Logo for Danta Technologies

PCI Qualified Security Assessor (QSA) Consultant

Roles & Responsibilities

  • Proven experience as a PCI QSA (Qualified Security Assessor)
  • Strong working knowledge of PCI DSS requirements (v3.x and v4.0)
  • Experience producing RoC and Client documentation
  • PCI QSA certification

Requirements:

  • Lead end-to-end PCI DSS compliance engagements
  • Conduct PCI DSS assessments and produce Reports on Compliance (RoC)
  • Advise clients on PCI DSS scoping and segmentation strategies
  • Conduct compliance and maturity assessments across frameworks

Job description

Employment Eligibility Statement

Due to specific project and client requirements, this position is open to U.S. Citizens and U.S. Lawful Permanent Residents (Green Card holders). Sponsorship is not available at this time.

Danta Technologies evaluates all candidates in compliance with the Immigration and Nationality Act (INA) and EEOC guidelines. All hiring decisions are made without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, age, disability, veteran status, or any other protected characteristic.

Role-PCI Qualified Security Assessor (QSA) Consultant

Location- Remote (Preferably Long Island, NY)

Contract- 6+ months & extendable

Pay rate : $55/hr on W2/Danta Technologies payroll (OR) $65/hr on C2C

Role - PCI QSA Consultant / Payment Security & GRC Advis

key words
PCI DSS Consulting & Assessment.
GRC & Security Framework Assessments

preferred Skills
Proven experience as a PCI QSA (Qualified Security Assessor)

Must Have
Strong working knowledge of: PCI DSS requirements (v3.x and v4.0) documentation


Good to have
Security audits and compliance assessments
Risk management frameworks and control mapping

Certifications
PCI QSA
CISA
CRISC

Min to Max Experience needed
8 to 12 years of experience

Role Overview

Client is seeking a highly experienced PCI Qualified Security Assessor (QSA) Consultant to lead and deliver end-to-end Payment Card Industry (PCI DSS) advisory, assessment, and validation services.

This role focuses on guiding clients through PCI DSS compliance journeys, conducting formal validations (RoC/Client), and providing strategic security advisory across GRC, application security, and cloud risk domains.

The ideal candidate will bring deep expertise in PCI DSS standards, audit execution, compliance strategy, and executive advisory, with the ability to translate regulatory requirements into actionable security and business outcomes.


Key Responsibilities

1. PCI DSS Consulting & Assessment (Core Function)

  • Lead end-to-end PCI DSS compliance engagements, including:
    • Gap assessments and readiness assessments
    • Formal audits and validation activities
  • Conduct PCI DSS assessments and produce:
    • Reports on Compliance (RoC)
    • Attestations of Compliance (Client)
  • Advise clients on:
    • PCI DSS scoping and segmentation strategies
    • Compensating controls and requirement interpretation
  • Perform impact assessments for PCI DSS version upgrades, including:
    • Resource planning (people, tools, time)
    • Required architecture and system changes

2. GRC & Security Framework Assessments

  • Conduct compliance and maturity assessments across frameworks such as:
    • PCI DSS (primary focus)
    • NIST (CSF, 800-53, 800-171)
    • ISO 27001 / 27002
    • HIPAA and other regulatory standards
  • Perform:
    • Security program evaluations
    • Control gap analysis and remediation roadmaps

3. Application & Cloud Security Assurance (Optional)

  • Lead Application Security Certification (AppSec/AppCert) initiatives:
    • Black Box, Gray Box, and Crystal Box testing
    • SDLC maturity assessments aligned to OWASP SAMM
  • Conduct cloud risk assessments across:
    • AWS, Azure, and GCP
  • Evaluate:
    • Cloud configurations, identity controls, and data protection mechanisms

4. Executive Advisory & Cyber Risk Quantification (Optional)

  • Operate as a Security Program Advisor / Executive Consultant, providing:
    • Strategic compliance roadmap guidance
    • Risk posture insights to senior leadership
  • Utilize frameworks such as:
    • FAIR (Factor Analysis of Information Risk) for financial risk quantification
  • Support board-level and C-suite communications, including:
    • Risk reports
    • Compliance status dashboards

5. E-Discovery, Audit Support & Documentation

  • Support compliance and audit programs with:
    • Evidence collection and validation
    • Audit documentation and reporting
  • Develop:
    • Policies, standards, and procedures aligned with PCI DSS and GRC frameworks
  • Deliver high-quality audit artifacts and technical reports

6. Operational Technology (OT) & Specialized Assessments (Optional)

  • Conduct security assessments in OT/ICS environments, including:
    • Passive network monitoring and traffic analysis
    • Non-intrusive evaluation of control systems and networks

Required Skills & Experience

Core PCI Expertise

  • Proven experience as a PCI QSA (Qualified Security Assessor)
  • Strong working knowledge of:
    • PCI DSS requirements (v3.x and v4.0)
    • Cardholder Data Environment (CDE) scoping and segmentation
  • Experience producing:
    • RoC and Client documentation

GRC & Compliance Skills

  • Hands-on experience with:
    • Security audits and compliance assessments
    • Risk management frameworks and control mapping
  • Familiarity with:
    • NIST, ISO 27001, HIPAA, and industry-specific standards

Application & Cloud Security (optional)

  • Experience in:
    • SAST/DAST testing methodologies
    • Secure SDLC governance
  • Exposure to:
    • Cloud platforms (AWS, Azure, GCP)
    • Cloud compliance frameworks and risk models

Tools & Platforms

  • Experience with:
    • App security tools (e.g., Burp Suite or equivalent)
    • Compliance and audit management tools
    • Risk quantification models (FAIR or similar)

Certifications (Required/Preferred)

  • PCI QSA certification (Required)
  • Preferred:
    • CISA (Certified Information Systems Auditor)
    • CISM (Certified Information Security Manager)
    • CRISC (Certified in Risk and Information Systems Control)
    • Additional cloud or security certifications are a plus

Soft Skills & Attributes

  • Strong stakeholder engagement with CISO, CIO, and board-level stakeholders
  • Ability to translate regulatory requirements into business-aligned outcomes
  • Strong technical writing and audit report development skills
  • Excellent communication and presentation skills
  • High attention to detail and structured problem-solving approach

Key Success Metrics

  • Successful delivery of PCI DSS certifications (RoC/Client)
  • Quality and defensibility of audit outputs
  • Client satisfaction and repeat advisory engagements
  • Ability to drive measurable compliance posture improvements


Notes:- All qualified applicants will receive consideration for employment without regard to race, color, religion, religious creed, sex, national origin, ancestry, age, physical or mental disability, medical condition, genetic information, military and veteran status, marital status, pregnancy, gender, gender expression, gender identity, sexual orientation, or any other characteristic protected by local law, regulation, or ordinance.

Benefits: Danta offers a compensation package to all W2 employees that are competitive in the industry. It consists of competitive pay, the option to elect healthcare insurance (Dental, Medical, Vision), Major holidays and Paid sick leave as per state law.

The rate/ Salary range is dependent on numerous factors including Qualification, Experience and Location.

Consultant Related jobs

Other jobs at Danta Technologies

We help you get seen. Not ignored.

We help you get seen faster β€” by the right people.

πŸš€

Auto-Apply

We apply for you β€” automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

✨

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.