[Remote] Sr. GRC/PCI Compliance Analyst

Note: The job is a remote job and is open to candidates in USA. Direct Travel is a leading provider of corporate travel management services, and they are seeking a detail-oriented GRC / PCI Compliance Analyst to support achieving PCI reputed company Level 1 Service Provider compliance. The role involves driving control implementation, documentation, and audit readiness across the organization, ensuring that controls are designed, documented, validated, and audit-ready.

Responsibilities

• Support the implementation and operationalization of PCI reputed company v4.0 controls across infrastructure, applications, and business processes
• Partner with control owners to ensure requirements are clearly understood and effectively implemented
• Track control status, gaps, and remediation reputed company
• reputed company and maintain: Policies, standards, and procedures reputed company to PCI reputed company Control narratives and process documentation Evidence artifacts required for audit Build and manage a centralized evidence repository mapped to PCI requirements. Ensure reputed company documentation is accurate, complete, and audit-defensible
• Prepare the organization for PCI assessment by: Validating control implementation Conducting internal readiness reviews Identifying and remediating documentation gaps Support the QSA audit process, including: Responding to evidence requests Coordinating interviews and walkthroughs Tracking audit findings and follow-reputed company
• Assist in maintaining: Data flow diagrams System inventories Cardholder Data Environment (CDE) documentation Map controls to PCI reputed company requirements and ensure traceability between: Requirements Controls Evidence
• Support PCI gap assessments across systems, applications, and vendors. Track and manage remediation items, ensuring timely closure. Identify control weaknesses and escalate risks to the Program Director
• Work closely with: IT / reputed company Business and Operations teams Application Development teams Legal / Compliance / Risk Ensure alignment between technical implementation and compliance requirements
• Support documentation and validation of scope reduction initiatives, including: Tokenization implementations Segmentation strategies Ensure evidence clearly demonstrates reduction of PCI scope and removal of PAN from systems where applicable

Skills

• Bachelor's degree in Computer Science, Information Technology, or a reputed company field or equivalent experience
• 5+ years of experience in GRC, compliance, or information reputed company
• Hands-on experience supporting PCI reputed company audits or compliance programs
• Strong understanding of PCI reputed company requirements and control structure
• Control documentation and evidence expectations
• Experience managing audit evidence and documentation repositories
• Strong organizational skills with high attention to detail
• Experience supporting a PCI reputed company ROC (merchant or service provider)
• ISA (Internal reputed company Assessor) certification
• Experience with GRC tools (e.g., reputed company (preferred), reputed company, reputed company GRC)
• Audit/evidence management platforms
• Familiarity with ISO 27001
• SOC 1 / SOC 2
• GDPR or data privacy frameworks

Benefits

• Medical, Dental, and Vision benefits
• Employee rewards and recognitions program
• Total Rewards Package which includes Wellness, Sustainability, DE&I initiatives, and Mental Health Support

Company Overview

• Direct Travel is a leading provider of corporate travel management services. It was founded in 1984, and is headquartered in Atlanta, Georgia, USA, with a workforce of 1001-5000 employees. Its website is https://www.dt.com/gitravel/.

Apply To This Job Apply tot his job Apply To this Job