[Remote] PCI Compliance Analyst -Consultant

Note: The job is a remote job and is open to candidates in USA. Dice is seeking a PCI Compliance Analyst - Consultant for a 100% remote position. The role involves providing staff augmentation for PCI ASV Analyst consulting, assisting in the development and maintenance of the company's PCI DSS compliance program, and collaborating with cross-functional teams to ensure adherence to PCI DSS requirements.

Responsibilities

• Must have 5+ years of experience in security or compliance consulting or advisory work in support of a highly technical environment
• Must have 5+ years of experience in performing and/or participating in technical assessments in direct support of PCI DSS standardization such as: Analyze and validate client-submitted PCI ASV scans for attestation, ensuring all reviews are conducted with a high degree of accuracy and adherence to PCI DSS standards
• Conduct in-depth analysis of customer-submitted scan disputes by reviewing required evidence, performing independent verification, and recreating scenarios in a lab environment to ensure a fair and compliant resolution
• Serve as a trusted advisor by guiding customers through the PCI ASV scan submission process to help them achieve their compliance objectives such as: Proficiency with network fingerprinting (e.g., Nmap) and web application scanning tools
• Familiarity with browser dev tools and cURL
• Familiarity with Vulnerability Management Scanners/Products
• Ability to interpret CVEs and explain vulnerability exploitation to diverse audiences
• Collaborate with Technical Support Engineers, providing expert guidance to ensure PCI-related inquiries are handled with accuracy and client success in mind
• Maintain all required PCI ASV certifications and CPE hours, upholding the professional practice standards of the role
• Resolve escalated customer issues by troubleshooting complex technical findings and making decisions on optimal solutions

Skills

• Must have 5+ years of experience in security or compliance consulting or advisory work in support of a highly technical environment
• Specialized experience that includes a minimum of one (1) year in vulnerability scanning and/or penetration testing and at least two (2) years in any two of the following areas: Network security, Application security, System security, IT security auditing, or IT security risk assessment
• Must have 5+ years of experience in performing and/or participating in technical assessments in direct support of PCI DSS standardization
• Analyze and validate client-submitted PCI ASV scans for attestation, ensuring all reviews are conducted with a high degree of accuracy and adherence to PCI DSS standards
• Conduct in-depth analysis of customer-submitted scan disputes by reviewing required evidence, performing independent verification, and recreating scenarios in a lab environment to ensure a fair and compliant resolution
• Serve as a trusted advisor by guiding customers through the PCI ASV scan submission process to help them achieve their compliance objectives
• Proficiency with network fingerprinting (e.g., Nmap) and web application scanning tools
• Familiarity with browser dev tools and cURL
• Familiarity with Vulnerability Management Scanners/Products
• Ability to interpret CVEs and explain vulnerability exploitation to diverse audiences
• Collaborate with Technical Support Engineers, providing expert guidance to ensure PCI-related inquiries are handled with accuracy and client success in mind
• Maintain all required PCI ASV certifications and CPE hours, upholding the professional practice standards of the role
• Resolve escalated customer issues by troubleshooting complex technical findings and making decisions on optimal solutions
• Professional certification (CISSP, CISA, CSIM, CIA or similar) is highly desired

Company Overview