Qualified Security Assessor (QSA)
Posted 4 days ago by Trust In SODA
£1,250 Per day
Inside
Hybrid
Solihull, England, United Kingdom
Summary: The role of Qualified Security Assessor (QSA) involves leading PCI DSS assessments for merchants and service providers, ensuring compliance with security standards. The position requires collaboration with stakeholders to validate controls, identify gaps, and support remediation efforts. The contract is hybrid and extends until December 31, 2025, with a focus on maintaining high security standards through formal audits and assessments.
Key Responsibilities:
- Conduct formal PCI DSS audits and assessments
- Review technical controls, policies, and procedures
- Lead interviews, site inspections, and testing activities
- Provide expert remediation guidance to clients
- Prepare accurate RoCs and AoCs
- Stay updated on PCI SSC guidance and best practices
Key Skills:
- Active QSA or ISA certification
- PCI DSS QSA/ISA certification (mandatory)
- 5+ years in IT security, audit, or compliance
- At least one relevant certification: CISSP, CISA, CISM, GIAC, etc.
- Strong technical knowledge in network security, encryption, cloud architectures, and access control
- Excellent communication and stakeholder management
- Experience managing multiple projects and tight deadlines
Salary (Rate): £1250/day
City: Solihull
Country: United Kingdom
Working Arrangements: hybrid
IR35 Status: inside IR35
Seniority Level: undetermined
Industry: IT
Qualified Security Assessor (QSA / ISA) Location: Solihull (Hybrid) Contract until: 31 December 2025 Rate: £1250/day (Inside IR35) Clearance Required: BPSS eligible only We’re seeking a Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) for a contract opportunity supporting PCI DSS compliance initiatives.
About the Role: You'll lead PCI DSS assessments across merchants and service providers—validating controls, identifying gaps, and supporting remediation. You’ll work closely with stakeholders to ensure security standards are upheld and documented through Reports on Compliance (RoC) and Attestations of Compliance (AoC).
Key Responsibilities:
- Conduct formal PCI DSS audits and assessments
- Review technical controls, policies, and procedures
- Lead interviews, site inspections, and testing activities
- Provide expert remediation guidance to clients
- Prepare accurate RoCs and AoCs
- Stay updated on PCI SSC guidance and best practices
Requirements: Active QSA (via a PCI SSC-approved QSA Company) or ISA (via a PCI SSC-registered Sponsor Company) PCI DSS QSA/ISA certification (mandatory) 5+ years in IT security, audit, or compliance At least one relevant certification: CISSP, CISA, CISM, GIAC , etc.
Preferred Skills: Strong technical knowledge in network security, encryption, cloud architectures, and access control Excellent communication and stakeholder management Experience managing multiple projects and tight deadlines Ready to bring your PCI expertise to a mission-critical programme? Apply now to join a high-impact team driving secure, compliant operations.