PCI-DSS Assessor
Remote- Houston, Texas, United States
IT Staffing
Job description
This position can be entirely remote and we can generally support a W2 or C2C relationship.
We are seeking a highly skilled and experienced PCI-DSS Assessor with deep expertise in the Payment Card Industry Data Security Standard (PCI-DSS) and a comprehensive understanding of the recently released PCI-DSS 4.0 standard. The ideal candidate will have a strong background in conducting assessments, audits, and compliance reviews, with a focus on implementing and evaluating the risk-based approach introduced in PCI-DSS 4.0. As a PCI-DSS Assessor, you will play a critical role in assessing our clients' information security systems, identifying vulnerabilities, and providing recommendations to enhance their overall security posture.
Job requirements
Responsibilities:
- Conduct comprehensive assessments of clients' information security systems, processes, and controls to determine compliance with PCI-DSS 4.0 standards.
- Review and evaluate clients' documentation, policies, and procedures to ensure alignment with PCI-DSS requirements, including the risk-based approach.
- Perform technical evaluations of clients' network infrastructure, applications, and systems to identify vulnerabilities and potential security risks.
- Collaborate with clients' teams to gather necessary evidence, interview key stakeholders, and conduct on-site inspections to validate compliance with PCI-DSS standards.
- Prepare detailed assessment reports, highlighting findings, observations, and recommendations for remediation or improvements based on the risk-based approach.
- Provide guidance and expertise to clients regarding the implementation of security controls and best practices to achieve and maintain compliance with PCI-DSS 4.0.
- Stay up to date with industry trends, emerging threats, and changes in the PCI-DSS framework, including the transition to a risk-based approach.
- Assist clients in developing remediation plans and monitoring their progress towards achieving compliance with PCI-DSS 4.0.
- Act as a subject matter expert and trusted advisor to clients, offering guidance and recommendations on security best practices, vulnerability management, and risk mitigation strategies.
Qualifications:
- Deep understanding and practical experience with the Payment Card Industry Data Security Standard (PCI-DSS) framework, with a focus on the recently released PCI-DSS 4.0 standard and the risk-based approach.
- Proven experience in conducting PCI-DSS assessments, audits, or compliance reviews, preferably within a consulting or professional services environment.
- Strong knowledge of information security principles, best practices, and regulatory requirements.
- Familiarity with industry-recognized security frameworks, such as ISO 27001, NIST Cybersecurity Framework, or COBIT.
- Excellent technical skills, including the ability to assess network architecture, application security, and data protection controls.
- Proficient in conducting interviews, gathering evidence, and performing on-site inspections to validate compliance.
- Exceptional analytical and problem-solving abilities to identify vulnerabilities and recommend appropriate remediation measures.
- Excellent written and verbal communication skills, with the ability to clearly articulate complex security concepts to technical and non-technical stakeholders.
- Professional certifications such as PCI-QSA, CISSP, CISA, or CISM are highly desirable.
- Strong attention to detail and the ability to manage multiple projects simultaneously.
If you are a dedicated professional with deep knowledge of the PCI-DSS 4.0 standard, experience in conducting assessments, and a passion for helping organizations achieve and maintain information security compliance, we invite you to apply for the position of PCI-DSS Assessor. Join our team and contribute to the security of our clients' payment card systems in this rapidly evolving landscape.
or
All done!
Your application has been successfully submitted!