Summary: The Senior PCI QSA Consultant role involves leading enterprise PCI DSS compliance and advisory engagements in complex environments. This senior consulting position focuses on delivering comprehensive PCI DSS assessments and guiding clients through compliance strategies and secure architecture design. The consultant will act as a trusted advisor, producing essential compliance reports and providing risk and compliance insights to executive leadership. The role requires a strong understanding of PCI DSS requirements and excellent client-facing skills.
Key Responsibilities:
- Full-cycle PCI DSS assessments (readiness, gap, and formal audits)
- Production of Reports on Compliance (RoC) and Attestations of Compliance (AoC)
- CDE scoping, segmentation, and validation strategies
- PCI DSS v3.x and v4.0 transition and impact assessments
- GRC advisory across NIST, ISO 27001, and HIPAA frameworks
- Executive-level risk and compliance reporting for CISOs and CIOs
Key Skills:
- Active PCI QSA certification (mandatory)
- Strong hands-on experience delivering PCI DSS assessments and RoCs
- Deep understanding of PCI DSS requirements, especially v4.0
- Experience with enterprise security and compliance programs
- Ability to translate technical findings into business and risk outcomes
- Strong client-facing consulting and communication skills
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: Other
Senior PCI QSA Consultant (PCI DSS v4.0 | GRC & Security Advisory)
We are looking for an experienced PCI Qualified Security Assessor (QSA) to lead enterprise PCI DSS compliance, assessment, and advisory engagements across complex environments.
This is a senior consulting role focused on delivering end-to-end PCI DSS assessments, guiding clients through RoC/AoC validation, and advising security leadership on compliance strategy, risk reduction, and secure architecture design.
What You’ll Do
You will act as a trusted PCI DSS advisor, leading:
- Full-cycle PCI DSS assessments (readiness, gap, and formal audits)
- Production of Reports on Compliance (RoC) and Attestations of Compliance (AoC)
- CDE scoping, segmentation, and validation strategies
- PCI DSS v3.x and v4.0 transition and impact assessments
- GRC advisory across NIST, ISO 27001, and HIPAA frameworks
- Executive-level risk and compliance reporting for CISOs and CIOs
What We’re Looking For
- Active PCI QSA certification (mandatory)
- Strong hands-on experience delivering PCI DSS assessments and RoCs
- Deep understanding of PCI DSS requirements, especially v4.0
- Experience with enterprise security and compliance programs
- Ability to translate technical findings into business and risk outcomes
- Strong client-facing consulting and communication skills
Nice to Have
- CISA, CISM, CRISC, CISSP certifications
- Experience with AWS, Azure, or Google Cloud Platform security assessments
- Knowledge of FAIR risk quantification
- Application security or SDLC governance experience
Why This Role
You will work on high-impact PCI DSS engagements, advising enterprise clients on complex security and compliance challenges while shaping their long-term risk and compliance posture.
Work Location: Remote