Senior Security Consultant

  • Category: Security Services
  • Team: Global Compliance & Risk Services
  • Location: open, United States Chicago, Illinois

Description

Position at SecureTrust

SecureTrust, a Trustwave division, leads the industry in innovation and processes for achieving and maintaining compliance and security. SecureTrust delivers world-class consulting, compliance and risk assessment services and solutions for the enterprise market as well as tailored merchant risk management programs and solutions for merchant program sponsors around the globe. For more information, visit www.securetrust.com.

Senior Security Consultant (PA-DSS/P2PE)

Responsibilities:

  • Lead customer engagements and be responsible for project execution by providing information security consultation and assessment services.
  • Be main point of contact for client information security engagements including working co-ordination and project management (client interaction, deliverables, work plans, escalation's, etc.)
  • Grow the business by identify up-sells with existing and potential clients.

Required Skills and Experience:

Must be an active PA QSA and hold PCI QSA & PA-DSS QSA certificate.  

Following experiences is required:

The candidate must have an overall experience of at least 3 years in secure application development, source-code review, application testing and cryptography 

Must also hold at least 1 year of experience in each of the following:

  • Experience conducting application testing and source-code reviews
  • Experience performing web vulnerability assessments, performing application penetration testing, experience using penetration testing methodologies including the use of forensic forensic tools/methods
  • Experience creating source code per OWASP or other secure coding guidelines
  • Experience with exploiting OWASP vulnerabilities and executing arbitrary code to test processes
  • Experience with cryptographic techniques such as cryptographic algorithms, key management and rotation processes, and secure key storage

Desired Skills and Experience:

  • Bachelors degree in Computer Science or related field; will consider candidates with ten or more years of relevant industry experience in lieu of Bachelors Degree
  • Current or former PA-DSS certification and/or P2PE-QSA
  • Extensive knowledge of PCI PA-DSS requirements and validation methodologies
  • Experience in a professional services environment
  • Experience working with financial institutions
  • Deliver consulting projects sold per Statement of Work or direction from management
  • CISSP or CISA certification preferred
  • Solid background auditing IT Security controls
  • Experience presenting to Senior / Executive Management
  • Deep understanding of IT infrastructure, information security, and PCI compliance.
  • Experience with Level 1 Merchants

Education:

We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

 

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

  

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

 

Share this opportunity

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit www.trustwave.com.

To All Agencies: Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.