We have an exciting opportunity for a Qualified Security Assessor (QSA) consultant with excellent technical knowledge to join our rapidly growing practice, working on a variety of client engagements across all business sectors.
You will work with clients of all merchant levels and service providers at various stages of their PCI compliance programme.
As a QSA, you will also get the opportunity to deliver security assessments and provide consulting services to a wide range of clients against other industry standards such as ISO, SWIFT CSF, and CIS18 Key responsibilities include: Preparingexecutive and technical reports detailing the assessment findings, including security gaps, and assisting inidentifying solutions to improve the clients security posture.
Performing comprehensive audits such as PCI DSS, ISO27001/27002, ISO27017/18, CCM, and SWIFT Security for IT Governance clients.
Completing PCI DSS Gap Assessments, Risk Assessments, Third Party reviews and Reports on Compliance (ROCs) within ecommerce, retail, higher education and large service provider environments.
Creatingroadmaps to achieve full compliance before a formal audit via gap assessment techniques with prioritized remediation steps, estimated work efforts, and associated timelines.
Maintaining effective communication between other consultants, management, and client stakeholders.
Responding promptly to changes in client expectations both professionally and effectively by delivering work that meets or exceeds expectations based on a solid understanding of the clients business and needs.
Contributing to the overall success of the practice through a variety of activities supporting business development / sales team by answering operational and technical questions related to areas, including PCI DSS, SWIFT CSF, ISO27001/27002, and Cloud compliance assessments (ISO27017/18, CCM).
The ideal candidate will have: A minimum 2years professional experience with sufficient information security knowledge and experience to conduct technically complex security assessments.
A current PCI QSA certification supported by CISSP, CISA or CISM certification (at least one of them), or a valid ISO 27001 Lead Auditor + Lead Implementer certifications.
Familiarity and experience with a variety of products and technologies such as Cloud, Virtualisation, Network Firewalls, Web Application Firewalls, Antivirus Solutions, encryption technologies and software development life cycles It would be desirable if you had: Experiencedelivering classroom training in PCI-DSS and / or ISO 27001/SOC2 Knowledge about PCI DSS and all applicable PCI SSC published documents.
Experience conducting gap analysis and assessments related to multiple information security frameworks (ISO 27001, SOC2, SWIFT CSCF) is a plus.
It is essential that you are PCI QSA certified and it would be advantageous if you have experience delivering classroom training on the PCI DSS and/or CISSP.
If you have experience in a similar position where you have performed level 1 merchant audits and are CISSP, CISM or IT audit certified, we would love to hear from you.
To apply, please click the button below and send a CV and covering letter.
(No agencies, please.)
Remuneration: £60,000 - £70,000 p.a., depending on skills and experience.
Basis: Full-time, permanent.
Location: Homebased with travel to client sites.
We are an equal opportunities employer and welcome applications from candidates of any and all backgrounds.
You can find our Privacy Notice here at: Privacy Notice (grci.group) TPBN1_UKTJ