PCI DSS Compliance Analyst

Insight Global is seeking a PCI DSS Compliance Analyst for a remote contract opportunity based in the Louisville, KY area. This individual will lead the organization’s transition to PCI DSS v4.0, ensuring alignment with current and upcoming 2025 requirements. They will partner closely with Qualified Security Assessors (QSAs) to support PCI audits, including ROC, AOC, and SAQ-D efforts, while managing audit evidence, documentation, and control validation. The analyst will conduct gap assessments within the cardholder data environment (CDE), develop and track remediation plans, and validate the effectiveness of implemented controls across IAM, network security, encryption, logging, and vulnerability management domains. Additionally, they will collaborate with infrastructure, application, and security teams to operationalize PCI controls and ensure continuous compliance. The role will also include performing targeted risk analyses, maintaining PCI-specific documentation (e.g., data flow diagrams, policies, procedures), and delivering security awareness training aligned to PCI requirements, while supporting broader compliance initiatives as needed.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Deep expertise in PCI DSS (v3.2/3.2.1 to v4.0) including gap assessments, control implementation, and remediation tracking
Proven experience supporting PCI audits (ROC, AOC, SAQ-D) including scoping, evidence collection, and control validation
Direct experience working with QSAs
Strong background validating PCI technical controls (IAM, network segmentation, encryption, logging, vulnerability management)
Ability to partner cross-functionally to embed PCI controls into daily operations
Experience aligning PCI requirements to broader frameworks (NIST, ISO), while maintaining PCI audit rigor

QSA certification strongly preferred
Experience with Targeted Risk Analysis (TRA) under PCI DSS v4.0
Familiarity with customized vs. defined PCI approaches
Certifications: QSA (preferred), PCIP, CISA, CISSP, CRISC
Experience with ASV scans and CDE segmentation strategies

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.