PCI Quality Security Assessor (QSA)

We are in search of skilled and experienced Qualified Security Assessors (QSA) to join our team and contribute to our growth. If you are an Information Security Consultant who thrives in dynamic environments and has recent experience as a QSA, we have an outstanding opportunity for you. You will collaborate with highly proficient security consultants on diverse projects for prominent clients across various industries. Our work involves analyzing, assessing, and designing robust security controls to aid clients in achieving Payment Card Industry (PCI) compliance, privacy compliance, and enhancing overall enterprise security.

• Conducting various compliance assessments, including Report on Compliance (ROC) and Self Assessment Questionnaire (SAQ), and providing advice and consultation, including risk assessments and gap analysis.
• Leading meetings, chairing conference calls, following up on action items, and actively engaging with clients to advance projects to completion.
• Creating professional reports detailing assessment findings and advice for clients.
• Consulting with clients to ensure comprehension of findings and explore remediation options.
• Offering advisory input on security architecture in relation to PCI.
• Assisting the sales team with pre-sales activities, proposal creation, needs analysis, and solution design.
• Participating in industry events and leading webinars.
• Crafting summaries and executive briefs.
• Traveling to company offices and client work sites across Canada and the United States.

• Degree in Information Security or a related field is advantageous.
• Minimum of 2 years of standing as a PCI QSA.
• Minimum of 5-7 years of experience in Information Technology.
• Minimum of 5-7 years of experience in Information Security domains.
• Minimum of 5-7 years of experience in measuring security controls, IT auditing, business processes, providing advice, or related security consulting.
• Ability to lead PCI Reports on Compliance assessments individually or with a team.
• Experience with Information Technology systems.
• Experience with a variety of security products and technologies.
• Familiarity with industry best practices and standards such as CIS and NIST, including security hardening techniques.
• Good understanding of application architecture, software development lifecycle processes, including secure coding techniques.
• Good understanding of server virtualization technologies, including AIX, ZOS, and SAN storage systems.
• Certifications: PCI QSA, PCI PA-QSA, PCI P2PE, or PCI ISA.