Security Consultant – PCI QSA

My client is looking for a PCI QSA Consultant to join their expanding GRC team. 

Responsibilities

• Consulting and Cyber Risk Advisory Services – Conducting gap analysis and risk assessments related to multiple information security frameworks such as PCI DSS, ISO27001 and GDPR and ensuring information risks are adequately addressed with stakeholders (internal and external) at all levels, as required
• Creating professional reports for clients that detail assessment finding
• Work closely with technical teams and the Qualified Security Assessor (QSA), to ensure correct and common understanding of PCI requirements, provide advice and review technical designs
• Provide advice for the management of risks that you have identified
• Experience in managing PCI and ISO 27001 compliance
• Knowledge of payment industry regulations/standards: PCI DSS

• Experience of delivering reports to customers and stakeholders on services
• A broad range of cyber and information security and risk management expertise
• Experience of security architecture and system design and the security controls needed to protect these services and the data that they process and store
• An understanding of the Data Protection Act and GDPR and be experienced in ensuring compliance
• An understanding of UK and international, legal and regulatory requirements that could affect organisational security and assurance policies 
• Industry best practices for privacy, security and information risk management
• Advantageous to have skills to be able to perform as a virtual CISO