Participate in PCI DSS assessments of client payment systems, applications, and processes to identify potential security vulnerabilities and compliance gaps.
Assist in reviewing payment architectures, technologies, and processing environments to evaluate alignment with industry security standards and compliance requirements.
Support the collection, analysis, and documentation of evidence related to payment security controls.
Work alongside experienced QSAs and consultants to help clients navigate payment security standards such as PCI DSS, SSF (or PA-DSS), and other payment domain requirements.
Contribute to assessment documentation, compliance reports, and supporting materials used in certification and validation processes.
Gain practical experience with PCI assessment methodologies as part of the path toward QSA qualification.
Assist in developing recommendations to strengthen the security posture of client payment systems and applications.
Collaborate with consultants and client teams to help track and document remediation efforts addressing identified vulnerabilities and compliance gaps.
Support consultants in advising clients on secure payment technologies, encryption approaches, secure data storage, and secure development practices.
Participate in technical discussions related to protecting payment card data and sensitive financial information.
Build productive working relationships with client stakeholders while supporting engagement teams during assessments and advisory activities.
Participate in client meetings, workshops, and technical discussions as part of the assessment process.
Stay current with emerging cybersecurity threats, evolving payment security standards, and trends impacting the payments ecosystem and cybersecurity threat landscape.
Continuously develop technical and compliance expertise in preparation for pursuing QSA certification.

Requirements

Minimum of 1 year of experience participating in PCI DSS assessments or supporting PCI compliance engagements, such as evidence review, control validation, gap analysis, documentation preparation, or quality assurance.
Ideal candidate has experience contributing to PCI DSS Reports on Compliance (ROC), Self-Assessment Questionnaires (SAQ), or PCI gap assessments.
Demonstrated interest in advancing a career in payment security and progressing towards PCI Qualified Security Assessor (QSA) certification.
Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related STEM field (or equivalent practical experience).
Strong analytical and problem-solving skills, with the ability to identify security risks and contribute to recommending appropriate solutions.
Excellent communication and interpersonal skills, with the ability to convey technical concepts to both technical and non-technical audiences.
Ability to work independently and collaboratively within cross-functional teams to support client engagements and project objectives.
Foundational understanding of cybersecurity principles, including areas such as network security, access control, encryption, and secure system design.
Exposure to payment technologies, payment processing environments, or compliance frameworks is a plus, including PCI DSS, SSF (or PA-DSS), ISO 27001, and NIST Cybersecurity Framework.
A commitment to maintaining the highest level of confidentiality and professionalism.
Preferred Certifications
(Not required but beneficial)
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA)
Certified Information Security Manager (CISM)
ISO 27001 Lead Auditor

Benefits

Comprehensive benefits including: Medical, Dental, Vision & Basic Life Insurance
Paid Vacations, Sick Time, & Holidays
401 (k) with discretionary company match
Vibrant work culture

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

PCI DSS assessmentspayment security controlscontrol validationgap analysisdocumentation preparationquality assuranceencryptionsecure system designnetwork securityaccess control

Soft Skills

analytical skillsproblem-solving skillscommunication skillsinterpersonal skillscollaborative skillsindependent workrelationship buildingtechnical concept communicationconfidentialityprofessionalism

Certifications

Certified Information Systems Security Professional (CISSP)Certified Information Systems Auditor (CISA)Certified Information Security Manager (CISM)ISO 27001 Lead AuditorQSA certification