Compliance Analyst III

Location: El Dorado, AR GENERAL DESCRIPTION OF POSITION We are seeking a highly motivated and detail-oriented IT Compliance Analyst to join our team. The Analyst will be responsible for leading and overseeing the Payment Card Industry Data Security Standard (PCI DSS) compliance program for Murphy USA. This role involves coordinating with various departments to ensure that all processes and technologies meet PCI DSS requirements, conducting and leading assessments and providing guidance and insight on PCI compliance. ESSENTIAL DUTIES AND RESPONSIBILITIES Lead and manage the PCI compliance program, ensuring adherence to PCI DSS requirements. Coordinate and conduct PCI compliance audits and self-assessments. Develop and maintain documentation to support the PCI compliance program. Which includes but not limited to (Training, PCI Procedures and guidelines, Attestation of Compliance reports) Provide guidance and support to business and technology teams on PCI requirements. Manage the relationship with external Qualified Security Assessors (QSAs) and other PCI consultants. Monitor and report on the status of PCI compliance activities to senior management. Stay current on PCI DSS requirements, best practices, and industry trends. Facilitate PCI training and awareness programs for employees. Manage the PCI program budget and resources. Facilitate PCI meetings with retail store management and ensure compliance with PCI. Develop PCI Program planning, project plans, including timelines, milestones, and resource allocation. Proficiency in GRC tools to implement PCI Compliance Program. Document and track remediation efforts to address identified compliance issues. Develop and deliver training programs to educate employees on PCI DSS requirements and best practices. Promote a culture of security awareness and compliance within the organization. Work closely with IT, security, and other departments to ensure compliance with PCI DSS requirements. Collaborate with external auditors and consultants as needed. Looking for a high attention to detail and proactive thinking person who anticipate potential issues and address them before they become problems. Maintain close collaboration with high touch method of interacting with control owners, Technology Subject Matter Experts and Managers High touch with control owners, Technology Subject Matter Experts, Managers and sponsors QUALIFICATIONS At least 5 years of experience in audit, project management, regulatory or compliance, Information security preferably in technology-related projects. Strong understanding of audit, compliance, technology and project management Excellent problem-solving and decision-making skills. Relevant certifications such as PCI, security, audit a plus Experience with security assessments, audits, and remediation efforts. Experience with Risk Management, Risk Register, Risk Assessments and Mitigation methods Very proactive, self-started, heart for the customer and kind spirited in nature EDUCATION AND EXPERIENCE BS/BA degree in Information systems or Security 3+ years of relevant experience in a field or Audit or Compliance . 1 year of relevant experience in Information Security Governance, Risk, or Compliance.