Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead PCI Analyst

$139.99k - $174.01k

Remote Jobs

US Base Salary Range: $139,991 - $174,009 About Us Bonterra exists to propel every doer of good to their peak impact. We measure that impact against our vision to increase the giving rate as a percentage of GDP from 2% to 3% by 2033. We know that this goal is lofty, but we are confident that the right technology and expertise will strengthen trust in the sector, allowing the social good industry to accelerate growth and reach peak impact. Bonterra's differentiated, end-to-end solutions collectively support a unique network of over 20,000 customers, including over 16,000 nonprofit organizations and over 50 percent of Fortune 100 companies. Learn more at bonterratech.com. About the Role Bonterra's Information Security, Risk & Compliance team is hiring a Lead PCI Compliance Analyst to own our PCI DSS Level 1 certification program, partner with Engineering on PCI security by design, and serve as a senior risk analyst within the Risk function. This role works horizontally across the company, advising engineering and product teams during the design phase of greenfield payment work, leading response and coordination for PCI Level 1 events, and extending PCI risk analysis to cover AI components introduced into payment systems. It sits at the border of compliance and engineering, requiring fluency in both control design and technical architecture, and supports related frameworks such as ISO 27001:2022 and SOC reporting. Job Responsibilities Own end to end PCI DSS Level 1 readiness, certification activities, and coordination with QSA assessors Advise Engineering and Product teams during the design phase on PCI control selection, scope containment, and security by design patterns for both greenfield and modernization payment architectures, with depth across the following engineering disciplines: Tokenization architecture: tradeoffs between vault based and vaultless tokenization, format preserving encryption, scope reduction analysis, and the downstream impact on application code paths, storage layers, and integration points with acquirers and processors Cardholder data environment network segmentation: VLAN and microsegmentation strategies, service mesh policy enforcement, ingress and egress controls, jump host and bastion design, and segmentation validation testing under PCI DSS v4.0.1 Requirement 11.4.5 Cryptographic key management: HSM and cloud KMS architecture, FIPS validated cryptographic module selection, key hierarchy and envelope encryption, key rotation cadence, and separation of duties for key custodians under Requirements 3.6 and 3.7 Secure SDLC and threat modeling for payment flows: STRIDE and PASTA modeling of authorization, capture, and settlement paths, SAST, DAST, and SCA gating, secrets scanning, and software supply chain controls including SBOM generation, signed artifacts, and build provenance Logging, monitoring, and file integrity: append only audit logs with cryptographic integrity, file integrity monitoring across ephemeral and containerized workloads, and centralized log aggregation with PCI specific correlation rules under Requirement 10 Lead and manage response to PCI Level 1 events, including investigation, evidence preservation, control failure analysis, executive communications, regulator and brand notifications where applicable, and remediation oversight through closeout Serve as a Senior Risk Analyst within the Risk function, conducting in depth risk analysis on PCI security by design questions and on AI components embedded within payment systems (including model inference, prompt and data flows touching cardholder data, retrieval pipelines, and third party AI services entering PCI scope) Drive greenfield workstreams that establish new PCI controls, scope boundaries, or architectural patterns rather than only maintaining existing ones Partner with Product Security on modernization initiatives that reduce PCI scope and improve control design Maintain scope documentation, evidence, and operational reports for PCI controls Manage issues, exceptions, compensating controls, and risk acceptance tracking with timely remediation Align PCI evidence and controls with ISO 27001 and SOC frameworks to streamline reporting Support audits, vendor assessments, and customer due diligence requests related to PCI Maintain compliance ticket queues, supplier and control registers, and awareness activities Collaborate with Information Security, Risk & Compliance team members and control owners companywide Requirements 7 or more years of PCI DSS program management experience with direct involvement in Level 1 merchant or service provider assessments under DSS v4.0.1 Demonstrated experience advising engineering teams during the design phase, translating PCI requirements into architectural and implementation guidance engineers can execute against, including for greenfield builds at the border of compliance and engineering Proven track record leading or coordinating PCI Level 1 events end to end, from initial triage through executive reporting, evidence package delivery, and remediation closeout Senior risk analyst depth: ability to conduct independent risk analysis at the requirement level and at the architectural level, including scoping determinations, compensating control construction, security by design tradeoffs, and risk acceptance documentation defensible under audit Working understanding of AI and machine learning components in payment or cardholder data environments, including how model inference, vector stores, retrieval pipelines, and third party AI services intersect with PCI scope and data flow assumptions Experience engaging QSAs from an authoritative posture, substantiating risk positions with documented evidence rather than deferring to QSA interpretation Hands on field experience working directly within engineering and infrastructure teams to evaluate control implementation at the technical layer and translate requirements into actionable remediation tasks Familiarity with ISO 27001 and cloud native service environments Strong analytical, organizational, and communication skills with the ability to produce defensible compliance documentation under audit conditions Experience with GRC platforms, ticketing systems, and security tooling (for example SIEM or vulnerability scanners) Preferred certifications: PCIP, ISA (prior QSA credential strongly preferred), CISA, CISM, CISSP At this time, we are unable to consider candidates who require current or future sponsorship for employment authorization. Our Culture At Bonterra, we're innovating with a higher purpose: to increase giving to 3% of US GDP by 2033, creating $573 billion more in global impact every year. At Bonterra, we foster an inclusive, equitable culture where every team member belongs and contributes to meaningful impact. Read more about our values and culture here. Compensation & Benefits We offer a comprehensive benefits package that supports your health, well-being and growth - explore full details here. Compensation and benefits for this role apply to full-time employees in the United States and may vary based on local standards, laws and norms. Pay is determined by location, skills, experience, and education, and is one part of Bonterra's total rewards package, which may also include bonuses, incentives, equity, and a comprehensive benefits program. Equal Opportunity & Accommodations At Bonterra, we are proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We provide equal employment opportunities without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, veteran status, or any other characteristic protected by law. If you require a reasonable accommodation during the application process, please submit a request. #J-18808-Ljbffr Remote Jobs

Vacancy posted 5 days ago
Similar jobs that could be interesting for youBased on the Lead PCI Analyst in New York, NY vacancy
  • $160k - $175k

     ...conducting quality analyses for customer datasets. In 6 months Lead data validation efforts and advise customers on how ingestion and...  ...management software market and have been recognized by industry analysts KLAS, IDC, Forrester, and Chilmark for our leadership. For a better... 
    Suggested
    Remote work
    Flexible hours

    Arcadia Solutions, LLC

    New York, NY
    4 days ago
  • $168k - $195k

     ...security measures are in place and aligned with enterprise architecture standards and principles. About The Role As the Principal Lead Analyst of DART, you are the ultimate technical authority for cyber defense and incident response. This is a high-impact leadership role... 
    Suggested
    16 hours
    Work at office
    Local area
    Immediate start
    Remote work
    Relocation
    Shift work

    Corebridge Financial

    Jersey City, NJ
    5 days ago
  • $70 - $90 per hour

     ...Job Duration: 4+ Months with possible extension Location: Remote Pay Rate: $70/hr - $90/hr on W2 Job Description The UKG WFM Pro Lead Analyst is responsible for leading integrations between UKG WFM Pro (UKG Pro) and internal/external systems. The analyst supports the... 
    Suggested
    Contract work
    Remote work

    LeadStack Inc.

    New York, NY
    4 days ago
  •  ...Circle Internet Management Services LLC in New York is seeking a Senior AML Analyst to enhance sanctions compliance processes. You will execute reviews, assess risk, and ensure documentation within a flexible, high-growth environment. The ideal candidate has 4+ years of... 
    Suggested
    Flexible hours

    Circle Internet Management Services LLC

    New York, NY
    1 day ago
  •  ...Lead Business Analyst This role sits within Calastone, an SS&C company, and is the largest global funds network connecting the world's leading financial organizations. Our mission is to help the funds industry transform by creating innovative new ways to automate and... 
    Suggested
    Ongoing contract
    Work at office

    Blue Prism Group

    New York, NY
    3 days ago
  •  ...Lead Business Analyst The mission of the Division of Examinations is to protect investors, ensure market integrity and support responsible capital formation through risk-focused strategies that: improve compliance; prevent fraud; monitor risk; and inform policy. The... 

    U.S. Securities and Exchange Commission

    New York, NY
    4 days ago
  •  ...communications skills. Jira/ Confluence: Very good understanding & Project and Stakeholder management skills must. The Lead Business Analyst will be responsible for overseeing data analysis, business analysis, and Agile methodology to drive business objectives and... 

    Omni Inclusive

    Jersey City, NJ
    15 hours ago
  • - Prototype and pilot. Stand up lightweight proofs-of-concept (often with off-the-shelf AI tools) to validate value before larger investment. - Measure outcomes. Define success metrics, baseline current state, and quantify the impact of deployed solutions. ...

    3B Staffing LLC

    Jersey City, NJ
    5 days ago
  •  ...Job Summary The Lead Business Analyst specializing in Business Process Modelling is responsible for analyzing and optimizing business processes to drive efficiency and effectiveness. This role involves identifying areas for improvement, designing new processes, and collaborating... 

    TechDigital Group

    New York, NY
    1 day ago
  •  ...Lead Business Analyst 8+ years of Capital Markets experience with good understanding of business and technologies flows and stakeholder management. Very good documentation skills. Jira/ Very good understanding & Project and Stakeholder management skills must. The Lead... 

    Omni Inclusive

    Jersey City, NJ
    2 days ago
  •  ...governance, risk management, compliance, and audit coordination. The role demands leadership in significant compliance programs such as PCI DSS, GDPR, and UK GDPR. Located remotely in the United States, you will collaborate with cross-functional teams and contribute... 
    Remote job

    ATG (Auction Technology Group)

    New York, NY
    3 days ago
  • Bonterra is seeking a Lead PCI Compliance Analyst to oversee PCI DSS Level 1 certification initiatives. The role requires a strategic thinker who can work horizontally across the organization, collaborating with engineering and product teams to ensure security in payment... 
    Remote work
    Flexible hours

    Remote Jobs

    New York, NY
    6 days ago
  • The Agency DEPT OF HEALTH/MENTAL HYGIENE is seeking a Surveillance Analyst to support the Bureau of Environmental Disease Prevention in New York City. You will work with a multidisciplinary team to maintain surveillance applications and prepare reports related to environmental... 
    Work at office

    Agency DEPT OF HEALTH/MENTAL HYGIENE

    New York, NY
    2 days ago
  • A leading investment bank is seeking an Investment Banking Deal Lead at the Analyst Level in New York City. This role involves managing deal execution, conducting financial analysis, and directly interacting with clients. Candidates are expected to have a Bachelor's degree... 

    TEEMA Solutions Group

    New York, NY
    5 days ago
  • Bodwe Professional Services, LLC is seeking a Program Analyst to support the Department of Defense's Real Property Systems of Record. This position involves acting as a technical lead and providing expertise in data management and reporting across various systems. The successful... 

    Bodwe Professional Services, LLC

    New York, NY
    6 days ago
  •  ...Horowitz (a16z), OpenAI Startup Fund, and Kleiner Perkins — and we’re just getting started. Summary Ambience is looking for an Analyst Relations Lead on a contract basis to build and execute our AR program from the ground up. In this role, you will establish Ambience as... 
    Full time
    Contract work
    Immediate start
    Remote work
    Flexible hours

    Ambience Healthcare

    New York, NY
    4 days ago
  • Overview This position is posted by Jobgether on behalf of a partner company. We are currently looking for a FM Advisory Analyst. In this role, you will play a crucial part in supporting the efficient and cost-effective operation of facilities. You will collect, analyze... 
    Remote job
    Temporary work
    Work at office
    Flexible hours

    Jobgether

    New York, NY
    3 days ago
  • A leading utility services provider is seeking a Lead Total Rewards Analyst in Pennsylvania. This role focuses on compensation strategy and program administration while supporting benefits administration and HR analytics. Candidates should have a Bachelor's degree and 5... 

    Aqua America, Inc.

    New York, NY
    5 days ago
  • $228.3k - $246.3k

    ## Regulatory Capital Risk Sr. Lead AnalystApplyremote type: Hybridlocations: New York New York United Statestime type: Full timeposted...  ...26951985Citibank, N.A. seeks a Regulatory Capital Risk Sr. Lead Analyst for its New York, NY location.Duties: Develop the risk... 
    Full time
    Remote work

    Citibank (Switzerland) AG

    New York, NY
    3 days ago
  •  ...Education Desired: Bachelor of Business Administration Job Description Why This Role Matters: This is not a traditional pricing analyst role focused solely on reporting and maintenance. You will have the unique opportunity to help shape pricing strategy for some of FIS... 
    Full time

    FIS

    New York, NY
    4 days ago
  • A leading supply chain management firm is looking for an Analyst Relations Lead to enhance market credibility through effective engagement with top industry analysts. This remote role requires extensive experience in Analyst Relations and a strong understanding of enterprise... 
    Remote job

    Kinaxis

    New York, NY
    4 days ago
  • $72.8k - $130k

    UnitedHealth Group is seeking a qualified Epic HIM Analyst to support EHR Services in the U.S. This remote position involves managing integration teams and ensuring project success across healthcare technology implementations. Qualified candidates will have active Epic... 
    Remote job

    UnitedHealth Group

    New York, NY
    2 days ago
  • The Hispanic Alliance for Career Enhancement is seeking a Senior Epic Analyst in Kentucky. This role focuses on leading complex projects, providing vital technical support, and mentoring junior analysts, all while enhancing patient care through optimized workflows. The... 

    Hispanic Alliance for Career Enhancement

    Brooklyn, NY
    3 days ago
  • The Hispanic Alliance for Career Enhancement is looking for a Senior Epic Analyst in Georgia. This subject matter expert will lead complex projects, provide advanced technical support, and mentor junior analysts while optimizing workflows and enhancing patient care. The... 

    Hispanic Alliance for Career Enhancement

    New York, NY
    5 days ago
  • $145k

     ...with Lifecycle Marketing, Finance, Data Science and DTC Executives to drive subscriber growth and retention. Role Details The Senior Analyst will report into the VP of User Lifecycle Analytics, and will support a wide range of initiatives, partnering with the Lifecycle... 

    Paramount Pictures

    New York, NY
    6 days ago
  • Location: New York, NY (Hybrid) Employment Type: Full-Time Industry: Investment Banking / Financial Services Experience Level: Lead Analyst / Mid-Level Compensation: Competitive base salary + performance bonus (varies by employer) About This Opportunity This posting represents... 
    Full time

    TEEMA Solutions Group

    New York, NY
    5 days ago
  • Independence Pet Group is seeking a Senior Benefits Analyst to support benefits administration and enhance employee wellbeing. This key role requires strong HR experience to manage compliance and contribute to wellbeing programs. The position offers a hybrid work model... 

    Independence Pet Group

    Brooklyn, NY
    3 days ago
  • $60k - $86.25k

    ## Analyst II, QC Aseptic Control, Lead (Night Shift)Applylocations: USA - OH - West Chestertime type: Full timeposted on: Posted 3 Days Agojob requisition id: R-106865A career at Resilience is more than just a job - it’s an opportunity to change the future.Resilience... 
    Local area
    Immediate start
    Work visa
    Night shift

    Resilience

    Brooklyn, NY
    6 days ago
  • $83.43k - $222.48k

    The Hispanic Alliance for Career Enhancement seeks a Senior Epic Analyst in Idaho. This full-time position requires a Bachelor’s degree and three years of experience. The analyst will lead projects, provide technical support, and enhance Epic system functionalities. A pay... 
    Full time

    Hispanic Alliance for Career Enhancement

    New York, NY
    6 days ago
  •  ...Location This is a remote position. You can work from home and be located anywhere in Canada or the USA About The Role The Analyst Relations Lead plays a strategic role in strengthening Kinaxis’ market credibility and competitive positioning through proactive... 
    Remote work
    Work from home
    Flexible hours
    Shift work

    Kinaxis

    New York, NY
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead PCI Analyst. Be the first to apply!