Manager, PCI Compliance Assurance
CVS HealthSalary not specified
Full Time
Mid-level (3 to 4 years), Senior (5 to 8 years)
$75,000 – $105,000Compensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Nonprofit Technology, SaaS, Information SecurityIndustries
Requirements
- 3-5 years in PCI, risk, compliance program management (or relevant education/certifications)
- Experience leading PCI DSS v4.0.1 assessments and coordinating with QSAs
- Familiarity with ISO 27001 and cloud service environments
- Strong analytical, organizational, and communication skills
- Experience with GRC, ticketing, and security tools (for example SIEM or vulnerability scanners)
- Preferred certifications: PCIP, ISA, CISA, CISM, CISSP
Responsibilities
- Collaborate with Information Security, Risk & Compliance team members and control owners companywide
- Lead PCI DSS Level 1 readiness, certification activities, and coordination with QSA assessors
- Maintain scope documentation, evidence, and operational reports for PCI controls
- Partner with Product Security on modernization initiatives that reduce PCI scope and improve control design
- Manage issues, exceptions, and risk acceptance tracking with timely remediation
- Align PCI evidence and controls with ISO 27001 and SOC frameworks to streamline reporting
- Support audits, vendor assessments, and customer due-diligence requests related to PCI
- Maintain compliance ticket queues, supplier/control registers, and awareness activities
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
What is the salary range for the PCI Analyst position?
The US base salary range is $75,000 - $105,000.
Is this a remote position or does it require working in an office?
This information is not specified in the job description.
What skills and experience are required for this role?
Candidates need 3-5 years in PCI, risk, or compliance program management, experience leading PCI DSS v4.0.1 assessments and coordinating with QSAs, familiarity with ISO 27001 and cloud environments, strong analytical, organizational, and communication skills, plus experience with GRC, ticketing, and security tools.
What is the company culture like at Bonterra?
Bonterra values teammates who champion AI, bring diverse perspectives from different industries, backgrounds, and cultures, and share enthusiasm for building AI-powered tools to solve real human challenges and increase giving.
What makes a strong candidate for this PCI Analyst role?
Strong candidates have 3-5 years of PCI, risk, or compliance experience, hands-on leadership in PCI DSS v4.0.1 assessments with QSAs, and preferred certifications like PCIP, ISA, CISA, CISM, or CISSP; they must be eligible to work in the US without sponsorship.
Bonterra
Technology solutions for social impact organizations
About Bonterra
Bonterra provides technology solutions aimed at helping organizations focused on social good, such as nonprofits and public sector entities, operate more efficiently. Their products include software for managing donations, tracking impact, and coordinating volunteer efforts, which streamline operations and enhance fundraising capabilities. Bonterra stands out from competitors by specifically targeting the social impact sector and aligning its success with that of its clients through a business model based on subscription fees and transaction fees on donations. The company's goal is to empower organizations to maximize their efforts in creating positive social change, as evidenced by their impact of facilitating $7.4 billion in donations to 225,000 nonprofits in 2021.
Austin, TexasHeadquarters
2023Year Founded
VENTURE_UNKNOWNCompany Stage
Consulting, Social ImpactIndustries
1,001-5,000Employees