Senior Associate with PCI, IAS Services

Remote Atlanta, Georgia Accountingfly

Information Assurance Services (IAS) Senior Associate needed to help lead the client delivery relationships for the PCI DSS Practice. The IAS practice is growing 30% per year! 

This individual in this role will:

  • Help lead client delivery relationships for the PCI DSS practice
  • Ensure high-quality delivery for client engagements
  • Manage client relationships
  • Manage client staffing and delivery
  • Help to grow the IAS practice
  • Helping to lead and develop talent
  • Have strong technical & project management skills

Essential Duties and Responsibilities

  • The QSA Assessor supports PCI Compliance & Risk Assessment project initiatives by undertaking risk assessments, advising on the implementation of security measures, recommending appropriate risk mitigations, interpreting security policy and standards in the context of projects and business scenarios to help the business operate securely
  • This role has a significant component in defining security requirements and ensuring that all projects meet these requirements, or that exceptions and issues are noted and remediated as appropriate.
  • This position may require the ability to travel approximately 15% of the time
  • Responsible for maintaining QSA certification and understanding of PCI data security compliance with the Payment Card Industry Data Security Standard as published by the PCI Security Standards Council and other security certifications
  • Provide technical expertise during PCI DSS Scoping, Network Architecture Review, Data Flow understanding for a Card Environment & highlight risks to clients
  • Assess existing controls to determine level of compliance to the PCI DSS standard, inclusive of their maturity, state of compliance, and their level of protection and any underlying risks to client business
  • Lead PCI-DSS & SAQ assessments for clients, coordinate & lead onsite testing (Technical Walkthroughs), raise exceptions with clients, review and confirm the remediation, provide guidance to client for completing Compensating Control Worksheet (CCW) in case of open exception
  • Create the PCI DSS ROC (Report on Compliance) and AOC (Attestation on Compliance). Submit it for Quality Assurance check and submit the AOC to Card Brands in timely manner
  • Manage assurance reporting & related documentation in Aprio Document Repository
  • Keep abreast of any and all changes in PCI DSS and relevant standards

Qualifications Needed   

  • A university degree in Computer Science, Engineering, or a field that relates to the role
  • Work experience with an undergraduate degree is acceptable in place of a graduate degree
  • Public Accounting (5+ years) or equivalent experience including consulting and/or auditing experience
  • Security certification such as CISSP, CISA, CISM, SANS GIAC – GSNA, ISO27001 Certified Lead Implementer/Lead Auditor/Internal Auditor.
  • PCI QSA required
  • Five (5) + years of Information Security experience in Security Governance, Risk and Compliance practices, and methodologies
  • Experience with performing cybersecurity assessments and familiarity with industry cybersecurity tools or experience auditing systems
  • Experience in security hardening techniques and policy development, particularly with regards to secure software development methodologies and process
  • Previous experience in PCI-DSS compliance program including pre-assessment or assessment and gap remediation programs

What’s in it for you:

  • Competitive compensation and excellent benefits
  • Work with an industry leader
  • Growth opportunities
  • Hidden
  • Max. file size: 128 MB.

By clicking 'Send Application' you agree to receive periodic emails of cloud and remote jobs from Accountingfly. You can unsubscribe at any time.

  Apply with Google   Apply with Twitter
  Apply with Github   Apply with Linkedin   Apply with Indeed
  Stack Overflow