PCI Compliance Consultant

PCI Compliance Consultant at TestPros

TestPros, established in 1988, is a successful and growing business providing Information Technology (IT) technical support services to a wide range of Commercial and U.S. Federal, State, and Local Government customers. We deliver innovative independent IT assessment solutions to critical challenges, supporting clients within the continental USA, dedicated to making lives better, safer, and more secure.

This position is for a PCI Compliance Consultant, offered on a part-time basis (as needed, 1099 or Corp. to Corp). The role is entirely remote, and U.S. Citizenship is required. No security clearance is necessary.

Responsibilities and Duties

As a PCI Compliance Consultant, you will serve as a Payment Card Industry (PCI) Subject Matter Expert (SME), providing consulting, assessment, and report writing support for the PCI Data Security Standard (PCI DSS) and other applicable PCI Council standards. Your key responsibilities will include:

• Conducting internal assessments in partnership with information security officers, application owners, and service owners.
• Assisting with PCI-DSS compliance tasks, including evidence preparation, gathering, and review, aligned to PCI-DSS requirements.
• Leading end-to-end internal assessments based on PCI DSS requirements.
• Managing team communications and ensuring visibility into the status of deliverables.
• Obtaining ISA certification within 12 months if not already current.

Required Qualifications & Skills

The ideal candidate possesses excellent communication and interpersonal skills, a solid foundational understanding of process, relationship, and program management, and is a highly-motivated, self-starting professional. You must have a profound understanding of PCI DSS requirements and testing methodology (version 3.2.1 and above). Additionally, you should be detail-oriented, results-focused, and have a proven track record of driving tasks to completion. Strong teamwork abilities are essential for efficient cross-functional collaboration.

• At least 4 years of experience supporting or leading a Level 1 or Level 2 organization's PCI-DSS compliance effort, working with ISA or QSA.
• At least 1 year of experience with public Cloud systems and on-premise infrastructure or systems.
• At least 1 year of experience developing and implementing PCI policies, standards, and procedures.
• At least 1 year of experience supporting, maintaining, and implementing security for a large organization assessed against PCI-DSS Level 1 or 2.

Preferred Qualifications

• Bachelor’s Degree.
• PCI QSA or ISA certification.
• CISSP, GIAC, CEH, or Security+ certification.
• AWS Cloud Practitioner or Solutions Architect certification.

Professional Certifications

Highly valued certifications include:

• ISA (PCI SSC Internal Security Assessor)
• QSA (PCI Qualified Security Assessor)
• PCIP (Payment Card Industry Professional)
• CISSP (Certified Information Systems Security Professional)
• CISM (Certified Information Security Manager)
• GX-PT (GIAC Experienced Penetration Tester)
• GCIA (GIAC Intrusion Analyst)
• Other GIAC certifications

Key Skills/Competency

• PCI DSS Compliance
• Information Security
• Risk Assessment
• IT Audit
• Cloud Security
• Policy Development
• Report Writing
• Program Management
• Evidence Gathering
• Security Consulting