Senior Security Consultant, QSA

2 days ago

Apply Now

Receive Emails with Similar Jobs

VikingCloud

WebsiteLinkedInAll Job Openings

Cloud • Artificial Intelligence • Endpoint Security • Penetration Testing • Assessment Validation

1001 - 5000

Description

• As a Qualified Security Assessor (QSA) you will provide assessments and consulting to our clients. • Senior Security Consultant will focus their efforts on client-facing delivery of various security regulatory and best practice consulting engagements, including PCI DSS, Secure Software (SSF), PIN, 3DS, P2PE, and Card Production Assessments. • You will manage your own book of work and be the master of your own work schedule. • Conduct remote assessment activities and travel to client locations which usually last anywhere from 3-5 days for on-site activities. • You will be working on an average of 3-4 active projects at any given time. • Perform both consulting, advisory and assessment services. • Must maintain relevant certification required by industry and complete relevant ongoing continuing education required by certifications. • Provide competent and relevant cybersecurity, governance, compliance, risk, and auditing in the technical space in accordance with various regulations and standards. • Provide engagement management and high-level project management for delivery of services to multiple clients. • Evaluate client compliance with regulations such as Payment Card Industry Data Security Standard (PCI DSS), ISO 27K series, NIST, or other compliance standards and frameworks. • Conduct audits and risk assessment based on National Institute of Science (NIST) standards. • Consultative support with clients in using risk assessment and audit based on National Institute of Science (NIST) or ISO27002. • Sharing your expertise with clients and colleagues. • Providing clear, organized findings and recommendations to clients and tracking progress towards resolution and compliance. • Producing detailed, high-quality reports for clients and industry third parties. • Learning from our close-knit group of consultants as well as contributing your thoughts, tools, industry news or lessons learned. • Working with clients to implement practices to produce secure applications and identify and eliminate security vulnerabilities. • Working independently, undertaking information security engagements.

Requirements

• Bachelor’s degree or similar, and/or at least seven (7) + years of experience in a consulting or audit role, alternatively have experience in Information Security or IT security. • MUST have active PCI DSS QSA certification needed • Have at least one industry-recognized professional certification from each list below: List A: (ISC)2 - Certified Information System Security Professional (CISSP) - ISACA Certified Information Security Manager (CISM) - Certified ISO 27001 Lead Implementer List B: - ISACA Certified Information Systems Auditor (CISA) - Certified ISO 27001, Lead Auditor, Internal Auditor 1 - IRCA ISMS Auditor or higher (e.g., Auditor/Lead Auditor, Principal Auditor) - IIA Certified Internal Auditor (CIA) • Experience working in sectors such as retail, banking, fintech, software development (or any other industry where card payments are accepted). • Strong understanding of IT infrastructure including applications, servers, databases, network devices and security solutions. • Strong understanding of IT and security processes including change control, patch management, vulnerability management, configuration management, incident response etc. • Experience with software development methodologies and practices. • Virtualization experience beneficial. • Cloud security (AWS, Oracle) experience beneficial. • Understanding of regulatory requirements and compliance issues affecting clients related to privacy and data protection.