Security & Compliance Analyst

Job Title: Security & Compliance Analyst Location: Home Office Compensation: $90,000 - $110,000 per year Who We Are On the Go has elevated the dining and retail experience for travelers by bringing together world-class hospitality, award-winning dining concepts, and forward-thinking technology. With more than 300 unique dining and retail locations across North America’s busiest airports, we’re fueled by a passion for creating exceptional guest experiences—made possible every day by our incredible Crewmembers. At On the Go, people truly come first. We invest in our teams, and foster growth in an exciting, fast-paced environment where everyone can shine. How We Do Business How we work is just as meaningful as what we accomplish. Our Values—Care, Continuous Improvement, Quality, and Teamwork—guide the way we show up for our guests and for each other. We’re committed to fostering an inclusive, safe, and uplifting workplace where people feel respected, empowered, and encouraged to bring their full selves to work. Why This Job Is a Big Deal! The Security & Compliance Analyst is responsible for the organization’s security posture and compliance obligations, with a primary focus on PCI DSS. This role oversees ongoing compliance efforts, conducts assessments, manages evidence collection, and supports the remediation of compliance gaps across restaurants & marketplaces, e-commerce platforms, and point-of-sale environments. The Security & Compliance Analyst works closely with IT, Engineering, Operations, and third-party business partners to maintain secure environments and achieve successful PCI DSS certification. In this Role you will… Support and maintain the organization’s PCI DSS compliance program across all in-scope systems, networks, and business units. Conduct internal PCI assessments, gap analyses, and readiness reviews to identify and remediate compliance deficiencies. Maintain documentation of PCI controls, evidence, and audit artifacts in the company’s Governance, Risk, and Compliance (GRC) platform. Partner with IT, Security, and Retail Operations to validate technical and procedural controls for compliance. Coordinate with Qualified Security Assessors (QSAs) during annual assessments, providing documentation and remediation updates. Monitor system changes, new technologies, and third-party services for PCI scope impact. Track and report compliance status, risks, and remediation progress to management. Develop and deliver PCI awareness training for staff and store-level employees handling payment data. Review and assess vendor compliance with PCI DSS and ensure required Attestations of Compliance (AOC) are maintained. Stay current on PCI DSS version updates, industry trends, and payment security best practices. Support broader security and compliance initiatives beyond PCI, including vendor risk management, cloud security controls (AWS), and policy development as the program matures.

Qualifications

Education & Experience Bachelor’s degree in Information Security, Information Technology, or related field (or equivalent experience). 3–5 years of experience in IT security, compliance, or audit, preferably within a retail or financial environment. Hands-on experience with PCI DSS compliance programs, evidence collection, and remediation management. Preferred Certifications PCI Professional (PCIP) or Certified Information Systems Auditor (CISA) preferred; CISSP or equivalent a plus. Technical Skills Familiarity with network security, encryption, firewalls, vulnerability management, and logging systems. Familiarity with cloud environments, particularly AWS; experience with services relevant to secure data handling and compliance (e.g., IAM, CloudWatch, Secrets Manager, VPC segmentation) is a plus. Experience with compliance tracking, documentation, or GRC tools; familiarity with enterprise platforms such as ServiceNow or equivalent is a plus. Knowledge of POS systems, cardholder data environments, and segmentation practices. Soft Skills Strong attention to detail and analytical skills. Excellent written and verbal communication skills. Ability to work cross-functionally and manage multiple priorities in a fast-paced retail environment. Equal Opportunity Employer We’re proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status. #LI-MS1 Apply To This Job