Were looking for talented and experienced PCI Qualified Security Assessors (QSA) to grow our team. If youre an Information Security Consultant who excels in challenging and changing environments, and has recent experience working as a PCI QSA, we have an excellent opportunity for you.As part of the Control Gap team, youll work with high-profile clients in various industries and collaborate with a team of highly-skilled security consultants on challenging projects, large and small. We analyse, assess and design effective security controls to help clients achieve Payment Card Industry (PCI) compliance, privacy compliance, and to improve enterprise-wide security.As a subject matter expert, youll advise clients on data security to help prevent potential security breaches before they occur. We provide services onsite at our client sites and also remotely, therefore some travel should be expected.We value strong knowledge of information security controls and principles, privacy frameworks, the Payment Card Industry Data Security Standard (PCI DSS). You also must have exceptional written and verbal skills with real world work experience as a consultant.Our intent is to have you grow with us while maintaining your elite Payment Card Industry Qualified Security Assessor (PCI QSA) certification, and other valuable industry security and audit related certifications.Our people are our most valuable assets and we believe in fostering career development and growth opportunities for every individual on our team. We also offer a competitive benefits package and an excellent work environment that encourages team work.ResponsibilitiesConducting various information security, compliance assessments, analyses, and providing advice and consultation (e.g. Report on Compliance, Risk Assessments, Gap Analysis, and more)Lead meetings, chair conference calls, action follow-ups, and proactively interact with clients to move projects forward to ultimate completionCreating professional reports for our clients that detail your assessment findings, and your adviceConsulting with clients to help them understand our findings and their remediation optionsProviding advisory and input on security architecture with regards to PCI, Privacy, and Cyber SecurityAssisting our sales team with pre-sales activities, proposal creation, needs analysis, and solution designAttending industry events and leading webinarsWorking with multiple clients on a number of projectsWriting summaries and executive briefsTravel to company offices and client work sites across Canada Education And Work ExperienceDegree in Information Security or related field is an assetMinimum 2 years of experience as a PCI QSA in good standingMinimum 5- 7 years of experience in an Information Technology fieldMinimum 5- 7 years of experience working in Information Security domainsMinimum 5-7 years of experience measuring security controls, IT auditing, business processes, providing advice, and/or related security consulting experience Industry CertificationsPCI QSA, PCI PA-QSA, PCI P2PE, or PCI ISA is requiredCISA and/or CISSP certifications is an assetMultiple industry certifications in the Information Security/Audit is an asset Technical SkillsAbility to lead PCI Reports on Compliance assessments individually or with a team, including CDE scoping, assessment planning, governance reviews, onsite assessment activities, status reporting, report writing, and managing customer resources with the support of our project management teamExperience with Information Technology systemsExperience with various information security concepts, including; network and wireless security, application security, industry best practices, systems hardening, data encryption, data privacy, incident response, business continuity, physical security, risk assessments, vulnerability scanning, penetration testing, file integrity monitoring, log monitoring, and documented security governance controls (i.e. policies, processes, standards, procedures)Experience with a variety of security products and technologiesExperience with industry best practices and standards such as CIS and NIST, including security hardening techniquesGood understanding of Unix, Linux, Windows and database server configurationsGood understanding of networking systems configurations, including firewallsGood understanding of application architecture, software development lifecycle processes, including secure coding techniquesGood understanding of server virtualization technologies, including AIX, ZOS, and SAN storage systems Soft SkillsExceptional customer service, communication and interpersonal skillsStrong written and verbal communication skills.Strong organizational skillsHonesty and integrityDedication to providing solutions to meet or exceed client's needs and expectationsAbility to handle challenges and project work loadsCompany paid medical and dental benefits and wellness planCompany paid continuing professional education and certification maintenance4 weeks of paid vacation, with 5 weeks of paid vacation after 5 years of serviceCompany team building events throughout each yearRRSP contributionControl Gap offers custom-built state of the art tools and a proven processes that allows our assessors to be comfortable, efficient, and organized while providing excellent audit quality. Work OptionsYou must possess reliable transportation to travel to company offices and to client work sitesFlexible work options, including working from home or Fully remote.IndustryIT Services and IT ConsultingEmployment TypeFull-time
Job Title
Assessor qualified security assessor (QSA)