PCI DSS Expert

PCI DSS Expert

Client: General Services Administration (GSA)

POP: 12+ months

Location: Remote; Must report on-site if local to Reston, VA

SCOPE

Ensure compliance with PCI DSS requirements to protect cardholder data and maintain secure payment environments. This role involves assessing systems, guiding remediation efforts, and advising on best practices for data security. This person should possess a strong foundation in cybersecurity, regulatory compliance, and risk management.

REQUIRED SKILLS

• In-depth knowledge of cybersecurity: Understanding the latest threats and how to protect against them.
• Regulatory compliance: Familiarity with PCI DSS and other relevant regulations.
• Risk management: Ability to assess and mitigate risks associated with payment card data.
• Proficiency in tools and technologies used in cybersecurity and compliance.
• Strong analytical skills to navigate complex regulations and interact with stakeholders.
• Effective communication to convey complex information to technical and non-technical stakeholders.

PREFERRED SKILLS

• Prior experience working with QSA firms or in a regulated financial environment.
• Hands-on involvement in PCI DSS compliance lifecycle from assessment to certification.
• Knowledge of cloud security and third-party vendor risk management.

TASKS

• Assessment of the environment supporting cardholder data to validate compliance with PCI DSS v4.0.
• Attestation of Compliance (AOC): Preparation and submission of deliverables acceptable to both the client and payment card brands.
• Remediation Support and Validation Testing: Review of evidence, validation of corrective actions, and retesting where necessary.
• Advisory Support: Guidance on scoping, segmentation, encryption, and logging to ensure continuous compliance.