Senior Security GRC Analyst (PCI ISA Specialist)
$88.95k - $150.43kBigCommerce
- # Senior Security GRC Analyst (PCI ISA Specialist)Applyremote type: Hybridlocations: Austin, TXtime type: Full timeposted on: Posted 2 Days Agojob requisition id: JR102484# **Welcome to the Agentic Commerce Era**## At Commerce, our mission is to empower businesses to innovate, grow, and thrive with our open, AI-driven commerce ecosystem. As the parent company of BigCommerce, Feedonomics, and Makeswift, we connect the tools and systems that power growth, enabling businesses to unlock the full potential of their data, deliver seamless and personalized experiences across every channel, and adapt swiftly to an ever-changing market. We believe in harnessing AI responsibly to unlock new possibilities, and we’re looking for individuals who use it intentionally to solve problems, accelerate outcomes, and expand what’s possible in their role. Our purpose is to help businesses confidently solve complex commerce challenges so they can build smarter, adapt faster, and grow on their own terms. If you want to be part of a team of bold builders, sharp thinkers, and technical trailblazers who shape the future of commerce, this is the place for you.As a **Senior Security GRC Analyst and Internal Security Assessor (ISA)****,** you will serve as the primary Subject Matter Expert (SME) for our global PCI DSS program at Commerce. We operate a highly mature PCI DSS 4.0 environment; your mission is to lead the continuous evolution of this program, ensuring that compliance is integrated into our "business as usual" (BAU) operations.While your primary focus is PCI, you will be a key player in our broader GRC function, supporting our SOC2 and ISO 27001 certifications. You will act as the technical bridge between our Engineering, Infrastructure, and IT teams and external auditors, ensuring that our high-security standards are documented, validated, and maintained.## What You'll Do:### PCI SME & Internal Security Assessor (ISA)* ISA Leadership: Serve as the officially designated PCI ISA for the organization. Manage the annual assessment lifecycle, including scoping, evidence collection, and validation of controls.* PCI 4.0 Evolution: Direct the ongoing maintenance of our PCI 4.0 program, with a specific focus on managing Targeted Risk Analyses (TRAs) and the customized approach where applicable.* Scoping & Segmentation: Partner with Cloud Engineering to validate PCI scope across our global footprint, ensuring effective network segmentation and data flow isolation.* QSA Liaison: Act as the primary point of contact for our external QSA, defending our control environment and streamlining the audit process to minimize disruption to technical teams.* Continuous Compliance: Operationalize PCI requirements (e.g., quarterly scans, penetration test remediation) into automated workflows.### ### Multi-Framework Audit Management* Unified Control Framework: Support the broader GRC team in managing our SOC2 Type 2, ISO 27001, and other regulatory audits (as seen on Technical Advisory: Provide GRC perspective on architectural designs, product launches, and infrastructure changes to ensure "compliance by design."* Remediation Management: Track and drive the remediation of audit findings and security gaps, working closely with asset owners to find pragmatic, secure solutions.## ## Who You Are:* Experience: 6+ years in an Information Security or IT Audit role, with at least 3 years of deep focus on PCI DSS within a major cloud-native environment.* Certification: Active PCI ISA (Internal Security Assessor) or PCI QSA certification is mandatory.* Regulatory Expertise: Thorough understanding of PCI DSS 4.0 requirements and the practical application of the standard in modern environments.* Audit Fluency: Proven experience leading Level 1 Service Provider assessments.* Communication: Ability to explain complex compliance requirements to developers and business leaders in a way that emphasizes enablement rather than "blockage."## ## Preferred Qualifications* Broad Framework Knowledge: Experience with SOC2 and ISO 27001:2022.* Cloud Security: Experience with GRC automation and familiarity with modern cloud-native security and observability tools.* Automation Mindset: Experience using GRC platforms and a desire to automate manual evidence collection to reduce audit fatigue.## ## About You* You understand the "Why": You don't just "do compliance"; you understand the security intent behind every control and can help teams meet the requirement in a way that actually improves our security posture.* Technical Curiosity: You are comfortable diving into technical configurations (IAM policies, VPC flow logs, etc.) to verify control effectiveness yourself.* Adaptable: You enjoy the challenge of a high-paced environment where scale and security must coexist and evolve together.*This is a Hybrid role - Beginning March 1, 2026, employees who live within commuting distance of a Dedicated Office will be expected to be in the office three days per week.*#LI-KE1#LIHYBRID**(Pay Transparency Range:**$88,951.00 - $150,432.00**)**
- J-18808-Ljbffr BigCommerce
Vacancy posted 6 hours ago
Similar jobs that could be interesting for youBased on the Senior Security GRC Analyst (PCI ISA Specialist) in Austin, TX vacancy
$88.95k - $150.43k
Senior Security GRC Analyst and Internal Security Assessor (ISA) - Commerce Serve as the primary Subject Matter Expert (SME) for Commerce’s global PCI DSS program and lead the continuous evolution of the program to integrate compliance into business-as-usual operations...SeniorWork at officeLocal area3 days per week- Commerce Inc in Austin is looking for a Senior Security Governance Risk and Compliance Analyst to support compliance programs and implement risk improvement projects... ...compliance with various regulations including PCI and GDPR. The ideal candidate will have 5-6 years of...Senior
- Commerce is searching for a Senior Security Governance Risk and Compliance Analyst to enhance our compliance programs and assist teams in risk improvement. The... ...collaborating with various teams to maintain compliance with regulations such as PCI and GDPR. #J-18808-Ljbffr CommerceSenior
- BigCommerce Pty is seeking a Senior Security Governance Risk and Compliance Analyst based in Austin, TX. In this hybrid role, you will manage risk assessments and lead compliance initiatives while interacting with various teams across the company. Ideal candidates will...Senior
- BigCommerce Pty. is seeking a Senior Security Governance Risk and Compliance Analyst in Austin, TX. This hybrid position involves managing risk assessments and ensuring compliance with industry standards. The ideal candidate will have significant experience in information...SeniorRemote job
- Commerce.com US, Inc. is seeking a Senior Security Governance, Risk & Compliance Analyst in Austin, Texas. The role involves managing risk assessments, ensuring compliance with industry standards, and acting as a liaison with internal audit teams. The ideal candidate will...SeniorWork at office3 days per week
$42.7k - $79.3k
...collaborative culture where your voice is valued. Summer Intern - GRC Amex GBT’s Security GRC team is looking for a motivated and curious Summer... ..., ISO 27001, SOC 2) or regulatory requirements (e.g., GDPR, PCI DSS) is a plus. Strong analytical and problem‑solving skills...InternshipSummer internshipImmediate startFlexible hours$88.95k - $150.43k
BigCommerce Pty. is seeking a Senior Security GRC Analyst in Austin, TX to lead the PCI DSS program. You will serve as a key Subject Matter Expert, ensuring compliance... ...will have over 6 years of experience, an Active PCI ISA certification, and strong communication skills. The...Senior$88.95k - $150.43k
BigCommerce Pty. is seeking a Senior Security GRC Analyst (PCI ISA Specialist) in Austin, TX. This hybrid role involves leading PCI DSS compliance initiatives, managing audit processes, and integrating security into business operations. The ideal candidate has over 6 years...Senior- BigCommerce Pty in Austin, TX is looking for a Senior Security GRC Analyst to lead the PCI DSS program and ensure compliance across operations. You will serve as the primary PCI ISA and oversee audits while advocating for security integration in business processes. The...Senior
$49.73k - $84.1k
## Security Governance Risk & Compliance AnalystApplyremote... ....We're looking for a **Senior Security Governance Risk and Compliance Analyst** to help support our... ...role will report into our GRC function and work cross-... ...legal compliance, including PCI, GDPR, ISO 27001, NIST,...SeniorWork at officeLocal areaFlexible hours3 days per week$88.95k - $150.43k
..., AI‑powered tools. Role Overview Senior Security Governance, Risk & Compliance Analyst Responsibilities Act as a frontline... ...Demonstrate understanding of the GRC Office strategic vision and act as... ..., and legal compliance, including PCI, GDPR, ISO27001, NIST, and SOX. Assist...SeniorWork at officeLocal area3 days per week$88.95k - $150.43k
Commerce is seeking a Senior Security GRC Analyst & Internal Security Assessor (ISA) in Austin, Texas. In this hybrid role, you will manage the PCI DSS program and ensure compliance while working with diverse teams. The ideal candidate has over 6 years of experience in...Senior- ...RSA Archer Administration/Configuration), Preferred 10+ Years (Enterprise/Government GRC Environments) Job Description: Seeking an experienced RSA Archer GRC Security Analyst to support enterprise governance, risk, and compliance initiatives through the...
Siritech Solutions Corp
Austin, TX22 days ago - ...Job Description Job Description GRC Archer Network Security Analyst II (RSA Archer Specialist) Mode of Work: Onsite Job Description: Seeking an experienced GRC Archer Network Security Analyst II to support enterprise Governance, Risk, and Compliance (GRC)...
Siritech Solutions Corp
Austin, TX22 days ago - Innovee Consulting LLC is seeking a CAPPS Security Analyst based in Austin, TX, with extensive experience in Texas public sector environments. This hybrid role involves ensuring security compliance related to the CAPPS Program and managing IAM frameworks. The ideal candidate...Senior
- RESPEC is seeking a highly experienced CAPPS Security Analyst to support the Texas state fiscal agency's ERP and IAM program. This is a senior-level position requiring in-depth knowledge of the CAPPS ecosystem and a track record of technical support within Texas state government...SeniorRemote job
- Digerati Systems Inc. is seeking a senior-level consultant for the CAPPS Program in Texas. The role involves advanced consultative services while ensuring compliance with security frameworks and accessibility standards. Candidates must have extensive experience in Texas...Senior
$85k
Job Description The Senior Security Operations Center Analyst will be responsible for planning and implementing security measures to protect computer systems... ...Security (e.g., EIS Engineering, Security Architecture, GRC) along with information and liability risk officers and...SeniorFull timeWork at office$88.95k - $150.43k
Commerce.com US, Inc. seeks a Senior Security GRC Analyst and Internal Security Assessor to drive compliance in its global PCI DSS program and ensure operational integration. In this hybrid role, the Analyst will manage PCI assessments, offer technical advisory on designs...Senior- ...Archer, Governance Risk & Compliance (GRC), REST APIs, Web Services, JavaScript... ...Integration, Risk Management, Security Compliance, NIST, ISO 27001, SOC Compliance... ...seeking an experienced Network Security Analyst II – RSA Archer Specialist to support enterprise Governance,...Contract work
Dutech Systems, inc
Austin, TX26 days ago - ...Requirements Performing highly advanced (senior-level) consultative services and technical... ...for the IAM (TDIS) and ERP (CAPPS) security framework, which includes but is not limited... ...Required Experience serving in a security analyst role with responsibility overseeing a Managed...Contract workWork at officeLocal area
Digerati Systems
Austin, TX5 days ago - ...following: · Performing highly advanced (senior-level) consultative services and... ...Program. · Responsible for the(CAPPS) security framework, which includes but is not limited... ...Required Experience serving in a security analyst role with responsibility overseeing a...Work at officeRemote work
Numentica LLC
Austin, TX19 days ago - ...Position: Security Analyst 1 Location: Austin, TX 78701 Duration: 7+ years All work products resulting from the project... ...selecting a Worker(s). • Worker will perform highly complex (senior-level) security and business analysis work. • Worker will...
3B Staffing LLC
Austin, TX15 hours ago $76.4k - $138.6k
...systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950... ...and build client trust. Opportunity As an Offensive Security Analyst on the Vulnerability Management team, you will play a...Summer holidayFlexible hoursEY
Austin, TX1 day ago$76.4k - $138.6k
...systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950... ...business value. The opportunity As an Offensive Security Analyst on the Attack Surface Management team, you will play a key role...Summer holidayLocal areaFlexible hoursEY
Austin, TX4 days ago- ...Security Analyst Austin, TX 12 Months The staff augmentation contractor will serve as an IT Security Analyst in support of the Upgrade Laboratory Information Management System (LIMS) project, an approved Exceptional Item. The project will modify multiple LIMs applications...For contractorsWork at office
Keylent Inc
Austin, TX3 days ago - ...Title: Security Analyst 1 Location: Austin, Texas (Hybrid) Duration: 12 months Job Description Network Security Analyst one of our clients in Austin, TX. Please find the job description below. Must-Have Skills: · 3+ years of IT experience with hands-on exposure to cloud...
EMPHASYSTEM LLC
Austin, TX5 days ago $30 - $35 per hour
....00/hr Skills & Experience 3-5 years of Security Incident Response, Security Operations Center... ...cloud Security SIEM technologies as an analyst Ability to support and work across... ...applicable law of the worksite location. Seniority level Associate Employment type Contract...Contract workShift workNight shiftWeekend workInsight Global
Austin, TX5 days ago- ...transferring information and funds to eliminate wire fraud and provide a secure, easy‑to‑use platform for title companies, law firms, and other... ...We are seeking a detail‑oriented Compliance & Security Analyst to support our Head of IT & Compliance in maintaining and...Work at office
Closinglock
Austin, TX1 day ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Security GRC Analyst (PCI ISA Specialist). Be the first to apply!
Related searches
- security analyst remote Austin, TX
- senior information security analyst Austin, TX
- information security compliance analyst Austin, TX
- security analyst intern Austin, TX
- security analyst Austin, TX
- national security analyst Austin, TX
- application security analyst Austin, TX
- IT security analyst Austin, TX
- entry level information security analyst Austin, TX
- cloud security analyst Austin, TX