PCI Security Risk Management Analyst - Remote Opportunity

Join our team as a PCI Security Risk Management Analyst and play a critical role in ensuring the security and compliance of our payment card data systems. This is an exciting remote opportunity with a competitive salary package, commensurate with experience, and a chance to work with a leading healthcare company. As a PCI Security Risk Management Analyst, you will be responsible for collaborating with our PCI Compliance Team to ensure adherence to PCI DSS requirements, conducting comprehensive PCI DSS assessments, and developing and implementing PCI compliance policies and procedures.

At CVS Health, we are committed to delivering enhanced human-centric health care, and our purpose guides our commitment to innovation and customer satisfaction. As a member of our team, you will be empowered to make a difference and contribute to our mission of making healthcare more personal, convenient, and affordable.

Key Responsibilities:

• Collaborate with the PCI Compliance Team to ensure adherence to PCI DSS requirements
• Conduct comprehensive PCI DSS assessments, including gap analyses, risk assessments, and remediation planning
• Develop and implement PCI compliance policies, procedures, and controls
• Provide technical expertise in securing payment card data across various systems and networks
• Assist in the preparation and submission of PCI Self-Assessment Questionnaires (SAQs) and Reports on Compliance (ROCs)
• Monitor and analyze security alerts and incidents related to PCI data, and coordinate responses
• Stay updated on the latest PCI DSS requirements, industry best practices, and emerging threats
• Work closely with internal and external auditors during PCI compliance audits
• Provide training and guidance to staff on PCI compliance requirements and best practices
• Document and maintain records of PCI compliance activities and findings

Qualifications:

• Minimum of 2 years of experience in PCI compliance and technical security roles
• 2 years of experience with PCI DSS requirements and best practices
• 2 years of experience conducting PCI DSS assessments and preparing SAQs and ROCs
• 2 years of experience with network security, encryption, and secure payment technologies
• Preferred Skills: Experience in the healthcare industry or similar enterprise regulated environments, familiarity with other security frameworks and standards (e.g., HIPAA, NIST), proficiency in using security assessment tools and technologies
• Relevant certifications desired but not mandatory: PCI Professional (PCIP), or Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor (CISA)
• Education: Bachelor’s degree or equivalent experience

What We Offer:

• Competitive salary package, commensurate with experience
• Comprehensive benefits package, including medical, dental, and vision benefits
• 401(k) retirement savings plan and Employee Stock Purchase Plan
• Term life insurance plan, short-term and long-term disability benefits
• Well-being programs, education assistance, free development courses, and discount programs
• Paid Time Off (PTO) or vacation pay, paid holidays, and sick time

How to Apply: If you are a motivated and experienced PCI Security Risk Management Analyst looking for a new challenge, please apply now. We anticipate the application window for this opening will close on 01/10/2025.