PCI DSS QSA (Senior Consultant)

PCI DSS QSA (Senior Consultant)

Department: Cyber Services and Capabilities

Employment Type: Full Time

Location: GBR London

Description

Summary of role

NCC Group provides Information Assurance consultancy to help businesses protect critical systems and information. We do this by defining security strategies, developing policies, conducting security maturity and risk assessments, architecture reviews and by delivering security awareness & training. We also provide security expertise to businesses to provide an on-demand cyber capability in the short, medium or long term to solve pressing business cyber orientated problems and challenges.

Our core services include:

• Strategy and governance
• On-demand augmentation roles
• Data discovery and mapping Risk advisory and assurance
• Business resilience Data privacy and GDPR
• ISO 27001 assessments
• Supply chain assurance
• PCI 3DS, PCI P2PE, PCI SSF audits
• Incident response readiness and planning
• Card production and PIN audits Cyber maturity assessments
• Incident response planning Gold/Silver/Bronze tabletops

We have a fantastic new opportunity to join our UK Consulting and Implementation division for a Senior Consultant operating as a Qualified Security Assessor (QSA). The ideal candidate will have prior extensive PCI consulting experience and commercial exposure within the cyber and payments space, gained from delivering a diverse range of cyber and assurance services ideally across a broad client base. In addition to your technical skills, you will have strong client facing skills and be comfortable dealing with senior client stakeholders.

Key Responsibilities

• Build and maintain sustainable trusted client relationships through high-quality delivery, ensuring output exceeds client expectations.
• Conduct onsite and remote activities to advise, assess, analyse, and report in line with the engagement and client business requirements. This will involve meeting client stakeholders, conduct of documentation reviews, auditing technical solutions and systems as well as presenting information and advice to senior business partners.
• Translate the technical and non-technical findings from an assessment or exercise into relevant, actionable remediation road maps for customers.
• Responsible for adhering to all internal policy and procedures in relation to security and quality best practice. Engage with Markets and Pre-Sales teams during the sales cycle to assist in quantifying, pricing and assessing the capability required for the project delivery.
• Assist with sales proposals, bids and tenders for delivery of Assurance & Compliance services.
• You will act as mentor to less experienced consultants and foster knowledge sharing throughout the delivery team.

Skills, Knowledge & Expertise

• You hold or have held a PCI Qualified Security Assessor (QSA) qualification and delivered PCI DSS assessments.
• You hold or have held other PCI assessor qualifications such as PCI 3DS Assessor, PCI Card Production Security Assessor (CPSA), P2PE Assessor, Qualified PIN Assessor (QPA) or Secure Software Assessor. You are interested in expanding your PCI skills to include assessing against these standards.
• You will be working in areas mainly focusing on PCI QSA however other skills include as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005) EU GDPR and other frameworks as requested by clients.
• Have the ability to deliver projects within time and in budget and to a high level of customer satisfaction – exercising customer care at all times.
• Demonstrate a strong ability to develop a rapport with customers and to engender long lasting relationships.
• Have strong business, consultancy and technical skills within the IT Security Industry.
• Excellent communication and presentation skills.

Desired Skills and Qualifications

Demonstrable capability and qualifications across multiple of the following technical areas is advantageous.

• SOC / SIEM assessments and tooling
• Identity and Zero trust
• Security design and architecture
• GovAssure
• Operational Technology (OT)
• ISA 62443
• Artificial Intelligence
• SWIFT CSP
• Cloud related certifications across AWS/GCP/Azure
• CISM / CISSP / CRISC / ISO 27001 LI/LA / CISA

What do we offer in return?

• Flexible Working: Balance your work and personal life with our flexible working options.
• Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
• Medicash & Critical Illness Scheme
• Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
• Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
• Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
• Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
• Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
• Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.

#J-18808-Ljbffr…