Senior Consultant, PCI QSA

What You'll Do

• Lead audits/assessments full cycle including audit plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Prepare, review and approve assessment reports.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets.
• Manage quality throughout the entirety of the engagement, while providing direct coaching and revisions to work products. 
• Ensure quality products and services are delivered on time.
• Escalate client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Interface with clients through entire engagement, interacting will all levels of client organizations. Establish and maintain positive collaborative relationships with clients and stakeholders .
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establish account relationships and identifies upsell and cross sell opportunities and escalates to sales.
• Travel 25-50%
• Ability to be successful when working remotely.

What You'll Bring

• Current PCI-QSA certification preferred (will consider former QSA)
• One of the following Information Security certifications required: CISSP, CISM or ISO 27001 Lead Implementer.
• One of the following Audit certifications required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO 27001 Lead Auditor. 
• Familiarity with other common IT Audit frameworks (SOC 2, ISO 27001, FedRAMP, HITRUST, etc.)
• Bachelor's degree (four-year college or university) or equivalent combination of education and work experience.
• Strong knowledge of the PCI-DSS security standards.
• 5+ years of experience in an IT Security Audit and/or Compliance role.
• Experience preparing and presenting Tier 1 and Tier 2 Reports on Compliance (ROCs).
• Experience performing IT security risk assessments and gap analysis.
• Strong excel skills with ability to develop worksheets with complex formulas .
• Experience interacting with management in a consultative manner.
• Strong IT understanding with respect to networks, servers, workstations, and applications.
• Excellent communication and presentation skills. Ability to facilitate meetings of small or large groups.
• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience.
• Strong Consulting skills with executive leadership and technical professionals; ability to advise and challenge the status quo while building strong relationships.
• Positive attitude.
• Diplomatic and broad minded.
• Ability to build high-trust relationship and credibility quickly both internally and externally.
• Strong attention to detail, strong problem solving, decision-making, organizational and analytical skills.
• Ability to prioritize and manage multiple initiatives/projects.
• Ability to be self-driven and have strong independent initiative.