Security Consultant - PA DSS / P2pe

Trustwave Chicago , IL 60602

Posted 2 months ago

SecureTrust, a Trustwave division, leads the industry in innovation and processes for achieving and maintaining compliance and security. SecureTrust delivers world-class consulting, compliance and risk assessment services and solutions for the enterprise market as well as tailored merchant risk management programs and solutions for merchant program sponsors around the globe. For more information, visit www.securetrust.com.

Security Consultant (PA-DSS/P2PE)

Responsibilities:

  • Lead customer engagements and be responsible for project execution by providing information security consultation and assessment services.

  • Be main point of contact for client information security engagements including working co-ordination and project management (client interaction, deliverables, work plans, escalation's, etc.)

  • Grow the business by identify up-sells with existing and potential clients.

Required Skills and Experience:

Must be an active PA QSA and hold PCI QSA & PA-DSS QSA certificate.

Following experiences is required:

The candidate must have an overall experience of at least 3 years in secure application development, source-code review, application testing and cryptography

Must also hold at least 1 year of experience in each of the following:

  • Experience conducting application testing and source-code reviews

  • Experience performing web vulnerability assessments, performing application penetration testing, experience using penetration testing methodologies including the use of forensic forensic tools/methods

  • Experience creating source code per OWASP or other secure coding guidelines

  • Experience with exploiting OWASP vulnerabilities and executing arbitrary code to test processes

  • Experience with cryptographic techniques such as cryptographic algorithms, key management and rotation processes, and secure key storage

Desired Skills and Experience:

  • Bachelors degree in Computer Science or related field; will consider candidates with ten or more years of relevant industry experience in lieu of Bachelors Degree

  • Current or former PA-DSS certification and/or P2PE-QSA

  • Extensive knowledge of PCI PA-DSS requirements and validation methodologies

  • Experience in a professional services environment

  • Experience working with financial institutions

  • Deliver consulting projects sold per Statement of Work or direction from management

  • CISSP or CISA certification preferred

  • Solid background auditing IT Security controls

  • Experience presenting to Senior / Executive Management

  • Deep understanding of IT infrastructure, information security, and PCI compliance.

  • Experience with Level 1 Merchants

Education:

We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment.

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave's policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Digital Security Senior Consultant

Crowe Horwath

Posted 4 days ago

VIEW JOBS 6/2/2020 12:00:00 AM 2020-08-31T00:00 Your Journey at Crowe Starts Here At Crowe, you have the opportunity to deliver innovative solutions to today's complex business issues. Crowe's accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their commitment to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our commitment to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a "Best Place to Work." We are 75 years strong and still growing. Come grow with us! Job Summary By joining Crowe's Digital Security team, you will be helping make the world a more honest, safe and secure place. As a member of our collaborative team, you will be working alongside experts in the security field to protect our clients from threats and vulnerabilities and assist them with their complex security needs. We will enable an entrepreneurial and innovative environment for you to deliver transformative security consulting services and to develop deeply specialized skill sets demanded in today's market. The Pentesting Senior Consultant will be responsible for providing their pentesting experience to execute cybersecurity projects and deliver high quality work to our clients. This position will work directly with other project leads, managers, and/or executives to communicate business and technical aspects of the work being performed. The Pentesting Senior Consultant will oversee the work of some junior-level personnel, set performance expectations and provide constructive performance feedback on a regular basis. This person may also assist the engagement economics of the projects, including budget status tracking. The Pentesting Senior Consultant will conduct Cybersecurity engagements, including but not limited to the following areas and responsibilities: * Information Security and Risk Management Consulting * IT Risk Assessment * Cybersecurity Assessments * Penetration Testing * Choose based on industry: FFIEC Cybersecurity Assessments, HIPAA Assessments, etc. * Cloud Security Reviews * IT Security Technology Implementations * Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the Project. * Submit recommendations to client for corrective action or to support a recommend approach to solving the client's needs. * Participate in planning and implementing of client information systems, including structure, process, and security. * Participate in strategic and tactical objectives to include new product offerings, identify additional client needs, and generating new business leads. * Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively. * Evaluate and/or implement cybersecurity solutions and controls to ensure data security and integrity for our clients. * Generate ideas for new cybersecurity solutions aligned with our clients evolving needs Qualifications Joining our Consulting Financial Services practice is an opportunity to help make the world more honest, transparent, safe, and secure. From day one of your career, you will assist our clients to transform their governance, embed risk in their decision-making and maintain efficient compliance. We will enable an entrepreneurial and innovative environment for you to deliver transformative risk consulting services and to develop deeply specialized skill sets demanded in today's market. The Cybersecurity Senior Consultant will be responsible for conducting pen testing work, supporting planning, executing cybersecurity projects and will work within a project team to ensure high-quality delivery. This position will perform hands-on security work, as well as oversee the technical work of some junior level personnel. This position will work directly with other project leads, managers, and/or executives to communicate business and technical aspects of the work being performed. The Cybersecurity Senior Consultant will set performance expectations for junior level personnel and provide constructive performance feedback on a regular basis. This person may also assist the engagement economics of the projects, including budget status tracking, billing, and collection analysis. The Cybersecurity Senior Consultant will perform the following responsibilities: Conduct and lead Cybersecurity Projects, including: - Penetration Testing - Cybersecurity Strategic Advisory - Information Security and Risk Management Consulting - IT Risk Assessment - Cybersecurity Assessments - Choose based on industry: FFIEC Cybersecurity Assessments, HIPAA Assessments, etc. - Cloud Security Reviews - IT Security Technology Implementations - Prepare reports or other necessary documentation to detail results of evaluation and otherwise meet the objectives of the Project. - Submit recommendations to client for corrective action or to support a recommend approach to solving the client's needs. - Participate in planning and implementing of client information systems, including structure, process, and security. - Participate in strategic and tactical objectives to include new product offerings, identify additional client needs, and generating new business leads. - Correspond with a variety of clients and communicate security issues, recommendations, and deliverables effectively. - Evaluate and/or implement cybersecurity solutions and controls to ensure data security and integrity for our clients. - Generate ideas for new cybersecurity solutions aligned with our clients evolving needs Crowe Horwath Chicago IL

Security Consultant - PA DSS / P2pe

Trustwave