Share this Job
Apply now »

Senior Qualified Security Assessor

US

Requisition Number: 90704 

Position Overview
As a Governance, Risk and Compliance Architect & Payment Card Industry (PCI) Qualified Security Assessor (QSA) you’ll need to have a combination of advanced technology skills, business acumen, and leadership including delivery of PCI assessments and engagements for C-level client executives and technical staff. Applicants will be required to have a solid knowledge of data privacy and information security laws and regulations coupled with experience in information technology practices, information security operations, auditing frameworks, and business assessments. This is a remote role on our Security team. Requires a willingness to occasionally travel in order to address client’s needs (up to 25%).


What You Will Do on the QSA Team

  • Establish annual long-term security and compliance goals, define security strategies, metrics, create detailed reports on gaps and remediation recommendations, and create a cybersecurity technology roadmap.
  • Scheduling and leading technical interviews with various customer groups and subject matter experts
  • Acting as the subject matter expert to answer questions and educate customers about the PCI DSS.
  • Writing detailed management reports and supporting documentation for the customer and the card brands.
  • Developing executive presentations or status communications for engagements.
  • Providing direction and mentorship to other consultants.

 

What The Team is Looking For

  • Bachelor's degree and/or approximately 5 years of related work experience.
  • Minimum 5 years of IT experience planning and implementing various GRC domains, including data governance, policy and procedures, compliance, risk management, assessments, third-party management, vulnerability management, security log management, auditing, and incident response, etc.
  • Five or more years of experience as a Qualified Security Assessor actively performing PCI assessments and/or remediation engagements.
  • Must have a current QSA and deep knowledge of Payment Card Industry (PCI) DSS auditing.
  • Experience with identifying, collecting, organizing, and reviewing pertinent evidence across multiple platforms and applications to determine compliance with relevant PCI DSS controls.

  • Experience completing a PCI Report on Compliance (ROC), PCI Self-Assessment Questionnaire (SAQ), and using the PCI Prioritized Approach Tool.

  • Experience with IT remediation activities, including designing organizational Information security architecture, infrastructure, and applications.

  • Other desirable framework knowledge includes ISO 27001/27002, ITIL, CoBiT, NIST, CMMC, HIPAA, HITRUST, NIST 800-53, and NIST CSF.
  • Ability to maintain PCI QSA Certification, including maintaining required prerequisite security and audit certifications
  • Information Security and regulatory compliance consulting experience.
  • Excellent written and oral communication skills with an ability to help clients understand technical issues and business risks as related to the results of testing
  • Experience designing and/or implementing risk management and security solutions.
  • Cloud Security experience desirable.
  • Strong experience working with Microsoft Office products and GRC tools.

 

Salary Range - 130-140k plus 15% bonus

Insight is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, sexual orientation or any other characteristic protected by law.

 

 

Posting Notes: NA || Illinois (US-IL) || United States (US) || Engineering || None || Remote ||


Job Segment: Compliance, Information Security, Consulting, Risk Management, Law, Legal, Technology, Finance

Apply now »