Information Compliance Analyst

Kwik Trip, Inc. • La Crosse, WI, US • $85.63k - $128.45k / year • 2w ago

Kwik Trip’s IT Department has an opening for an Information Compliance Analyst.

Location: La Crosse Support Center | Onsite with Hybrid opportunity

What you’ll be doing…

As an Information Compliance Analyst, you’ll provide strategic oversight for Kwik Trip’s IT Governance, Risk, and Compliance (GRC) functions. You’ll ensure our IT operations align with regulatory requirements, internal policies, and business objectives. This role is ideal for someone with deep knowledge of compliance frameworks, strong documentation skills, and the ability to lead incident response and risk mitigation efforts.

Key Responsibilities:

Maintain PCI compliance and coordinate annual audits with external QSAs
Oversee daily IT compliance operations across privacy, accessibility, cybersecurity, and risk management frameworks
Conduct internal audits and develop mitigation strategies for identified risks
Write and maintain IT policies and procedures
Research and track state and federal privacy regulations
Create and communicate strategic roadmaps for compliance milestones
Perform detailed risk assessments, evaluating third-party security policies, procedures, and controls for compliance
Deliver security awareness and compliance training across departments
Lead response efforts for compliance incidents and collaborate on resolution strategies
Ensure all risks are entered into and maintained within the Governance, Risk and Compliance (GRC) tool
Identify and document risks, proposing mitigation strategies and coordinating with teams to address gaps
Prepare reports and summaries for internal stakeholders to inform decision-making
Execute, mature and scale the Vulnerability Management Program

You’ll need to have…

Associate degree in Information Technology, Cybersecurity, or a related field
4 to 6 years of experience in IT compliance, risk management, or audit

Even better if you have…

Certifications such as CRISC, CISA, GRCP, PCIP, CIPM, or CISSP
Strong knowledge of PCI-DSS, CIS, ADA, and privacy compliance requirements
Excellent communication and documentation skills
Proven problem-solving and project management abilities
Ability to adapt to changing regulatory environments and respond quickly to incidents
Experience working as an Analyst or Engineer in a GRC focused function
Understanding of security and technology concepts
Familiarity with Vulnerability Management concepts and best practices

Work Schedule:

Monday through Friday, daytime hours. Work Location is onsite; however will be able to work a hybrid model

Related Jobs

Special Agent

Federal Bureau of Investigation (FBI) • La Crosse, WI, US • $97.30k - $125.54k / year • 1w ago

1w ago

Apply