Risk & Compliance Specialist I - SOX & PCI Focus - Remote

Overview

We are seeking a detail-oriented and proactive Risk & Compliance Specialist with 3–5 years of experience to support our organization’s compliance initiatives related to SOX (Sarbanes-Oxley Act) and PCI DSS (Payment Card Industry Data Security Standard). This role is critical in helping ensure our control environment remains compliant, effective, and audit-ready, while supporting risk reduction across financial and payment systems.

In Short

• Assist in evaluating the design and effectiveness of internal controls over financial reporting in accordance with SOX.
• Develop, maintain, and update process documentation (narratives, risk/control matrices, flowcharts).
• Support and execute SOX control testing activities; document results and identify control deficiencies.
• Partner with control owners to ensure timely remediation of audit findings.
• Participate in walkthroughs of key processes and support control design improvements.
• Support efforts to maintain ongoing PCI DSS compliance across applicable systems and processes.
• Assist in identifying control gaps and collaborate on remediation strategies for handling cardholder data securely.
• Maintain and help implement PCI policies, procedures, and standards.
• Participate in assessments, evidence gathering, and preparation for annual PCI audits or Self-Assessment Questionnaires (SAQs).
• Collaborate with IT Security and other stakeholders to ensure appropriate technical and procedural controls are in place.

Requirements

• Bachelor's degree in Business, Finance, Accounting, Information Systems, Cybersecurity, or a related field.
• 3–5 years of professional experience in risk management, compliance, audit, or information security.
• Familiarity and hands-on experience with SOX and PCI DSS compliance programs.
• Working knowledge of internal controls, audit processes, and risk assessment methodologies.
• Strong analytical and documentation skills; able to break down complex issues clearly.
• Proficient in Microsoft Office Suite, especially Excel, Word, and PowerPoint.
• Experience with GRC tools (e.g., AuditBoard, Archer, ServiceNow GRC) is a plus.

Benefits

• Gain exposure to critical risk and compliance frameworks in a growing and dynamic environment.
• Work with supportive teams across Security, Finance, and IT.
• Opportunity to develop a strong foundation in Compliance and contribute to a maturing compliance program.