Advisory Senior Consultant - PCIat CDW Careers

PCI Advisory Senior Consultants assist with a variety of technical security assessments, including PCI DSS assessments. Senior Consultants work in close coordination with Managers and Directors. Senior Consultants are often responsible for performing fieldwork, collecting data, and developing draft deliverables. 

What you will get to do:

• Performing cybersecurity audits of Level 1 Merchants and Service Providers against the Payment Card Industry (PCI) Data Security Standard (DSS);
• Consulting organizations on proper PCI DSS remediation techniques and strategies while organizations work towards full compliance;
• Performing PCI DSS Readiness or Gap Assessments to identify current compliance status and consult organizations on the proper path moving forward;
• Performing SWIFT Assessments using the Customer Security Controls Framework (CSCF) (All architecture types);
• Conducting Network Security Architecture Reviews;
• Performing cloud security compliance reviews in the three main public cloud environments (AWS, Azure, and GCP);
• Developing information technology and security policies and procedures;
• Providing clients with trusted advisory services and guidance that will reduce their organizational risk and improve their overall cyber security posture; and
• Preparing reports and other deliverables, which contain strategy, technical analysis, and findings in connection with our Practice’s advisory and assessment engagements, also communicating these results to multiple levels of clients’ management. 

What you’ll need to succeed: 

Experience: 

• 2-5 years of relevant experience in the field(s) of IT Audit or being a PCI QSA.
• Experience performing technical audits (sampling, auditing configuration data, etc.)
• Strong critical thinking and analytical skills, demonstrating an ability to understand and communicate complex client-business processes
• Ability to learn independently through shadowing and “on-the-job” training vs. structured boot camps and detailed step-by-step instructions.
• Personal qualities like professionalism, attention to detail, a team-oriented focus, dedication, resourcefulness, strong organizational skills, an eagerness to learn, and grow professionally
• Ability to leverage available technical resources and tools (online and otherwise) to research and expand personal knowledge when needed
• Strong proficiency with Microsoft Windows and the Microsoft Office suite of products, (i.e., Excel, Word, and Outlook)
• Proficiency in Linux command-line interface

Technical Skills & Proficiency

• General knowledge and familiarity with the following technologies and concepts: 
  • Firewalls, routers, switches, and load balancers (e.g., Palo Alto, F5, Cisco)
  • Operating systems (e.g., Windows, Linux, Unix, iSeries)
  • Remote access systems (e.g., multi-factor authentication)
  • Databases (e.g., SQL, Oracle, DB2)
• IT governance, operations, and resource planning
• Information system and security architecture, including:
• Symmetric and asymmetric cryptography
• Systems Development Life Cycle (SDLC) and change management
• Information system implementation processes
• Systems administration and computer operations
• Threat and vulnerability management
• Incident response preparation and management
• Data backup and recovery practices
• Logical access controls (e.g., Active Directory)

Education: 

• Degree in Computer Science, engineering, information systems or equivalent work experience and/or relevant certifications (e.g., CISSP, CISA, PCI-QSA) is required.

Travel and Location:

• Telecommute available, with travel averaging 20%