Qualified Security Assessment (QSA)
QSA PCI Assessment Responsibilities:
Senior Information Security & Compliance Consultant will provide practical recommendations around a wide range of technology and compliance drivers that include SDL, IT security, ISO, PCI-DSS, and HIPAA. The consultant will possess the following skills:
The MegaplanIT, LLC Senior Information Security & Compliance responsibilities shall include (but shall not be limited to) the following:
• Be able to multitask and work independently with minimum supervision to meet client deadlines. Must be flexible, proactive, quick to learn, and possess a can-do attitude.
• Excellent written and oral communication skills with the ability to express their thoughts clearly, know how to listen, and be able to contribute in a team environment.
• Proven experience in conducting enterprise risk and security assessments and IT audits with regard to policies, process and procedures design, and information security aspects of privacy and regulatory compliance.
• Be able to communicate compliance and information security and technology issues clearly to business and technical clients.
• Perform comprehensive PCI DSS, Trusted Advisory Service, Policy and Procedure Development ISO27001/27002, NIST 800-53/171 and HIPPA/HITECH assessment for MegaplanIT, LLC client’s.
• Develop reports that detail compliance gaps for all assessments including risk severity level, systems impacted, business risk summary, and recommendations for remediation for all findings.
• Create a roadmap to achieve full compliance prior to formal audit with prioritized remediation steps, estimated work efforts, and associated timelines. * Advise clients on how to achieve compliance. Review Report on Compliance with clients, provide guidance on remediation actions and advise services that could be of benefit with regard to industry trends around achieving compliance (i.e. technical solutions).
• Assist Business Development/Sales team by answering business and technical questions related but not limited to PCI DSS, PA-DSS, Trusted Advisory, ISO27001/27002, Policy and Procedures, Penetration Testing and HIPPA compliance
• Help oversee projects; this requires the ability to work with a diverse group of security professionals with various roles and responsibilities.
• Assist with developing and managing internal and external delivery processes, procedures, and methodologies.
• Assist in preparing reports and schedules that will be delivered to clients including project management.
Perform engagement tasks according to scope of work by:
• Driving the requirements gathering process.
• Developing customer-centric security solutions aligned with customer business objectives.
• Developing and implementing work plans, migration plans, and conversion scripts needed to integrate proposed solutions.
• Integrating security solutions in complex, mission-critical environments and documenting solutions according to client and MegaplanIT, LLC standards.
• Serve as a Subject Matter Expert, providing knowledge and assistance in a wide range of security and compliance fields
• Maintain expected levels of personal productivity and resource utilization by documenting and presenting a sound product and working with management to support booked engagements.
• Meet professional practice standards and demonstrate competence in core service areas.
• Develop and maintain positive relationships with client personnel.
• Maintain high morale by contributing to an effective, positive work environment.
• Act as a team participant who can work well with others and guide oneself through a professional development process, including timely completion of reviews and goal setting.
• Deliver work that meets or exceeds expectations based on a strong understanding of the client’s business and needs
• Maintain effective communication between other consultants, client stakeholders.
• Participate in industry conferences and professional organizations.
• Provide additional value for clients by offering constructive insights and consultative advice based on personal experience with the client, their industry, established standards, and leading practices.
• Demonstrate a high level of commitment to client success as shown by responding promptly to changes in client expectations both professionally and effectively.
• Obtain and maintain relevant certifications.
• Participate in discussions and meetings to scope and define projects appropriately.
Job Type: Full-time