PCI Compliance Analyst -Consultant

PCI Compliance Analyst -Consultant 100% remote 6-12 month contract

Overview:
Provide remote daily staff augmentation for the PCI ASV Analyst consultant role to the client. As a PCI ASV Analyst Consultant, you will be assigned to multiple customer-engaging efforts related to clients status as a PCI Approved Scanning Vendor. He or she will be responsible for assisting in the development, implementation, and maintenance of our company's PCI DSS compliance program. You will work closely with cross-functional teams, including IT Networking, IT Service Desk, Cyber Security and Business Operations, to identify potential risks, assess controls, and ensure adherence to the current PCI DSS requirements. Your expertise will contribute to the protection of sensitive payment card data and the overall security posture of our organization.

Responsibilities:
A. Must have 5+ years of experience in security or compliance consulting or advisory work in in support of a highly technical environment. { specialized experience that includes a minimum of one (1) year in vulnerability scanning and/or penetration testing and at least two (2) years in any two of the following areas: Network security, Application security, System security, IT security auditing, or IT security risk assessment.}
B. Must have 5+ years of experience in performing and/or participating in technical assessments in direct support of PCI DSS standardization such as:
Analyze and validate client-submitted PCI ASV scans for attestation, ensuring all reviews are conducted with a high degree of accuracy and adherence to PCI DSS standards.
Conduct in-depth analysis of customer-submitted scan disputes by reviewing required evidence, performing independent verification, and recreating scenarios in a lab environment to ensure a fair and compliant resolution.
C. Serve as a trusted advisor by guiding customers through the PCI ASV scan submission process to help them achieve their compliance objectives such as :
o Proficiency with network fingerprinting (e.g., Nmap) and web application scanning tools.

o Familiarity with browser dev tools and cURL.

o Familiarity with Vulnerability Management Scanners/Products

o Ability to interpret CVEs and explain vulnerability exploitation to diverse audiences.

D. Collaborate with Technical Support Engineers, providing expert guidance to ensure PCI-related inquiries are handled with accuracy and client success in mind.
D. Maintain all required PCI ASV certifications and CPE hours, upholding the professional practice standards of the role.
E. Resolve escalated customer issues by troubleshooting complex technical findings and making decisions on optimal solutions
F. Professional certification (CISSP, CISA, CSIM, CIA or similar) is highly desired.