IT Security Compliance Analyst

Potpourri Group Inc - North Billerica, MA2.9

Full-timeEstimated: $80,000 - $100,000 a year

Potpourri Group Inc., referred to as "PGI", was founded in 1963, publishing a single consumer catalog title. New brands were added through internal development and acquisitions so that today PGI has grown to be one of the most successful multi-brand direct-to-consumer merchants in America, serving millions of customers a year.

At PGI, we look for unique talent and skills, and above all else, passion. Our employees are enthusiastic team members who love what they do, and come to work every day ready to jump in and roll up their sleeves. Employees here take initiative, take pride in their work and accomplishments, and are trusted to work independently while being team players known for sharing ideas, support, and resources.

PGI is a collaborative team-oriented environment with an entrepreneurial spirit. Team members are encouraged to think outside of the box, be creative, and push the envelope. Ideas are welcomed and generated through brainstorming, informal meetings, and even hallway and coffee room conversations. The workload is significant, deadlines run tight, critical projects are always on the table, but everyone pulls together to “get it done” because they care. People are more than just co-workers at PGI and it’s more than just another job here. It’s a calling, it’s a community, and it’s a career.

Position Overview:

This entry level position is responsible for the certification and compliance with all security standards applicable to the Potpourri Group, with special emphasis on the Payment Card Industry (PCI) Data Security Standard (DSS) program throughout the Potpourri Group organization. The ideal candidate will leverage security and payment card industry knowledge along with Information Technology experience to assist in meeting Potpourri Group’s business segment security certification timelines. This position is also accountable for coordinating all security related documentation and overseeing all internal security audit processes. Also, the person in this position will exhibit ownership, follow-through, initiative, and must be able to have effective communication with peers and management speaking to the details of security compliance operational activities to both the business segment and technical teams. Additional responsibilities in the Enterprise Systems group may include support for business applications, aid in training of users, investigation of new features and other security related capabilities, testing of patch code & new revisions, consulting with users to identify and implement better or more efficient and secure means of using applications. The position may also be asked to develop reports or extracts used by other business systems in the company, and will assist in documenting the operating environment.

Essential Duties and Responsibilities:

  • Updates and annual review of Potpourri Group Information Security policies and standards as it relates to PCI-DSS.
  • Participate in IT related meetings.
  • Assist in the development and ongoing maintenance of policies, procedures and documents required to maintain all security compliances
  • Keeps abreast of current information through formal/informal training and researches the latest technologies and innovations critical to maintaining successful security compliance levels
  • Recommending security enhancements and purchases
  • Training staff on network and information security procedures and practices
  • Performing risk assessments and testing of information systems
  • Aid in writing & implementing test plans for security related initiatives
  • Provide additional support for the planning, development, testing and ongoing management of a disaster recovery environment
  • Will be included in the IT on-call support rotation (24 x 7 x 365)


  • Any security certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified Information Systems Auditor (CISA), or PCI Internal Security Assessor (ISA) rating is desired. PCI ISA certification will be required to retain position.
  • Excellent written and verbal communication skills
  • Strong internal customer orientation; able to empathize and build rapport
  • Strong communication skills to interact with business managers and executives to identify security initiatives
  • Customer-focused, energetic attitude
  • Detail oriented and ability to focus on granular level compliance and security issues
  • Ability to work well on a collaborative team and influence others without direct authority
  • The following skills and/or experience would be considered desirable as background for this position:
  • Security analyst
  • Network engineering
  • Business systems analysis
  • Server system administration
  • Other IT related experience


  • Full benefits package including Medical, Dental, Vision and 401k with Company Match
  • Paid Vacation Time, Sick Time, and Holiday Pay
  • Company-paid Life Insurance and Disability Insurance
  • Employee Discounts, Hays Perks Program, Employee Assistance Program and Good RX
  • Yoga, Meditation, Chair Massages and Weight Watchers

Please visit our corporate website at for more information.

Potpourri Group is an Equal Opportunity Employer

Job Type: Full-time


  • relevant: 1 year (Preferred)
  • Information Security: 1 year (Preferred)


  • security (Preferred)

Work authorization:

  • United States (Required)

Additional Compensation:

  • Bonuses
  • Store Discounts

Work Location:

  • One location


  • Health insurance
  • Dental insurance
  • Vision insurance
  • Retirement plan
  • Paid time off


  • Monday to Friday