Cybersecurity Professional Services Consultant

Overview

On Site
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 1 Year

Skills

Cyber Security
Professional Services
UI
Information Technology
Network
Microsoft
Tier 1
Cloud Computing
Recruiting
Partnership
Communication
Compliance Management
Gap Analysis
Roadmaps
Sourcing
TM
Network Design
Policies and Procedures
Auditing
DSS
Training
Documentation
Incident Management
Finance
PCI DSS
Regulatory Compliance
Payment Card Industry
QSA
Proposal Writing
GSA
IBM WebSphere MQ
Oracle Linux
PASS
Security Management
Threat Analysis
Entity Framework

Job Details

CCS Global Tech is a rapidly growing Information Technology company with a diverse portfolio of technology products and services and a large network of industry partnerships. With over 22 years of being a successful business with a global talent pool and presence, CCS is a certified Microsoft Gold Partner and specializes in delivering expert Microsoft based solutions for technical and business needs. We have been recognized by Inc. 500 Magazine as one of the fastest growing small companies in the Unites States.
we are a Tier 1 vendor for the City and County of San Francisco for Cloud Services, Staffing Services and Training Services. For this multi-year opportunity with a diverse set of needs to address, we are currently focusing on establishing partnerships with individuals as well as companies who can help us enhance our overall service portfolio, cut lead times, and ultimately help us deliver successfully. We currently hold sizable Government accounts in the San Francisco bay area including City and County of San Francisco, San Mateo County, and Santa Clara County.
We take great pride in our global reach and local influence. Your experience alongside our highly skilled and talented internal team who guide you along the way, offers key insights into what helps you stand out in a competitive job market.
If you are a partner company, please submit resumes with contact information of your own W2 Consultants only. Submitted consultants are expected to have excellent communication skills.

Roles/Responsibilities:

  1. Task 1: PCI-DSS Compliance Management

Task 1 Deliverables:

  1. Conduct a comprehensive gap analysis of current PCI controls against PCI DSS v4.0+ requirements.

  1. Develop a prioritized remediation roadmap identifying control gaps, owners, and resolution timelines.

  1. Facilitate and submit quarterly vulnerability scans Sourcing Event SFGOV- TM P-690

  1. Provide annual attestation of Compliance (AOC) and signed SAQ-D documentation prepared and reviewed by a certified Qualified Security Assessor (QSA)

  1. Advise on secure network architecture and changes that could impact PCI scope or posture.

  1. Task 2: Documentation, Policies, and Procedures

Task 2 Deliverables:

  1. Create and update all PCI- required policies and procedures in alignment with DSS requirements.

  1. Provide templates and process documentation to support audit readiness

  1. Assist departments with creating tailored operational procedures for each PCI control.

  1. Task 3: Stakeholder Training, and Engagement

Task 3 Deliverables:

  1. Deliver two (2) live annual staff training workshops (hybrid or onsite) covering PCI awareness and new DSS requirements.

  1. Provide department-specific training modules and role-based documentation.

  1. Task 4: Incident Response Planning

Task 4 Deliverables:

  1. Review, update, and test the Airport's PCI incident response plan

  1. Facilitate one (1) tabletop exercise annually and provide a post-incident improvement plan.

Mandatory Skills:

  1. MQ1- Proposer must have successfully completed a minimum of three (3) PCI-DSS consulting or assessment projects within the past five (5) years. Each project must include:

  • Client name and type (e.g., government agency, airport, financial institution, etc.)

  • Project duration (start and end dates)

  • Scope of work and deliverables provided

  • Contact information for a client reference (name, phone, and email)

  • Client organization must be similar in size and scope to SFO

  1. MQ2- Proposed consultants must each have a minimum of eight (8) years of hands-on experience performing PCI-DSS compliance engagements, including:

  • Gap assessments

  • Remediation guidance

  • SAQ/ROC preparation

  • Ongoing advisory for maintaining compliance

  1. MQ3- Each consultant proposed for this engagement must:

  • Hold a current, valid PCI Qualified Security Assessor (QSA) certification

  • Provide a copy of their QSA certificate with the proposal

  1. MQ4- Candidates must be willing and able to work onsite at SFO for key activities. Proposers must include all associated travel costs in their hourly rate structure per federal GSA CONUS guidelines.

  1. MQ5- All proposed consultants must:

  • Be a citizen of the United States, Canada, the United Kingdom, Australia, or New Zealand

  • Be legally authorized to work in the United States

  • Successfully pass a Transportation Security Administration (TSA) threat assessment and any background checks required to obtain an SFO badge

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

About CCS Global Tech