Senior Information Security Consultant, QSA

Sr. Information Security Consultant (QSA) (US - Remote)

What to expect when you join the Sikich family

Team members at Sikich have a lot in common while also being part of a rich and diverse group of contributors, creating a distinct and thriving culture. Chief among our commonalities is a desire for growth and a shared unity of purpose in our professional lives. We believe that through diverse perspectives, challenging the status quo and rewarding action, we accelerate innovation and drive growth – for our clients, for ourselves and for our communities.

Are you an experienced information security professional looking to make a significant impact? Join our dynamic team as a Sr. Information Security Consultant (QSA)! This remote, full-time role offers the opportunity to assist clients in meeting their compliance obligations by evaluating business technology and operations against top security standards like PCI DSS, NIST, and CMMC.

Position Summary

You'll produce detailed, high-quality reports, take ownership of projects from start to finish, and mentor other consultants on best practices. As a Subject Matter Expert, you'll help clients develop and maintain robust security programs, execute control reviews, and contribute to top-level strategy decisions. Your expertise will drive high-quality standards and client satisfaction.

Responsibilities include:

• Assist clients in meeting compliance obligations by evaluating business, technology & operations against security standards (ex. PCI DSS, NIST, CMMC).
• Produce detailed, high-quality reports for clients & industry third parties (ex. payment card brands & the PCI Security Standards Council).
• Take ownership of project work, such as a PCI DSS assessment, from start to finish including deliverables and work product.
• Act as a mentor and coach for other consultants on PCI compliance and security best practices.
• Serve as a SME to Sikich customers assisting them with developing and/or maintaining their security program.
• Develop and maintain technology related policies, procedures, and standards that address requirements related to strategies, regulations, business & technology risks, and industry standards.
• Execute control reviews across technology and business teams to address risk and compliance against various industry and technology frameworks outside of the PCI DSS (i.e., SSAE18 SOC2; NIST Cybersecurity Framework, CIS, and ISO27001).
• Contribute to assessment methodology, project planning, reporting, budgeting, and scheduling.
• Provide clear, organized findings & recommendations to clients & be able to track progress towards resolution.
• Analyze requirements & work closely with team members to produce results aligned to client needs.
• Work closely with the project team to ensure high-quality standards.
• Efficiently juggle several concurrent client projects at any given point in time.
• May require some domestic & international travel to client sites & events (up to 25%).

What do you need to succeed in this role?

• Must have a minimum of three years’ experience performing security assessments for PCI compliance as a QSA.
• Current QSA certification from the PCI Security Standards Council, or ability to obtain it within one month of hire.
• Audit or security certifications (e.g., CRISC, CRMP, CISSP, CISM, CISA) preferred.
• Strong demonstrated experience in assessing, developing, and implementing cybersecurity risk management programs that integrate with Enterprise Risk Management within an organization.
• Strong analytical & problem-solving skills, with excellent written & verbal communication skills.
• Ability to work independently and collaboratively with clients and team members and manage multiple projects and deadlines.
• Willingness to travel up to 50% of the time to client sites, as needed.

About Sikich

Sikich is a global company specializing in Accounting, Advisory, and Technical professional services. With employees across the globe, Sikich ranks as one of the largest professional services companies in the United States. Our comprehensive skillsets, obtained over decades of experience as entrepreneurs, business owners and industry innovators, allow us to provide insights and transformative strategies to help strengthen every dimension of our clients’ businesses.

In compliance with this state’s pay transparency laws, the midpoint of the salary range for this role is $123,150. This is not a guarantee of compensation or salary, as final offer amount may vary based on factors including but not limited to experience and geographic location.

Sikich is an Equal Opportunity Employer M/F/D/V.