InfoSec Analyst II GRC - Checkout.com

Key Responsibilities

• Conduct comprehensive risk assessments and gap analyses for payment systems, ensuring alignment with industry standards such as PCI DSS, ISO 27001, and GDPR.
• Develop and maintain GRC frameworks, policies, and procedures to support audit readiness and regulatory compliance.
• Collaborate with cross‑functional teams to design, implement, and monitor security controls, including vulnerability management and threat modeling.
• Lead incident response activities, perform root‑cause analysis, and recommend remediation plans to mitigate future risks.
• Prepare and present risk reports to senior leadership, translating technical findings into actionable business insights.

Requirements

• 3+ years of experience in information security with a focus on GRC, risk management, or compliance.
• Strong knowledge of payment industry regulations (PCI DSS, PSD2) and data protection laws (GDPR, CCPA).
• Hands‑on experience with risk assessment tools, audit management platforms, and security monitoring solutions.
• Excellent analytical, communication, and stakeholder management skills.
• Relevant certifications such as CISSP, CISM, or CRISC are a plus.