Information Compliance Analyst

Already a Kwik Trip Coworker? Follow this link to apply: myapps.kwiktrip.com
Location: Department 759
Shift: Daytime
Experience: 3-5 years
Pay Range: $75,160.02 to $112,740.16

Actual pay will be based on various factors, such as a candidate’s qualifications, skills, competencies, proficiency for the role, and internal equity. In addition to base pay, Kwik Trip gives 40% of pre-tax profits back to our coworkers with bonuses ranging from 8-12% of each coworker’s gross annual wage depending on company profitability and offers a comprehensive benefits package, including health insurance, 401k, paid time off, and more.

Kwik Trip’s IT Department has an opening for an Information Compliance Analyst.

Location: La Crosse Support Center | Onsite with Hybrid opportunity

What you’ll be doing…

As an Information Compliance Analyst, you’ll provide strategic oversight for Kwik Trip’s IT Governance, Risk, and Compliance (GRC) functions. You’ll ensure our IT operations align with regulatory requirements, internal policies, and business objectives. This role is ideal for someone with deep knowledge of compliance frameworks, strong documentation skills, and the ability to lead incident response and risk mitigation efforts.

Key Responsibilities:

• Maintain PCI compliance and coordinate annual audits with external QSAs
• Oversee daily IT compliance operations across privacy, accessibility, cybersecurity, and risk management frameworks
• Conduct internal audits and develop mitigation strategies for identified risks
• Write and maintain IT policies and procedures
• Research and track state and federal privacy regulations
• Create and communicate strategic roadmaps for compliance milestones
• Perform detailed risk assessments, evaluating third-party security policies, procedures, and controls for compliance
• Deliver security awareness and compliance training across departments
• Lead response efforts for compliance incidents and collaborate on resolution strategies
• Ensure all risks are entered into and maintained within the Governance, Risk and Compliance (GRC) tool
• Identify and document risks, proposing mitigation strategies and coordinating with teams to address gaps
• Prepare reports and summaries for internal stakeholders to inform decision-making
• Execute, mature and scale the Vulnerability Management Program

You’ll need to have…

• Associate degree in Information Technology, Cybersecurity, or a related field
• 4 to 6 years of experience in IT compliance, risk management, or audit

Even better if you have…

• Certifications such as CRISC, CISA, GRCP, PCIP, CIPM, or CISSP
• Strong knowledge of PCI-DSS, CIS, ADA, and privacy compliance requirements
• Excellent communication and documentation skills
• Proven problem-solving and project management abilities
• Ability to adapt to changing regulatory environments and respond quickly to incidents
• Experience working as an Analyst or Engineer in a GRC focused function
• Understanding of security and technology concepts
• Familiarity with Vulnerability Management concepts and best practices

Work Schedule:

• Monday through Friday, daytime hours. Work Location is onsite; however will be able to work a hybrid model

Kwik Trip, Inc. is a family-owned, Midwest company, in operation since 1965. We are dedicated to serving our guests and coworkers while treating everyone like family. Along with our award-winning culture, we are proud to be an Equal Opportunity Employer. Learn more about Kwik Trip and our culture.