Security Consultant QSA Track - TalentFish LLC

Job Title: Security Consultant QSA Track
Primary Location: REMOTE
Position Type: Direct Hire full-time

Overview

TalentFish is casting a line for a Security Consultant - QSA Track. This is a remote full-time Direct Hire role (will need to travel once a year for annual team meeting. This is an amazing opportunity for 2-4 InfoSec professionals who want to become a QSA. We are searching for high potenial candidate who have a base in Cybersecurity/InfoSec and are ready to expand their skills and grow as a QSA. . This role is open because our client is growing and currently building teams to support growth. We are looking for a candidate who loves consulting and Cybersecurity. Our client is a leader in advanced risk management practices and provides consulting services in penetration testing, incident response, governance/risk/compliance (GRC), and engineering services. This is a tremendous opportunity for candidates who are interested in fast tracking to become a QSA.
The Security Consultant QSA Track role is a technical administrator, engineer, developer, or auditor eager to transition into a security role. Please note this role requires technical experience and foundation. The ideal experience includes DevOps professionals, systems administrators, network engineers, application developers, and technical auditors who enjoy evaluating and configuring systems.

What You Bring to the Role. (Ideal Experience)

• Minimum of 2 years of hands-on experience in supporting, managing, and/or configuring network or system technology components. A 4-year undergraduate degree or equivalent is preferred.
• Ability to provide subject matter expertise independently to diverse clients while managing multiple projects.
• Understanding of security technologies such as Firewalls, IDS, SIEM, DLP, Web Application Firewalls, Advanced Malware Defense, DDOS Prevention, Application Whitelisting, Network Packet Capture, and similar tools.
• Excellent communication skills, with the ability to explain technical concepts to business stakeholders.
• Detail-oriented, self-motivated, and high standards for quality.
• Experience working with Windows operating systems (Windows 10) and Microsoft Office (Word, Excel, PowerPoint, Visio) products.
• IT and InfoSec certifications are valuable.

What You'll Do. (Skills Used in this Position)

• Develop knowledge of governance and risk standards, completing required documents and client engagements.
• Participate in consulting projects, authoring detailed assessment and compliance reports, and presenting findings to clients.
• Understand and communicate client requirements.
• Act as a trusted advisor to clients on risk assessments (ISO, NIST, HIPAA, PCI, Third Party, etc.) and PCI compliance, offering practical, technical expertise.
• Educate clients on security practices, assist in remediation planning, and provide guidance.
• Evaluate security products through hands-on testing.
• Participate in architecting security solutions.
• Contribute to companies Delivery Services Framework with best practices, findings, checklists, templates, testing methods, and research.

PCI DSS Future QSA Specific Requirements:
Candidates interested in becoming a Qualified Security Assessor for PCI DSS will have the following:

• Sufficient information security knowledge and experience to conduct technically complex security assessments.
• Minimum of one year of experience in each of the following information security disciplines (experience may be acquired concurrently):
  • Application security
  • Information systems security
  • Network security
• Minimum of one year of experience in each of the following audit/assessment disciplines (experience may be acquired concurrently):
  • IT security auditing
  • Information security risk assessment or risk management
• At least one accredited, industry-recognized professional certification from each list:
  • List A - Information Security:
    • (ISC)2 Certified Information System Security Professional (CISSP)
    • ISACA Certified Information Security Manager (CISM)
    • Certified ISO 27001 Lead Implementer
  • List B Audit:
    • ISACA Certified Information Systems Auditor (CISA)
    • GIAC Systems and Network Auditor (GSNA)
    • Certified ISO 27001, Lead Auditor, Internal Auditor
    • IRCA ISMS Auditor or higher (e.g., Auditor/Lead Auditor, Principal Auditor)
    • IIA Certified Internal Auditor (CIA)
  • Note: "Provisional auditor designations do not meet the requirement.

This is a full-time direct hire role with a prestigious highly focused consulting organization. The salary band is $85,000.00 - $115,000.00 plus bonus plus QSA track training. WOW!!!