We are looking for an experienced and motivated PCI DSS QSA to join our lively international team and work on projects for Europe's leading brands
The
PCI Qualified Security Assessor (QSA)
will be responsible for conducting PCI DSS (Payment Card Industry Data Security Standard) compliance assessments for clients across various industries. The ideal candidate has in-depth knowledge of data security regulations, experience in IT security audits, and the ability to collaborate with clients to ensure compliance with PCI DSS standards.
Key Responsibilities
* Conduct PCI DSS Assessments
: Perform audits and evaluations to verify clients' adherence to PCI DSS standards, including technical and organizational requirements.
* Prepare Compliance Reports
: Draft and deliver detailed Reports on Compliance (ROC) and Attestations of Compliance (AOC) with accuracy and clarity.
* Provide Client Guidance
: Offer practical recommendations to enhance data security and address any compliance gaps identified during assessments.
* Project Management
: Plan and manage assessment activities, coordinating with internal and external teams to meet deadlines.
* Risk Analysis
: Identify and evaluate security risks related to the cardholder data environment.
* Training and Awareness
: Support clients in understanding PCI DSS requirements and implementing security best practices.
* Regulatory Monitoring
: Stay updated on changes to PCI DSS standards and other relevant security regulations.
* Cross-Functional Collaboration
: Work with clients' IT, risk management, and legal teams to ensure an integrated approach to compliance.
Requirements
* Valid PCI QSA certification or equivalent experience in information security.
* At least 3-5 years of experience in IT security audits, compliance management, or security consulting.
* In-depth knowledge of PCI DSS standards and other security regulations (e.g., ISO 27001, GDPR).
* Technical expertise in areas such as networking, encryption, vulnerability management, and application security.
* Excellent written and verbal communication skills, with the ability to present technical information to non-technical audiences.
* Ability to manage multiple projects simultaneously and meet tight deadlines.
* Preferably, experience in industries such as fintech, retail, e-commerce, or payment services.
Preferred Qualifications
* Additional certifications such as CISSP, CISM, ISO 27001, RISS or CISA, GSNA, IRCA ISMA, CIA.
* Experience with vulnerability scanning tools.
* Knowledge of security frameworks like NIST or COBIT.
* Proficiency in foreign languages to support international clients.