Networking People
,
London, Greater London
Senior Cyber Security Consultant-PCI QSA/Risk Advisory-Remote
Overview
Senior Cyber Security Consultant - PCI QSA / Risk Advisory Home based with travel My client is a fast-growing cyber security consulting firm that offers a broad range of cyber risk advisory services. They have positioned themselves successfully in the market as they are already industry-leading and award-winning working with government bodies, FTSE 100 companies and other blue-chip brands. They are now expanding the GRC Team and are in the market looking for a PCI QSA with a broad cyber risk background. Responsibilities of PCI QSA Expert: Consulting and Cyber Risk Advisory Services - Conducting gap analysis and risk assessments related to multiple information security frameworks such as PCI DSS, ISO27001 and GDPR and ensuring information risks are adequately addressed with stakeholders (internal and external) at all levels, as required. Creating professional reports for our clients that detail assessment finding Document the information risk management strategy Work closely with technical teams and the Qualified Security Assessor (QSA), to ensure correct and common understanding of PCI requirements, provide advice and review technical designs Scope, procure and organise regular quarterly vulnerability scans; penetration tests/IT health checks Provide advice for the management of risks that you have identified Share knowledge, coach and mentor other members of the information services team to raise the bar and maintain the necessary collateral to promote user education & awareness Experience and Expertise required Experience in managing PCI and ISO 27001 compliance Experience of delivering reports to customers and stakeholders on services Experience working for a consulting firm is essential A broad range of cyber and information security and risk management expertise Experience of security architecture and system design and the security controls needed to protect these services and the data that they process and store An understanding of the Data Protection Act and GDPR and be experienced in ensuring compliance An understanding of UK and international, legal and regulatory requirements that could affect organisational security and assurance policies Industry best practices for privacy, security and information risk management Experience of information security/application vulnerabilities, their effective treatment/mitigation and the level of risk they introduce Networking People (UK) is acting as an Employment Agency in relation to this vacancy. This job was originally posted as www.cwjobs.co.uk/job/89959996