Security Consultant

Job Responsibilities:

  • Engages with the client including client QSA team, identifies cyber security needs/requirements in relation to their PCI-DSS posture, engages with SMEs and PCI team to work on PCI security proposal and collect HL designs, pricing and validate security solution to be proposed
  • Works with engineers and SMEs in the development of the technical solutions or offerings, in translating the business needs into technical requirements, and is a key contributor in the value proposition.
  • Acts as PCI SME for our client and internal towers/engineers
  • Expertise in full PCI lifecycle – from consultancy, to architectural definition, to solution implementation and project delivery.
  • Work will include running workshops and conducting PCI assessments to help the client understand their security and privacy issues, risks, exposure and vulnerabilities including architecting secure solutions to address specific security and privacy requirements.
  • Creating high quality documentation such as Presentations, Risk Assessments, Reports and completing metrics and spreadsheets
  • Excellent writing skills to include a firm grasp of the technical aspects as well as report delivery to clients
  • Act as internal advisor to various technical teams as SME for PCI DSS 3.2 to support them understand the requirements and deliver against it in BAU and for audit purposes
  • Help management team to create policies and procedures in BAU to meet PCI DSS requirements
  • Validate and review PCI artefacts and evidence before official audit and collaborate with towers to remediate where needed
  • Push engineers and towers to deliver PCI envidence, engage in remediation and make sure progress is maintained to ensure easy audits
  • Travel up to 50%

Job Qualifications:

Required
  • Bachelors degree or Masters degree
  • Min 5 years Sr. Security Consulting experience in PCI (current version PCI DSS 3.2)
  • Full lifecycle project experience as Security Consultant including design and implementation
  • Client facing experience at a range of levels : Applied Excellent verbal, written communication, and presentation skills
  • Several years experience in IT security, compliance and risk management, including privacy, controls, etc.
  • Implementation experience with enterprise security packages, tokenisation, identity management and federated systems
  • Familiarity with industry compliance and security standards including PCI DSS, ISO 27001, HIPAA, and NIST experience advising customers on architectures meeting industry standards such as SAS70, SOC1, FISMA, etc
Desired Skills / Certifications
  • QSA, CISSP, CISA, CISM, CRISC

Apply

Leave a Reply

Your email address will not be published. Required fields are marked *