RiseMe
LoginSign Up
Christopherson Business Travel logo
Christopherson Business Travel Verified
Travel Arrangements, Hospitality, Information Technology & Services

Information Security Analyst

Salt Lake City, Utah, United StatesHybridFull Time$90,000–$110,000 /yrPosted 2 months agoVisa sponsorship available

Is this role right for you?

Upload your resume and get a skill-by-skill breakdown — see exactly where you match, where you're close, and what to highlight. Not a mystery percentage.

Get a tailored resume highlighting what this role needs.

Role summary

Christopherson Business Travel seeks an Information Security Analyst to safeguard its systems, data, and client information. This role is pivotal in leading PCI DSS compliance, including managing audits, identifying and remediating gaps, and ensuring adherence to industry standards. Responsibilities also include conducting vulnerability assessments, monitoring security events via SIEM tools, and responding to security incidents. The analyst will collaborate with various teams to implement security best practices, develop policies aligned with frameworks like NIST and CIS, and conduct risk assessments. A key aspect involves advising stakeholders on security matters and supporting vendor assessments. The position offers a hybrid work environment and professional development support.

About Christopherson Business Travel
Christopherson Business Travel is a leading travel management company delivering innovative corporate travel solutions, exceptional client service, and technology-driven insights. We partner with organizations to optimize travel programs, enhance traveler experiences, and drive measurable savings.
Position Summary
The Information Security Analyst is responsible for protecting Christopherson’s systems, data, and client information by maintaining and improving the organization’s security posture. A core focus of this role is leading PCI DSS compliance efforts — managing audits, remediating gaps, and ensuring ongoing adherence to payment card industry standards. Beyond compliance, this role conducts vulnerability assessments, monitors security events, and partners across teams to embed security best practices into daily operations.
Key Responsibilities
PCI DSS Compliance & Audit Readiness

  • Lead PCI DSS compliance initiatives including self-assessment questionnaires (SAQs), gap analyses, and remediation tracking.
  • Coordinate with internal teams and external assessors (QSAs) to prepare for and support PCI audits.
  • Maintain and update security policies, procedures, and documentation required for PCI compliance.
  • Monitor changes to PCI DSS standards and assess their impact on Christopherson’s environment.

Vulnerability Management & Security Testing

  • Conduct regular vulnerability scans and coordinate penetration testing across internal and external systems.
  • Analyze scan results, prioritize findings by risk, and drive remediation efforts with system owners.
  • Perform security assessments of new applications, integrations, and infrastructure changes prior to deployment.

Security Monitoring & Incident Response

  • Monitor security alerts and events using SIEM tools and escalate potential incidents per established procedures.
  • Investigate and respond to security incidents, document findings, and recommend preventive measures.
  • Assist in the development and testing of incident response and disaster recovery plans.

Governance, Risk & Policy

  • Conduct risk assessments to identify threats and vulnerabilities across the organization’s technology landscape.
  • Develop and maintain information security policies, standards, and guidelines aligned with industry frameworks (PCI DSS, NIST, CIS).
  • Deliver security awareness training and phishing simulations to promote a security-conscious culture.

Cross-Functional Collaboration

  • Partner with IT, development, and operations teams to integrate security controls into systems and workflows.
  • Advise stakeholders on security implications of business decisions, vendor relationships, and technology changes.
  • Support third-party vendor security assessments and due diligence reviews.

Qualifications
Required

  • 3–5+ years of experience in information security, cybersecurity, or IT audit/compliance roles.
  • Hands-on experience with PCI DSS compliance, including audit preparation, evidence gathering, and remediation.
  • Proficiency with vulnerability scanning tools (Nessus, Qualys, Rapid7, or similar) and SIEM platforms.
  • Solid understanding of network security, firewalls, endpoint protection, and access control principles.
  • Strong analytical and communication skills with the ability to translate technical risks into business terms.

Preferred

  • Industry certifications such as CompTIA Security+, CISSP, CISA, or PCI QSA/ISA.
  • Experience with compliance frameworks beyond PCI DSS (NIST CSF, SOC 2, ISO 27001).
  • Familiarity with cloud security in AWS, Azure, or GCP environments.
  • Background in the travel, financial services, or payment processing industry.

Core Competencies

  • Regulatory Compliance & Audit Management
  • Risk Assessment & Threat Analysis
  • Vulnerability Management & Penetration Testing
  • Incident Detection & Response
  • Security Policy Development
  • Cross-Functional Communication & Stakeholder Advisory

What We Offer

  • Competitive base salary ($90,000–$110,000 depending on experience)
  • Comprehensive benefits package (medical, dental, vision, 401k)
  • Professional development and certification support
  • Flexible, hybrid work environment
  • A collaborative, mission-driven culture

dWhRVuplwo

Ready to apply?
You'll be redirected to Christopherson Business Travel's application page.

Similar roles