Principal Consultant, PCI QSA | Remote US

What You'll Do

• Lead assessment teams on enterprise clients.
• Lead audits/assessments including audit/assessment plan preparation, review of documentation and evidence, evaluation of procedures, and client interviews.
• Prepare, review, and approve audit/assessment reports.
• Work closely with clients to assess their IT security posture and identify weaknesses and vulnerabilities in relation to the relevant security framework for the practice.
• Manage priorities, tasks and hours on projects in conjunction with the project manager to achieve delivery utilization targets, and the completion of the project on time and budget.
• Ensure quality products and services are delivered on time.
• Escalate client and project issues to management in a timely manner to inform and engage the necessary resources to address the issue.
• Provide mentorship to team members in areas of audit, assessment, technical review and writing.
• Develop tools, documents and methods for use by others to perform assessments more efficiently.
• Interface with clients through entire engagement, interacting will all levels of client organizations. Establish and maintain positive collaborative relationships with clients and stakeholders
• Continuous professional development in maintaining industry specific certifications. Maintains strong depth of knowledge in the practice area.
• Collaborate with project managers, quality management, sales and other delivery team members to drive customer satisfaction and meet project deliverables.
• Establish account relationships and identifies upsell and cross sell opportunities and escalates to the Account Director
• Travel 25-50%

What You'll Bring

• Must have current PCI-QSA certification
• Bachelor’s degree (four-year college or university) or equivalent combination of education and work experience.
• Five or more (5+) years of experience in an IT Security Audit and/or Compliance role
• Experience preparing and presenting Reports on Compliance (ROCs)
• Experience working on large enterprise assessments in the Financial Services sector
• Knowledge of and experience performing IT security risk assessments, gap analysis, and assessments against relevant regulation and frameworks
• Experience with one or more IT security compliance frameworks, such as PCI, FISMA, HIPAA, FedRAMP, or HITRUST
• Experience interacting with management in a consultative manner
• Strong attention to detail
• Strong problem solving, decision making, organizational and analytical skills
• Ability to prioritize and manage multiple initiatives/projects.
• Ability to be self-driven and have strong independent initiative.
• Ability to build high-trust relationship and credibility quickly
• Strong technical abilities across a variety of platforms and technologies.
• Strong IT understanding with respect to networks, servers, workstations, and applications
• Strong written and verbal communication skills including the ability to explain technical matters to a non-technical audience
• Strong consulting skills with executive leadership and technical professionals; ability to advise and challenge the status quo while building strong relationships
• Strong Microsoft Excel skills with ability to develop worksheets with complex formulas
• Ability to facilitate meetings of small or large groups
• Diplomatic and broad minded