Qualified Security Assessor (QSA)

As a Qualified Security Assessor (QSA) specializing in PCI DSS, your primary responsibility will be to conduct assessments, offer advisory services, and assist clients in their journey towards PCI DSS compliance. You will collaborate closely with different stakeholders to ensure the effective implementation and maintenance of security measures, thereby cultivating a culture of compliance and security awareness. Your main tasks will include performing thorough PCI DSS assessments for a diverse clientele, generating detailed assessment reports that highlight findings, recommendations, and remediation strategies, and working with client teams to establish and execute security policies and procedures. In addition, you will provide expert counsel on PCI DSS requirements, encompassing scoping, risk assessment, and remediation, while aiding clients in overcoming compliance hurdles and addressing security posture deficiencies. Conducting training sessions and workshops for client teams to improve their comprehension of PCI DSS requirements is also part of the role. Building and nurturing strong client relationships to ensure continuous compliance support, contributing to internal compliance and risk management initiatives, and assisting in sales, business development, and key account management activities are also key aspects of the position. To qualify for this role, you must hold current QSA certification with a robust grasp of PCI DSS standards and requirements, along with a proven track record in conducting PCI DSS assessments and audits. Experience in performing PCI DSS assessments within a banking environment is essential. Familiarity with related compliance frameworks such as ISO 27001, NIST, etc., would be advantageous. Strong analytical and problem-solving abilities, meticulous attention to detail, excellent communication and interpersonal skills to convey complex information clearly, the capacity to work autonomously while managing multiple projects concurrently, and relevant technical expertise in IT security and risk management are also required. Preferred qualifications for this position include a Bachelor's degree in Information Security, Computer Science, or a related field, as well as certifications like ISO27001 Lead Auditor & ISO27001 Lead Implementer. Additional certifications such as CISSP, CISM, or CISA are highly desirable.,