Hyatt
Senior Governance, Risk, and Compliance (GRC) Analyst (Remote Opportunity)
Hyatt, Chicago, Illinois, United States, 60290
Overview
Senior Governance, Risk, and Compliance (GRC) Analyst (Remote Opportunity) at Hyatt Hotels Corporation. The Senior GRC Analyst will serve as a subject matter expert in payment card industry (PCI DSS) compliance and support the organization’s PCI-related assessments and certification efforts. The role involves collaboration with cross-functional teams to strengthen Hyatt’s compliance posture and reduce risk exposure. Responsibilities
Lead the end-to-end PCI DSS Level-1 Service Provider assessment process in collaboration with the external QSA, from planning through final Report on Compliance (ROC) delivery. Serve as the primary liaison with QSAs, external auditors, and internal stakeholders to ensure timely deliverables, effective communication, and resolution of findings. Interpret PCI DSS requirements and provide actionable guidance to technical and business teams for effective implementation. Oversee evidence gathering, review, and validation to support PCI DSS, SOX ITGC, operational audits in conjunction with Hyatt Internal Audit, and other compliance assessments. Manage SOX ITGC audit activities, coordinate with control owners, address deficiencies, maintain control documentation, and oversee remediation activities. Support other IT compliance initiatives such as vendor risk management, ISO 27001 alignment, and regulatory or contractual audits. Develop and maintain compliance-related policies, procedures, and control documentation. Track, monitor, and report compliance metrics to management and senior leadership. Stay informed on regulatory and industry changes, advising stakeholders on potential impacts and required adjustments. Qualifications
Bachelor’s degree in Information Security, Information Technology, Risk Management, Cyber Security, or related field (or equivalent work experience). 5+ years of experience in GRC, IT compliance, or information security, with significant PCI DSS and SOX ITGC experience. Proven history of leading PCI DSS Level-1 Service Provider assessments with a QSA. Strong understanding of PCI DSS requirements, SOX Compliance, and general IT audit frameworks. Experience coordinating with external auditors and managing cross-functional remediation efforts. Excellent organizational, communication, and stakeholder management skills. Experience Preferred
Preferred certifications: PCI Qualified Security Assessor (QSA), PCI Internal Security Assessor (ISA), CISA, CISSP, CRISC, or equivalent. Benefits
Annual allotment of free hotel stays at Hyatt hotels globally Flexible work schedule Wellbeing initiatives such as a Headspace subscription and fitness center discount Global family assistance policy with paid time off after birth/adoption and financial assistance for adoption Salary
The salary range for this position is $95,000 to $120,000. This position is eligible to earn incentive awards and an annual bonus. The final pay rate will depend on experience, skill level, and location. Employment details
Seniority level: Mid-Senior level; Employment type: Full-time; Job function: Information Technology; Industries: Hospitality.
#J-18808-Ljbffr
Senior Governance, Risk, and Compliance (GRC) Analyst (Remote Opportunity) at Hyatt Hotels Corporation. The Senior GRC Analyst will serve as a subject matter expert in payment card industry (PCI DSS) compliance and support the organization’s PCI-related assessments and certification efforts. The role involves collaboration with cross-functional teams to strengthen Hyatt’s compliance posture and reduce risk exposure. Responsibilities
Lead the end-to-end PCI DSS Level-1 Service Provider assessment process in collaboration with the external QSA, from planning through final Report on Compliance (ROC) delivery. Serve as the primary liaison with QSAs, external auditors, and internal stakeholders to ensure timely deliverables, effective communication, and resolution of findings. Interpret PCI DSS requirements and provide actionable guidance to technical and business teams for effective implementation. Oversee evidence gathering, review, and validation to support PCI DSS, SOX ITGC, operational audits in conjunction with Hyatt Internal Audit, and other compliance assessments. Manage SOX ITGC audit activities, coordinate with control owners, address deficiencies, maintain control documentation, and oversee remediation activities. Support other IT compliance initiatives such as vendor risk management, ISO 27001 alignment, and regulatory or contractual audits. Develop and maintain compliance-related policies, procedures, and control documentation. Track, monitor, and report compliance metrics to management and senior leadership. Stay informed on regulatory and industry changes, advising stakeholders on potential impacts and required adjustments. Qualifications
Bachelor’s degree in Information Security, Information Technology, Risk Management, Cyber Security, or related field (or equivalent work experience). 5+ years of experience in GRC, IT compliance, or information security, with significant PCI DSS and SOX ITGC experience. Proven history of leading PCI DSS Level-1 Service Provider assessments with a QSA. Strong understanding of PCI DSS requirements, SOX Compliance, and general IT audit frameworks. Experience coordinating with external auditors and managing cross-functional remediation efforts. Excellent organizational, communication, and stakeholder management skills. Experience Preferred
Preferred certifications: PCI Qualified Security Assessor (QSA), PCI Internal Security Assessor (ISA), CISA, CISSP, CRISC, or equivalent. Benefits
Annual allotment of free hotel stays at Hyatt hotels globally Flexible work schedule Wellbeing initiatives such as a Headspace subscription and fitness center discount Global family assistance policy with paid time off after birth/adoption and financial assistance for adoption Salary
The salary range for this position is $95,000 to $120,000. This position is eligible to earn incentive awards and an annual bonus. The final pay rate will depend on experience, skill level, and location. Employment details
Seniority level: Mid-Senior level; Employment type: Full-time; Job function: Information Technology; Industries: Hospitality.
#J-18808-Ljbffr