Jul 13, 2026

PCI Internal Security Assessor (ISA) - Caribbean

Apply Now →

Job Description: PCI Internal Security Assessor (ISA)

Department: Enterprise Security & Technology Risk Management Location: Regionwide

Reports To: Chief Information Security Officer (CISO)

Employment Type: Full-time

Job Overview

The PCI Internal Security Assessor (ISA) is responsible for ensuring that our client from banking industry complies with the Payment Card Industry Data Security Standard (PCI DSS). The ISA will assess, monitor, and enforce the security measures necessary to protect cardholder data and maintain PCI compliance across all systems and processes. This role works closely with internal stakeholders and external parties to maintain a secure environment, mitigate risks, and improve overall security posture.

Key Responsibilities:

Develop and implement PCI compliance policies, procedures, and controls.

Documentation and Reporting:

Qualifications:

Education:

equivalent work experience).

Additional certifications such as CISSP, CISM, CISA, or CEH are a plus.

Other Requirements:

Ability to work independently and handle sensitive information confidentially.

  • Risk Assessment and Mitigation:
    • Identify and assess potential risks to cardholder data environments and provide recommendations for risk mitigation.
    • Implement and enforce necessary security controls to address gaps identified during assessments.
    • Ensure vulnerability scanning, penetration testing, and security reviews are conducted to identify weaknesses and ensure continuous compliance.
  • Training and Awareness:
    • Conduct internal PCI DSS training for staff to ensure a deep understanding of the importance of compliance and security measures.
    • Provide ongoing guidance and support to departments regarding security best practices related to PCI DSS.
  • Collaboration and Communication:
    • Work closely with projects, Enterprise Security, Technology, and other relevant departments to align PCI DSS compliance with overall security policies and practices.
    • Proactively identify and/or promptly escalate risks and issues affecting PCI compliance status.
    • Stay updated on changes in PCI DSS requirements and industry best practices to ensure our client from banking industry remains compliant.
    • Present PCI DSS compliance status reports to senior management and external stakeholders.
    • Act as a liaison where necessary between our client from banking industry and external vendors or service providers involved in processing or storing cardholder data.
  • Originally posted on