Sr. Security Consultant - PCI Qualified Security Assessor
We are looking for a talented and experienced PCI Qualified Security Assessor (QSA) to join our growing PCI delivery team. If you're an individual who excels in challenging and changing environments and has a minimum of 2 years as a PCI QSA, we have an excellent opportunity for you.
As part of the Herjavec Group PCI, you will work with high-profile clients across multiple industries and collaborate with a team of highly-skilled QSAs and security consultants. As a subject matter expert, your role will include advising clients on PCI and information security to help mitigate potential security weaknesses before anything bad occurs. We work at our client sites, as well as remotely, therefore some travel is required.
The Sr. Security Consultant is a customer-facing consultant responsible for maintaining a high-quality experience and delighting our clients. The Security Consultant will be a subject matter expert in their area of expertise and will focus on delivering engagements to Herjavec Group's clients with a focus on quality. This role requires a minimum of 65% billable utilization.
The Sr. Security Consultant will provide subject matter expertise during consulting engagements, which includes assessing and defining a client's security capabilities in the policy, process, technology or organizational areas. The Sr. Security Consultant also identifies gaps and recommends cost effective best practices to manage client risk and increase their understanding of security and privacy risk and compliance. The Sr. Security Consultant is a subject matter expert in a specific security practice and provides technical leadership to their team and their projects.
- The provision and delivery of security consulting services in accordance with Herjavec Group methodologies:
- Leading or participating within the assigned professional services practice
- Travelling to customer sites;
- Collecting business and functional requirements at our clients
- Designing and construction processes;
- Presentation of findings to the customer
- Work in a collaborative team analyzing client issues and developing solutions
- Designing and implementation of processes, tools, hardware or software to meet requirements
- Planning and supporting clients in the business implementation of prepared changes
- Prioritize objectives and contribute to project planning and status reporting
- Understand existing client processes and controls with respect to electronic and non-electronic information security.
- Providing pre-sales assistance as required:
- Meeting with clients to determine requirements
- Working with clients to define the scope of a project
- Typical tasks involve:
- Carrying out research and data collection to understand the organization;
- Conduct analysis;
- Identifying issues and forming hypotheses and solutions;
- Interviewing the client's employees, management team and other stakeholders;
- Facilitating workshops as required;
- Present findings and recommendations to clients;
- Preparing business proposals and presentations
Required Skills and Experience
- Minimum 2 years of experience as a PCI QSA in good standing
- Minimum 5 years of experience in an Information Technology field
- Minimum 5 years of experience working in Information Security domains
- Minimum 5 years of experience measuring security controls, auditing, business processes, providing guidance, and/or related security consulting experience
- PCI QSA is required
- CISA and/or CISSP certifications is required
- Certifications in the Information Security or Audit realm is an asset
Desired Skills and Experience
- Demonstrated subject matter expertise in their specific practice and specialty
- Certification in area of specialty that demonstrates subject matter knowledge, if applicable
- Demonstrated ability to perform as a project technical lead