Entrust Datacard

Sr. Security Compliance Analyst -PCI DSS & U.S. Fed

Entrust Datacard$119K — $174K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in security compliance, audit, or GRC with deep understanding of controls
  • Hands-on experience with PCI DSS and NIST 800-53 compliance
  • Ability to collaborate with global virtual teams
  • Technical understanding of cloud environments and shared responsibility models
  • Experience in SaaS or cloud-native environments
  • Cross-functional collaboration with engineering and infrastructure teams

Responsibilities

  • Lead PCI DSS compliance activities and certification efforts
  • Support U.S. Federal readiness assessments against NIST SP 800-53
  • Maintain and ensure traceability of compliance evidence artifacts
  • Translate compliance requirements into actionable control activities
  • Act as a subject matter expert for PCI DSS and NIST 800-53
  • Assist in developing FedRAMP artifacts such as SSP and control narratives
  • Prepare and coordinate external audit activities and evidence
  • Ensure continuous proactive control testing and gap assessments
  • Communicate compliance and security risks to stakeholders
  • Drive resolution of audit findings and control deficiencies
  • Develop and maintain security policies and standards

Benefits

  • Fully remote position open to U.S.-based candidates
  • Comprehensive health programs including medical, vision, dental
  • Generous 401(k) matching contribution
  • Life and disability insurance
  • Mental health coaching and virtual fitness programs
  • Paid personal time off and 12 paid holidays
  • Parental leave and education reimbursement
Full Job Description
Position Overview:

Entrust is seeking a highly skilled Senior Security Compliance Analyst to lead and sustain compliance for multiple compliance programs including PCI DSS and U.S. Federal. This role is responsible for designing and executing continuous compliance monitoring activities, identifying gaps and leading associated remediation efforts, planning and leading third-party audits, and measuring control effectiveness across cloud-based, on-prem and hybrid environments. The ideal candidate brings deep PCI DSS expertise, strong knowledge of the Risk Management Framework, FedRAMP and NIST 800-53 frameworks, and modern GRC experience that enables scalable, automated, and evidence-driven compliance operations.

This position partners closely with Security, Engineering, Product, and third-party providers to ensure controls are designed effectively, operating consistently, and aligned to business, statutory and regulatory expectations.

How You Will Make an Impact:

Lead and support end-to-end compliance efforts across multiple environments, including readiness assessments, audits, and continuous monitoring activities to ensure sustained security posture and audit readiness. Responsibilities include, but are not limited to:
  • Leading PCI DSS compliance-related activities and certification;
  • Supporting U.S. Federal readiness efforts, including gap assessments against NIST SP 800-53 and tracking remediation activities (POA&M);
  • Maintaining required evidence artifacts and ensuring traceability of evidence;
  • Interpreting and operationalizing compliance requirements into actionable control activities for engineering and operations;
  • Serving as SME for PCI DSS and NIST 800-53 compliance, advising internal teams and customers;
  • Supporting development of FedRAMP artifacts (e.g., SSP, control narratives, shared responsibility matrices);
  • Partnering with control owners to ensure controls meet PCI DSS and NIST 800-53 requirements;
  • Supporting external audits by preparing evidence, responding to auditor requests, coordinating audit activities, and tracking remediation;
  • Driving coordination with third parties (e.g., service providers, hosting partners) to ensure shared control alignment;
  • Ensuring audit readiness through continuous proactive gap assessments and control testing throughout the year;
  • Identifying, assessing, and communicating compliance and security risks to stakeholders;
  • Identifying, tracking, and driving closure of audit findings and control deficiencies; and
  • Contributing to the development and maintenance of security policies, standards, and procedures.


Basic Qualifications:
  • 5+ years in security compliance, audit, or GRC with a strong understanding of administrative, technical, and physical controls, including how they support one another
  • Hands-on technical and audit experience with PCI DSS and NIST 800-53 compliance
  • Ability to work across multiple time zones with virtual global teams
  • Strong technical understanding of:
    • Cloud environments and shared responsibility models
    • Access control, change management, logging and altering, and vulnerability management and other security domains
  • Experience working in SaaS or cloud-native environments
  • Experience working cross-functionally with engineering and infrastructure teams


Preferred Qualifications:
  • Experience supporting multiple compliance frameworks (PCI DSS, PCI CP, SOC 2, FedRAMP, NIST 800-53/FISMA, ISO 27001/2, ISO 42001)
  • Experience with modern GRC platforms and control automation
  • Familiarity with continuous compliance / continuous monitoring models
  • Certifications such as: CISSP, CISA, CISM, CRISC, PCI ISA/QSA/PCI CP (preferred but not required)


Where You Will Be: Open to U.S.-based candidates and will be fully remote.

Compensation Range:

The anticipated starting base pay for this position is: $119,078-$174,648 per year (in the primary posting location). Actual compensation will be determined based on geographic location, education, skills and experience. This position is also eligible for the company's discretionary annual incentive plan. In addition to your pay, Entrust offers eligible colleagues and their dependents comprehensive health and well-being programs which include medical, vision, dental, a generous 401(k) matching contribution, life and disability insurance, mental health coaching, virtual fitness programs, paid personal time off plus 12 paid holidays, parental leave and education reimbursement. Please speak with the recruiter for more details. Note: Benefit and Compensation programs are subject to eligibility requirements and other terms of the applicable plan or program. Entrust has the right to end, suspend or amend any of its plans at any time in whole or in part.

Recruiter:
James Beck

About Entrust Datacard

Entrust Datacard is a privately held information technology company headquartered in Shakopee, Minnesota. The company was formed in 2014 through the merger of Entrust and Datacard Group. Entrust Datacard provides a wide range of products and services, including identity and access management, secure communications, and card issuance solutions. The company serves customers in a variety of sectors, including financial services, government, healthcare, and retail. Entrust Datacard is committed to sustainability and has implemented numerous initiatives to reduce its environmental impact. The company has received numerous awards for its products and services, including the SC Magazine Award for Best Identity Management Solution in 2019.
Learn more about Entrust Datacard
Size
2,000 employees
Industry
Founded
1994

Similar Jobs

More Jobs at Entrust Datacard

More Information Technology Jobs

Find similar Sr. Security Compliance Analyst -PCI DSS & U.S. Fed jobs: