PCI QSA

  • InternetJobs.com
  • Burlington, MA, USA
  • Sep 05, 2017

Job Description

o Assist with conducting internal PCI compliance assessments, gap analyses, and actionable recommendations for remediation

o Provides accurate, complete and timely written documentation for all project phases including pre-project planning, on-going status reports, and project deliverables including technical issues and associated business risks, account management team interaction, and project wrap-up reports

o Communicating with project stakeholders to effectively convey requirements of technical and process improvements.

o Assist with developing customized policies, procedures and controls and technical documentation for applications, systems and infrastructure.

o Assist in managing policy exceptions, including working directly with the teams to document exceptions, identify compensating controls and remediation action plans.



6 month contract
open to some remote work plus onsite work


o Ideally a former QSA (last 3 years) and hold CISSP and CEH

o At least one other Security, Risk or IT certification (i.e. CobiT, CRISC, CISA, CISM, or ISO 27001) achieved.

o Technical skills in assessing servers (*NIX and Windows), firewalls, and other security platforms for PCI DSS controls required

o Mid to advanced level methods knowledge of the following:

Vulnerability scanning

Penetration testing (network, system and application)

Application development

Policy development

Forensics

Security event monitoring

o Compliance: regulatory, privacy, international laws and statutory requirements.

o Risk: risk frameworks, maturity models, and enterprise IT security risk methodologies.

o Governance: vendor management, policy frameworks, control design and security design/architecture.

o Security architecture: infrastructure, network and systems design with CEH

o Knowledge of and hands-on experience with PCI audits and PCI attestations.


Associated topics: chief program officer, cpo, manage, manager, management, monitor, product manager, project manager, relationship manager, task

Company

Strategic Systems