Security Consulting Associate � QSA Track

Job Title: Security Consulting Associate QSA Track

Primary Location: REMOTE

Position Type: Direct Hire full-time

Overview

TalentFish is casting a line for a Security Consulting Associate - QSA Track . This is a remote 10% travel - full-time Direct Hire role. This role is open because our client is growing and currently building teams to support growth. We are looking for a candidate who love consulting and Security. Our client is a leader in advanced risk management practices and provides consulting services in penetration testing, incident response, governance/risk/compliance (GRC), and engineering services. This is a tremendous opportunity for candidates who are interested in fast tracking to become a QSA.

The Security Consulting Associate QSA Track role is a technical administrator, engineer, developer, or auditor eager to transition into a security role. Please note this role requires technical experience and foundation. The ideal experience includes DevOps professionals, systems administrators, network engineers, application developers, and technical auditors who enjoy evaluating and configuring systems.

Role

What You Bring to the Role. (Ideal Experience)

• Ability to provide subject matter expertise independently to diverse clients while managing multiple projects.
• Minimum of 2 years of hands-on experience in supporting, managing, and/or configuring network or system technology components. A 4-year undergraduate degree or equivalent is preferred.
• Understanding of security technologies such as Firewalls, IDS, SIEM, DLP, Web Application Firewalls, Advanced Malware Defense, DDOS Prevention, Application Whitelisting, Network Packet Capture, and similar tools.
• Ability to explain technical concepts to business stakeholders.
• Detail-oriented, self-motivated, and high standards for quality.
• Experience working with Windows operating systems (Windows 10) and Microsoft Office (Word, Excel, PowerPoint, Visio) products.
• IT and InfoSec certifications - (ISC)2 Certified Information System Security Professional (CISSP) , ISACA Certified Information Security Manager (CISM) , Certified ISO 27001 Lead Implementer
  
  

Skills

What You'll Do. (Skills Used in this Position)

• Develop knowledge of governance and risk standards, completing required documents and client engagements.
• Participate in consulting projects, authoring detailed assessment and compliance reports, and presenting findings to clients.
• Understand and communicate client requirements.
• Act as a trusted advisor to clients on risk assessments (ISO, NIST, HIPAA, PCI, Third Party, etc.) and PCI compliance, offering practical, technical expertise.
• Educate clients on security practices, assist in remediation planning, and provide guidance.
• Evaluate security products through hands-on testing.
• Participate in architecting security solutions.
• Contribute to companies Delivery Services Framework with best practices, findings, checklists, templates, testing methods, and research.
  
  

Requirements

PCI DSS Future QSA Specific Requirements :

Candidates interested in becoming a Qualified Security Assessor for PCI DSS will have the following:

• Minimum of one year of experience in each of the following information security disciplines (experience may be acquired concurrently):
• Application security
• Information systems security
• Network security
• Minimum of one year of experience in each of the following audit/assessment disciplines (experience may be acquired concurrently):
• IT security auditing
• Information security risk assessment or risk management
• At least one accredited, industry-recognized professional certification from each list:
• List A - Information Security :
• (ISC)2 Certified Information System Security Professional (CISSP)
• ISACA Certified Information Security Manager (CISM)
• Certified ISO 27001 Lead Implementer
• List B Audit :
• ISACA Certified Information Systems Auditor (CISA)
• GIAC Systems and Network Auditor (GSNA)
• Certified ISO 27001, Lead Auditor, Internal Auditor
• IRCA ISMS Auditor or higher (e.g., Auditor/Lead Auditor, Principal Auditor)
• IIA Certified Internal Auditor (CIA)
• Note: "Provisional auditor designations do not meet the requirement.
  

TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI, video screening, and our unique platform. TalentFish focuses on providing the best employee, consultant, and client experience possible. At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!