ISSCA PCI QSA Consultant - ISP

Join a dynamic Industry Security Standards Certification Assurance (ISSCA) team as an ISSCA PCI Qualified Security Assessor (QSA) Consultant. 

In this multifaceted role, you'll provide expert guidance on PCI compliance while ensuring the organisation maintains a record of 100% compliance. You'll collaborate with internal stakeholders, act as an internal Compliance Manager, and support various compliance frameworks such as ISO 27001 and Cyber Essentials. 

With opportunities to engage with diverse business units and industries, including e-commerce, retail, and contact centers, you'll play a vital role in protecting our client's interests and upholding our commitment to security excellence.

Responsibilities:

• Support the ISSCA team in preserving PCI compliance and navigating other compliance frameworks like ISO 27001 and Cyber Essentials.
• Offer detailed compliance expertise for internal business processes, including supplier relationships, where our client acts as a Merchant or Service Provider.
• Assist in evaluating customer contracts with compliance obligations, enabling informed risk and cost decisions by account managers and BID teams.
• Stay abreast of upcoming compliance framework changes and advocate for necessary investments to maintain compliance standards.
• Identify and deliver education and training opportunities to enhance our client's compliance posture.
• Continuously improve our client's overall compliance posture and assist with scoping and scheduling assessments and audits across the organization.
• Mentor fellow ISSCA team members and occasionally travel, including international trips.

Skills/Must have:

• Active PCI QSA certification for a minimum of 5 years, accompanied by CISSP, CISA, or CISM certification, or valid ISO 27001 Lead Auditor & Lead Implementer certifications.
• Experience conducting Assessments & Reviews based on compliance frameworks such as PCI DSS, ISO 27001, and Cyber Essentials.
• Proficiency in Enterprise, Hybrid, and Cloud environments, with cloud certifications (e.g., AWS) highly desirable.
• Familiarity with various products and technologies, including Cloud, Virtualization, Network Firewalls, Mobile Applications, Web Application Firewalls, Antivirus Solutions, encryption technologies, and software development life cycles.
• Understanding of web/mobile application security and expertise in implementing best practices.
• Knowledge of current web/mobile application development methods and solutions like DevOps, DevSecOps, microservices, CI/CD, Infrastructure as Code, etc.
• Proficiency in fundamental programming languages (e.g., JavaScript, Python), APIs, and SDKs, with the ability to confidently present to internal and external stakeholders at all levels.

Benefits:

• Competitive salary of £80,000 per annum
• 10% on-target bonus
• Pension scheme with a minimum 5% employee contribution and 10% employer contribution
• 25 days annual leave (excluding bank holidays), with increasing entitlement based on service
• Flexible benefits including cycle to work, healthcare, season ticket loan
• World-class training and development opportunities
• Discounted broadband, mobile, and TV packages
• Access to hundreds of retail discounts 

Join in shaping the future of cybersecurity and compliance in the Network & Cyber Security industry. Take advantage of this exciting opportunity to make a meaningful impact and further your career with us. Apply now to join the team!