Talent page

Vacancy Opportunities throughout our Network
Holland FinTech
Holland FinTech

Qualified Security Assessor (QSA)

NCC Group

NCC Group

Remote · United Kingdom
Posted on Wednesday, September 20, 2023

Thanks for checking out our job opening; we are excited that you are interested in learning more about NCC Group.

We are on a mission to make society a safer and more secure place. Our people are the ones who make that possible; a global community of talented individuals working together towards a safer future.

We aim to create an environment where everyone can reach their full potential. We work together, we are brilliantly creative, we embrace difference and we want you to join in our mission, as a QSA Consultant.

Take a look at our website here to learn more about why we’re one of the leading global Cyber Security and Risk Mitigation business: www.nccgroup.com

The Opportunity

NCC Group provides Information Assurance consultancy to help companies protect critical systems and information. We do this by defining security strategies, conducting compliance audits, developing policies, conducting security maturity and risk assessments and architecture reviews and by delivering security awareness & training sessions. We also provide security staff augmentation to clients so that our consultants may occupy security roles within the client environment in the short, medium or long term.

Our core information risk management and compliance services include:

Strategy policy and awareness Virtual security team

Data discovery and mapping Risk assessment and design review

Continuity/Resilience Data privacy and GDPR

ISO 27001 Supplier assured

PCI 3DS, PCI P2PE, PCI SSF audits Incident response planning

PCI Card Production and PIN audits Cyber security review

Alongside our core services, we have a range of bespoke services to help organisations protect their systems and information:

  • Risk Assessments

  • Security Architecture Review

  • Information Security Awareness and Training Programmes

  • Information Security Policy Development

  • Security Transformation Programmes

We have a fantastic new opportunity to join our Global Professional Services division for a PCI Qualified Security Assessor (QSA) Consultant. The ideal candidate will have commercial experience within the information and assurance field, gained from delivering a diverse range of security and assurance services ideally into a broad client base. In addition to your technical skills, you will have strong client facing skills and be comfortable dealing with senior client stakeholders.

The Challenge

  • Liaise with the Resource Management and Sales team during the sales cycle to assist in quantifying, pricing and organising the consulting resources required for the project delivery.

  • Assist with sales proposals, bids and tenders for delivery of PCI and Audit & Compliance services.

  • You will conduct on-site and remote activities to advice, assess, analyse and report in line with the engagement project requirements. This will involve meeting client stakeholders, conduct of documentation reviews, auditing technical solutions and systems as well as presenting information and advice to senior business partners.

  • Translate the technical and non-technical findings from an assessment or exercise into relevant, actionable information for customers

  • Responsible for adhering to all internal policy and procedures in relation to security and quality best practice

  • Ability to travel to client sites in the UK and abroad to perform engagements of varying durations as required

Essential Skills

Above all, we would like to speak with people who are passionate about what they do.

  • You hold or have held a PCI Qualified Security Assessor (QSA) qualification and delivered PCI DSS assessments.

  • You hold or have held other PCI assessor qualifications such as PCI 3DS Assessor, PCI Card Production Security Assessor (CPSA), P2PE Assessor, Qualified PIN Assessor (QPA) or Secure Software Assessor. You are interested in expanding your PCI skills to include assessing against these standards.

  • You will be working in areas mainly focusing on PCI QSA however other skills include as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005) EU GDPR and other frameworks as requested by clients.

  • Have the ability to deliver projects within time and in budget and to a high level of customer satisfaction – exercising customer care at all times

  • Demonstrate a strong ability to develop a rapport with customers and to engender long lasting relationships

  • Have strong business, consultancy and technical skills within the IT Security Industry

  • Excellent communication and presentation skills

The following additional attributes would be advantageous:

  • Excellent attention to detail and documentation

  • You have performed an Internal Security Assessor (ISA) role supporting PCI DSS assessments.

  • Qualified Security Assessor (QSA)

  • Industry standards such as NIST 800-53, SANS 20 CSC, ISO 2700 Series, GDPR

  • Customer facing experience

  • NCSC CCP, CISSP would be an advantage

Please do not hesitate to apply.

About your application

We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.

If you do not want us to retain your details, please email global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Policy. We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.

Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.

Please note that this role has background clearance as mandatory due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.