Senior PCI QSA Consultant (PCI DSS v4.0 | GRC & Security Advisory)
We are looking for an experienced PCI Qualified Security Assessor (QSA) to lead enterprise PCI DSS compliance, assessment, and advisory engagements across complex environments.
This is a senior consulting role focused on delivering end-to-end PCI DSS assessments, guiding clients through RoC/AoC validation, and advising security leadership on compliance strategy, risk reduction, and secure architecture design.
What You’ll Do
You will act as a trusted PCI DSS advisor, leading:
- Full-cycle PCI DSS assessments (readiness, gap, and formal audits)
- Production of Reports on Compliance (RoC) and Attestations of Compliance (AoC)
- CDE scoping, segmentation, and validation strategies
- PCI DSS v3.x and v4.0 transition and impact assessments
- GRC advisory across NIST, ISO 27001, and HIPAA frameworks
- Executive-level risk and compliance reporting for CISOs and CIOs
What We’re Looking For
- Active PCI QSA certification (mandatory)
- Strong hands-on experience delivering PCI DSS assessments and RoCs
- Deep understanding of PCI DSS requirements, especially v4.0
- Experience with enterprise security and compliance programs
- Ability to translate technical findings into business and risk outcomes
- Strong client-facing consulting and communication skills
Nice to Have
- CISA, CISM, CRISC, CISSP certifications
- Experience with AWS, Azure, or Google Cloud Platform security assessments
- Knowledge of FAIR risk quantification
- Application security or SDLC governance experience
Why This Role
You will work on high-impact PCI DSS engagements, advising enterprise clients on complex security and compliance challenges while shaping their long-term risk and compliance posture.