broader GRC team in managing our SOC2 Type 2, ISO 27001, and other regulatory audits (as seen on Technical Advisory: Provide GRC perspective on architectural designs, product launches, and infrastructure changes to ensure "compliance by design."* Remediation Management: Track and drive the remediation of audit findings and security gaps, working closely with asset owners to find pragmatic, secure solutions.## ## Who You Are:* Experience: 6+ years in an Information Security or IT Audit role, with at least 3 years of deep focus on PCI DSS within a major cloud-native environment.* Certification: Active PCI ISA (Internal Security Assessor) or PCI QSA certification is mandatory.* Regulatory Expertise: Thorough understanding of PCI DSS 4.0 requirements and the practical application of the standard in modern environments.* Audit Fluency: Proven experience leading Level 1 Service Provider assessments.* Communication: Ability to explain complex compliance requirements to developers and business leaders in a way that emphasizes enablement rather than "blockage."## ## Preferred Qualifications* Broad Framework Knowledge: Experience with SOC2 and ISO 27001:2022.* Cloud Security: Experience with GRC automation and familiarity with modern cloud-native security and observability tools.* Automation Mindset: Experience using GRC platforms and a desire to automate manual evidence collection to reduce audit fatigue.## ## About You* You understand the "Why": You don't just "do compliance"; you understand the security intent behind every control and can help teams meet the requirement in a way that actually improves our security posture.* Technical Curiosity: You are comfortable diving into technical configurations (IAM policies, VPC flow logs, etc.) to verify control effectiveness yourself.* Adaptable: You enjoy the challenge of a high-paced environment where scale and security must coexist and evolve together.*This is a Hybrid role - Beginning March 1, 2026, employees who live within commuting distance of a Dedicated Office will be expected to be in the office three days per week.*#LI-KE1#LIHYBRID**(Pay Transparency Range:**$88,951.00 - $150,432.00**)**
  • J-18808-Ljbffr BigCommerce

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Senior Security GRC Analyst (PCI ISA Specialist) in Austin, TX vacancy
  • Commerce Inc in Austin is looking for a Senior Security Governance Risk and Compliance Analyst to support compliance programs and implement risk improvement projects...  ...compliance with various regulations including PCI and GDPR. The ideal candidate will have 5-6 years of... 
    Senior

    Commerce Co.

    Austin, TX
    4 days ago
  • Cacheflow is looking for a Senior Security GRC Analyst to serve as the SME for the PCI DSS program. This role involves leading compliance efforts and acting as a technical bridge between various teams and auditors. The ideal candidate will have extensive experience in Information... 
    Senior

    Cacheflow

    Austin, TX
    2 days ago
  • QUANTUM GLOBAL TECHNOLOGIES, LLC is seeking an Analyst III in IT Infosec to bolster its security framework based in Austin, Texas. The role entails enhancing security policies, compliance automation, and vendor risk management. The ideal candidate should possess a bachelor... 
    Senior

    Quantum Global Technologies

    Manor, TX
    1 day ago
  • $88.95k - $150.43k

    BigCommerce Pty. is seeking a Senior Security GRC Analyst in Austin, TX to lead the PCI DSS program. You will serve as a key Subject Matter Expert, ensuring compliance...  ...will have over 6 years of experience, an Active PCI ISA certification, and strong communication skills. The... 
    Senior

    BigCommerce Pty.

    Austin, TX
    1 day ago
  • BigCommerce Pty in Austin, TX is looking for a Senior Security GRC Analyst to lead the PCI DSS program and ensure compliance across operations. You will serve as the primary PCI ISA and oversee audits while advocating for security integration in business processes. The... 
    Senior

    BigCommerce Pty

    Austin, TX
    1 day ago
  • $88.95k - $150.43k

    BigCommerce Pty. is seeking a Senior Security GRC Analyst (PCI ISA Specialist) in Austin, TX. This hybrid role involves leading PCI DSS compliance initiatives, managing audit processes, and integrating security into business operations. The ideal candidate has over 6 years... 
    Senior

    BigCommerce Pty.

    Austin, TX
    1 day ago
  • $88.95k - $150.43k

    Commerce is seeking a Senior Security GRC Analyst & Internal Security Assessor (ISA) in Austin, Texas. In this hybrid role, you will manage the PCI DSS program and ensure compliance while working with diverse teams. The ideal candidate has over 6 years of experience in... 
    Senior

    Commerce

    Austin, TX
    18 hours ago
  •  ...RSA Archer Administration/Configuration), Preferred 10+ Years (Enterprise/Government GRC Environments) Job Description: Seeking an experienced RSA Archer GRC Security Analyst to support enterprise governance, risk, and compliance initiatives through the... 

    Siritech Solutions Corp

    Austin, TX
    13 days ago
  •  ...Job Description Job Description GRC Archer Network Security Analyst II (RSA Archer Specialist) Mode of Work: Onsite Job Description: Seeking an experienced GRC Archer Network Security Analyst II to support enterprise Governance, Risk, and Compliance (GRC)... 

    Siritech Solutions Corp

    Austin, TX
    13 days ago
  • Digerati Systems Inc. is seeking a senior-level consultant for the CAPPS Program in Texas. The role involves advanced consultative services while ensuring compliance with security frameworks and accessibility standards. Candidates must have extensive experience in Texas... 
    Senior

    Digerati Systems

    Austin, TX
    1 day ago
  • Ultra Clean Technology in Austin, TX is seeking an Analyst III for IT Information Security. This role involves enhancing the company's security posture through various compliance, risk management, and governance tasks. The ideal candidate will have a strong background in... 

    Ultra Clean Technology

    Austin, TX
    2 days ago
  • $85k

    Summary The Senior Security Operations Center Analyst will be responsible for planning and implementing security measures to protect computer systems, networks...  ...Security (e.g., EIS Engineering, Security Architecture, GRC) along with information and liability risk officers and... 
    Senior
    Work at office

    Ryder System, Inc.

    Austin, TX
    2 days ago
  •  ...Requirements Performing highly advanced (senior-level) consultative services and technical...  ...for the IAM (TDIS) and ERP (CAPPS) security framework, which includes but is not limited...  ...Required Experience serving in a security analyst role with responsibility overseeing a Managed... 
    Contract work
    Work at office
    Local area

    Digerati Systems

    Austin, TX
    1 day ago
  •  ...transferring information and funds to eliminate wire fraud and provide a secure, easy-to-use platform for title companies, law firms, and other...  ...We are seeking a detail-oriented Compliance & Security Analyst to support our Head of IT & Compliance in maintaining and... 
    Work at office

    Closinglock

    Austin, TX
    1 day ago
  •  ...The Lower Colorado River Authority is seeking a Cybersecurity Analyst II to support daily Security Operations Center activities. In this role, you will monitor, analyze, and respond to cybersecurity threats, implementing and maintaining security technologies across the... 

    Lower Colorado River Authority

    Austin, TX
    1 day ago
  • $30 - $35 per hour

     ....00/hr Skills & Experience 3-5 years of Security Incident Response, Security Operations Center...  ...cloud Security SIEM technologies as an analyst Ability to support and work across...  ...applicable law of the worksite location. Seniority level Associate Employment type Contract... 
    Contract work
    Shift work
    Night shift
    Weekend work

    Insight Global

    Austin, TX
    1 day ago
  • $25 - $26 per hour

     ...Degree High school Manage Others No Contact information Email ****@*****.*** Description M1 Global is seeking an SOC Analyst who views security as a core component of operational excellence. This role serves as a centralized hub for physical security operations,... 
    Full time
    Night shift
    Rotating shift

    DeKalb Health

    Pflugerville, TX
    4 days ago
  • $70k

    The University of Texas at Austin seeks an Epic Security and Access Analyst II for the Dell Medical School. This role involves managing Epic security access and ensuring compliance with HIPAA and internal policies. Key responsibilities include supporting user access workflows... 

    The University of Texas at Austin

    Austin, TX
    1 day ago
  • The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role in evaluating and reducing EY’s digital exposure through hands‑on penetration testing and adversarial simulation. Working under the guidance of the Exposure... 
    Summer holiday
    Flexible hours

    Ernst & Young Oman

    Austin, TX
    1 day ago
  • $76.4k - $138.6k

    A global consulting firm is seeking an Offensive Security Analyst in Austin, Texas. The candidate will evaluate and manage vulnerabilities, ensuring security standards are upheld. This role requires at least 3 years of experience in vulnerability management and a strong... 

    EY

    Austin, TX
    4 days ago
  • A leading fintech firm in Austin is looking for a detail-oriented Analyst to support software applications within the organization. In this role, the Analyst will collaborate with teams to troubleshoot application issues, manage Epic Configuration, and ensure solutions... 

    Acrisure LLC

    Austin, TX
    2 days ago
  • Ernst & Young Oman is seeking an Offensive Security Analyst to evaluate and mitigate vulnerabilities across EY’s digital ecosystem. You will conduct penetration testing, identify vulnerabilities, and help prioritize remediation efforts. The ideal candidate should have... 
    Flexible hours

    Ernst & Young Oman

    Austin, TX
    18 hours ago
  •  ...career growth opportunity? Gilbane is seeking an Information Security Analyst to plan and carry out security measures to protect computer networks...  ...Recommend security enhancements to management or senior IT staff Help computer users when they need to install or learn... 
    For contractors
    Work at office
    Remote work

    Gilbane Building

    Austin, TX
    1 day ago
  • $70k

    Job Title and Department Epic Security and Access Analyst II - Dell Medical School Location and Working Hours Austin, TX; 40 weekly scheduled hours...  ...IAM teams for issue resolution; escalay complex issues to senior analysts as appropriate. Participate in Epic upgrade and... 
    Work at office
    Immediate start

    The University of Texas at Austin

    Austin, TX
    1 day ago
  • Closinglock, headquartered in Austin, TX, is seeking a detail-oriented Compliance & Security Analyst to support SOC 2 compliance and cross-functional coordination across Engineering, IT and Security teams. The role focuses on evidence collection, audits, and improving... 

    ClosingLock

    Austin, TX
    18 hours ago
  •  ...through autonomous and intelligent platforms. Job Overview As a SecOps Analyst at Saronic, you'll be on the front line of our detection and response operations, triaging and investigating security alerts across endpoint, cloud, identity, network, and SaaS telemetry using... 
    Permanent employment
    Temporary work
    Work at office

    Saronic

    Austin, TX
    3 days ago
  •  ...our network of industry subject matter experts. The Logistics Security Analyst, assigned to one of Pinkerton’s largest global clients, will...  ...Sound judgement regarding the escalation of issues requiring senior‑level management support and response. Confident while... 
    Work at office
    Local area
    Weekend work

    PINKERTON | Comprehensive Risk Management

    Austin, TX
    4 days ago
  • PINKERTON | Comprehensive Risk Management in Austin, Texas is seeking a Logistics Security Analyst to join a diverse team dedicated to enhancing supply chain security. This position involves tracking shipments, conducting risk assessments, and providing data analysis to... 

    PINKERTON | Comprehensive Risk Management

    Austin, TX
    4 days ago
  • HackerOne, a leader in offensive security solutions, is seeking a Product Security Analyst to work with top security researchers. This role involves evaluating vulnerability reports, reproducing vulnerabilities in applications, and ensuring quality communication. The ideal... 
    Remote job
    Flexible hours

    hackerone

    Austin, TX
    13 days ago
  • Junior Information Security Analyst #2925 job at Genius Road. Austin, TX. Junior Information Security Analyst Location: Austin, Texas (ONSITE 5 days/week) Contract Position: 12 month Contract (with strong potential for extension and career advancement) Our client is... 
    Contract work

    Itlearn360

    Austin, TX
    18 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Security GRC Analyst (PCI ISA Specialist). Be the first to apply!