Position is onsite for a candidate living on the East Coast.
What you will do…
- Experienced in contributing to projects for large and complex clients to meet their compliance obligations by evaluating their people, business, technology, and operations against security standards like the PCI DSS, SOX, ISO, or HIPAA.
- Leverage assessment and technical expertise to contribute input regarding top-level decisions on topics such as strategy and scope as well as deep and highly technical projects to include, but not limited to, security architecture, defense-in-depth, vulnerability management, penetration testing and overall enterprise security.
- Ability to adapt to dynamic and potentially challenging environments while providing consultative services to clients.
- Provide clear, organized, and prioritized findings and recommendations to clients and track progress towards resolution to meet compliance.
- Experienced in producing detailed, high-quality reports for clients and industry third parties like payment card brands and the PCI Security Standards Council.
- Learn and collaborate from our close-knit group as well as contributing your thoughts, tools, industry news or lessons learned.
- Infrastructure Security – Internal/External Penetration testing and assessment, Web Application Review Penetration testing results, PCI DSS requirement testing related compliance programs.
- Deliver the above services in North America and potentially in the other regions to support our business as needed.
You must possess the below minimum qualifications to be initially considered for this position. Qualifications listed as preferred or additional will be considered a plus factor for applicants.
- Bachelor’s degree in technology-related field, or in computer science or the equivalent
- Minimum of five (5) years’ experience in information security, security assessments, IT, or related disciplines
- Must be able to travel at least 50% throughout North America
- Security certifications are an asset: CISSP, CISA, PCI QSA
- Working knowledge of industry standards such as, ISO 27002,17799, ITIL, COBIT, NIST, PCI DSS, ISF and others
- Experience in leading assessments as well as customer interviews and presentations
- Strong knowledge of professional consulting model and ability to successfully deliver engagements
- Strong communication skills and interpersonal skills
Broad based understanding of se