PCI Qualified Security Assessor

Remote • Posted 3 hours ago • Updated 3 hours ago
Contract Independent
Contract W2
12 Months
No Travel Required
Remote
Depends on Experience
Company Branding Image
Fitment

Dice Job Match Score™

✨ Finding the perfect fit...

Job Details

Skills

  • PCI DSS
  • PCI QSA
  • Security Assessor

Summary

Role: PCI Qualified Security Assessor
Location: Remote, USA  (Preferably Long Island, NY)

Experienced PCI Qualified Security Assessor (QSA) Consultant to lead and deliver end-to-end Payment Card Industry (PCI DSS) advisory, assessment, and validation services.
This role focuses on guiding clients through PCI DSS compliance journeys, conducting formal validations (RoC/AoC), and providing strategic security advisory across GRC, application security, and cloud risk domains.
The ideal candidate will bring deep expertise in PCI DSS standards, audit execution, compliance strategy, and executive advisory, with the ability to translate regulatory requirements into actionable security and business outcomes.

keywords
PCI DSS Consulting & Assessment.
GRC & Security Framework Assessments

Preferred Skills : Proven experience as a PCI QSA (Qualified Security Assessor)

Must Have*
Strong working knowledge of:
PCI DSS requirements (v3.x and v4.0)
documentation

Certifications
PCI QSA
CISA
CRISC

Key Responsibilities

1. PCI DSS Consulting & Assessment (Core Function)
Lead end-to-end PCI DSS compliance engagements, including:
Gap assessments and readiness assessments
Formal audits and validation activities
Conduct PCI DSS assessments and produce:
Reports on Compliance (RoC)
Attestations of Compliance (AoC)
Advise clients on:
PCI DSS scoping and segmentation strategies
Compensating controls and requirement interpretation
Perform impact assessments for PCI DSS version upgrades, including:
Resource planning (people, tools, time)
Required architecture and system changes

2. GRC & Security Framework Assessments
Conduct compliance and maturity assessments across frameworks such as:
PCI DSS (primary focus)
NIST (CSF, 800-53, 800-171)
ISO 27001 / 27002
HIPAA and other regulatory standards
Perform:
Security program evaluations
Control gap analysis and remediation roadmaps

3. Application & Cloud Security Assurance (Optional)
Lead Application Security Certification (AppSec/AppCert) initiatives:
Black Box, Gray Box, and Crystal Box testing
SDLC maturity assessments aligned to OWASP SAMM
Conduct cloud risk assessments across:
AWS, Azure, and Google Cloud Platform
Evaluate:
Cloud configurations, identity controls, and data protection mechanisms

4. Executive Advisory & Cyber Risk Quantification (Optional)
Operate as a Security Program Advisor / Executive Consultant, providing:
Strategic compliance roadmap guidance
Risk posture insights to senior leadership
Utilize frameworks such as:
FAIR (Factor Analysis of Information Risk) for financial risk quantification
Support board-level and C-suite communications, including:
Risk reports
Compliance status dashboards

5. E-Discovery, Audit Support & Documentation
Support compliance and audit programs with:
Evidence collection and validation
Audit documentation and reporting
Develop:
Policies, standards, and procedures aligned with PCI DSS and GRC frameworks
Deliver high-quality audit artifacts and technical reports

6. Operational Technology (OT) & Specialized Assessments (Optional)
Conduct security assessments in OT/ICS environments, including:
Passive network monitoring and traffic analysis
Non-intrusive evaluation of control systems and networks
Required Skills & Experience

Core PCI Expertise
Proven experience as a PCI QSA (Qualified Security Assessor)
Strong working knowledge of:
PCI DSS requirements (v3.x and v4.0)
Cardholder Data Environment (CDE) scoping and segmentation

Experience producing:
RoC and AoC documentation
GRC & Compliance Skills

Hands-on experience with:
Security audits and compliance assessments
Risk management frameworks and control mapping

Familiarity with:
NIST, ISO 27001, HIPAA, and industry-specific standards
Application & Cloud Security (optional)

Experience in:
SAST/DAST testing methodologies
Secure SDLC governance

Exposure to:
Cloud platforms (AWS, Azure, Google Cloud Platform)
Cloud compliance frameworks and risk models
Tools & Platforms

Experience with:
App security tools (e.g., Burp Suite or equivalent)
Compliance and audit management tools
Risk quantification models (FAIR or similar)
Certifications (Required/Preferred)

PCI QSA certification (Required)

Preferred:
CISA (Certified Information Systems Auditor)
CISM (Certified Information Security Manager)
CRISC (Certified in Risk and Information Systems Control)
Additional cloud or security certifications are a plus

Soft Skills & Attributes
Strong stakeholder engagement with CISO, CIO, and board-level stakeholders
Ability to translate regulatory requirements into business-aligned outcomes
Strong technical writing and audit report development skills
Excellent communication and presentation skills
High attention to detail and structured problem-solving approach

Key Success Metrics
Successful delivery of PCI DSS certifications (RoC/AoC)
Quality and defensibility of audit outputs
Client satisfaction and repeat advisory engagements
Ability to drive measurable compliance posture improvements

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 91078931
  • Position Id: 9013483
  • Posted 3 hours ago

Company Info

About Laiba Technologies LLC

Laiba Technology is one of the premier US based IT company. Our corporate office is in USA ,Dubai ,India. We serve government and commercial clients . We provide Software Development,Revenue Cycle Management, Staff Augmentation ,Software Support ,Corporate training etc. We have staffed thousands of contract and full time positions across multiple industries and skill sets. We have steadily grown through word of mouth referrals.

Laiba Technology is one of the reliable and fastest growing Software company serving client globally across the world. The demand for SEO/SMO/PPC, website design and development services and Software solutions worldwide has helped fuel the rapid expansion of We are in international market, where there is great requirement for businesses to increase their online publicity to spur financial growth.

We offer several innovative learning methods and delivery models to cater the unique requirements of a global customer base.
We also provide corporate training's on various cutting edge technologies. We have a team of Certified Trainers with minimum 10+ years of Industry background. Our Training courses are for individuals as well as for corporate. We also undertake customization of the courses as per client requirement.

Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

It looks like there aren't any Similar Jobs for this job yet.

Search all similar jobs