Senior PCI Compliance Analyst
Bonterra
Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
Senior PCI Compliance Analyst at Bonterra
Bonterra exists to propel every doer of good to their peak impact. We measure that impact against our vision to increase the giving rate as a percentage of GDP from 2% to 3% by 2033. We know that this goal is lofty, but we are confident that the right technology and expertise will strengthen trust in the sector, allowing the social good industry to accelerate growth and reach peak impact. Bonterra's differentiated, end-to-end solutions collectively support a unique network of over 20,000 customers, including over 16,000 nonprofit organizations and over 50 percent of Fortune 100 companies. Learn more at bonterratech.com.
About The Role
Bonterra’s Information Security, Risk & Compliance team is hiring a Senior PCI Compliance Analyst to manage our PCI DSS Level 1 certification program and support related frameworks such as ISO 27001:2022 and SOC reporting. This role works horizontally across the company, partnering with Product Security on modernization efforts and ensuring operational excellence in control performance, reporting, and certification.
Job Responsibilities:
- Collaborate with Information Security, Risk & Compliance team members and control owners companywide
- Lead PCI DSS Level 1 readiness, certification activities, and coordination with QSA assessors
- Maintain scope documentation, evidence, and operational reports for PCI controls
- Partner with Product Security on modernization initiatives that reduce PCI scope and improve control design
- Manage issues, exceptions, and risk acceptance tracking with timely remediation
- Align PCI evidence and controls with ISO 27001 and SOC frameworks to streamline reporting
- Support audits, vendor assessments, and customer due-diligence requests related to PCI
- Maintain compliance ticket queues, supplier/control registers, and awareness activities
Requirements
- 3-5 years in PCI, risk, compliance program management (or relevant education/certifications)
- Experience leading PCI DSS v4.0.1 assessments and coordinating with QSAs
- Familiarity with ISO 27001 and cloud service environments
- Strong analytical, organizational, and communication skills
- Experience with GRC, ticketing, and security tools (for example SIEM or vulnerability scanners)
- Preferred certifications: PCIP, ISA, CISA, CISM, CISSP
At Bonterra, we’re building AI-powered tools to solve real human challenges—and we want teammates who share that enthusiasm. We value people who will champion AI and bring diverse perspectives from different industries, backgrounds, and cultures. Together, we create AI that breaks down barriers, empowers communities, and delivers better outcomes.
At this time, we are unable to consider candidates who require current or future sponsorship for employment authorization.
Our Culture
At Bonterra, we’re innovating with a higher purpose: to increase giving to 3% of US GDP by 2033, creating $573 billion more in global impact every year. At Bonterra, we foster an inclusive, equitable culture where every team member belongs and contributes to meaningful impact. Read more about our values and culture here.
Compensation & Benefits
We offer a comprehensive benefits package that supports your health, well-being and growth - explore full details here.
Compensation and benefits for this role apply to full-time employees in the United States and may vary based on local standards, laws and norms. Pay is determined by location, skills, experience, and education, and is one part of Bonterra’s total rewards package, which may also include bonuses, incentives, equity, and a comprehensive benefits program.
Equal Opportunity & Accommodations
At Bonterra, we are proud to be an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We provide equal employment opportunities without regard to race, color, religion, sex (including pregnancy, sexual orientation, or gender identity), national origin, age, disability, veteran status, or any other characteristic protected by law.
If you require a reasonable accommodation during the application process, please submit a request.
Key skills/competency
- PCI DSS v4.0.1
- Compliance Program Management
- Risk Management
- ISO 27001:2022
- SOC Reporting
- QSA Coordination
- Cloud Security
- GRC Tools
- Vulnerability Scanners
- Security Audits
How to Get Hired at Bonterra
- Research Bonterra's mission: Study their vision to increase giving, values, recent news, and employee testimonials on LinkedIn and Glassdoor to understand their social impact focus.
- Tailor your resume for compliance expertise: Highlight specific experience with PCI DSS v4.0.1, ISO 27001, and SOC reporting, customizing it for the Senior PCI Compliance Analyst role at Bonterra.
- Demonstrate GRC and security tool proficiency: Emphasize your practical experience with GRC platforms, SIEM, vulnerability scanners, and ticketing systems relevant to Bonterra's operations.
- Prepare for in-depth technical discussions: Focus on leading PCI DSS assessments, cloud service environment familiarity, and coordinating with QSA assessors.
- Showcase collaborative and communication skills: Be ready to discuss how you've partnered with cross-functional teams to achieve compliance goals and streamline reporting processes at Bonterra.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background