Job Description
We have an exciting opportunity for a remote Qualified Security Assessor (QSA) consultant with excellent technical knowledge to join our rapidly growing practice, working on a variety of client engagements across all business sectors. You will work with clients of all merchant levels and service providers at various stages of their PCI compliance programme. As a QSA, you will also get the opportunity to deliver security assessments and provide consulting services to a wide range of clients against other industry standards such as ISO, SWIFT CSF, and CIS18.
This is a remote role.
Key responsibilities include:
* Preparingexecutive and technical reports detailing the assessment findings, including security gaps, and assisting inidentifying solutions to improve the clients security posture.
* Performing comprehensive audits such as PCI DSS, ISO27001/27002, ISO27017/18, CCM, and SWIFT Security for IT Governance clients.
* Completing PCI DSS Gap Assessments, Risk Assessments, Third Party reviews and Reports on Compliance (ROCs) within ecommerce, retail, higher education and large service provider environments.
* Creatingroadmaps to achieve full compliance before a formal audit via gap assessment techniques with prioritized remediation steps, estimated work efforts, and associated timelines.
* Maintaining effective communication between other consultants, management, and client stakeholders.
* Responding promptly to changes in client expectations both professionally and effectively by delivering work that meets or exceeds expectations based on a solid understanding of the clients business and needs.
* Contributing to the overall success of the practice through a variety of activities supporting business development / sales team by answering operational and technical questions related to areas, including PCI DSS, SWIFT CSF, ISO27001/27002, and Cloud compliance assessments (ISO27017/18, CCM).
The ideal candidate will have:
* A minimum 2years professional experience with sufficient information security knowledge and experience to conduct technically complex security assessments.
* A current PCI QSA certification supported by CISSP, CISA or CISM certification (at least one of them), or a valid ISO 27001 Lead Auditor + Lead Implementer certifications.
* Familiarity and experience with a variety of products and technologies such as Cloud, Virtualisation, Network Firewalls, Web Application Firewalls, Antivirus Solutions, encryption technologies and software development life cycles
It would be desirable if you had:
* Experiencedelivering classroom training in PCI-DSS and / or ISO 27001/SOC2
* Knowledge about PCI DSS and all applicable PCI SSC published documents.
* Experience conducting gap analysis and assessments related to multiple information security frameworks (ISO 27001, SOC2, SWIFT CSCF) is a plus.
It is essential that you are PCI QSA certified and it would be advantageous if you have experience delivering classroom training on the PCI DSS and/or CISSP.
If you have experience in a similar position where you have performed level 1 merchant audits and are CISSP, CISM or IT audit certified, we would love to hear from you.
To apply, please click the button below and send a CV and covering letter. (No agencies, please.)
Remuneration: £60,000 - £70,000 p.a., depending on skills and experience.
Basis: Full-time, permanent.
Location: Remote with travel to client sites.
We are an equal opportunities employer and welcome applications from candidates of any and all backgrounds.
You can find our Privacy Notice here at:Privacy Notice (grci.group)
JBRP1_UKTJ