At a Glance
- Tasks: Lead PCI DSS assessments and provide expert security consultancy to clients.
- Company: Join a leading cyber services firm dedicated to protecting critical information.
- Benefits: Enjoy flexible working, generous holiday, and community volunteering opportunities.
- Other info: Mentorship opportunities available for personal and professional growth.
- Why this job: Make a real impact in cybersecurity while developing your skills in a supportive environment.
- Qualifications: Must hold PCI QSA qualification and have strong client-facing skills.
The predicted salary is between 60000 - 80000 β¬ per year.
NCC Group provides Information Assurance consultancy to help businesses protect critical systems and information. We do this by defining security strategies, developing policies, conducting security maturity and risk assessments, architecture reviews and by delivering security awareness & training. We also provide security expertise to businesses to provide an on-demand cyber capability in the short, medium or long term to solve pressing business cyber orientated problems and challenges.
Our core services include:
- Strategy and governance
- On-demand augmentation roles
- Data discovery and mapping
- Risk advisory and assurance
- Business resilience
- Data privacy and GDPR
- ISO 27001 assessments
- Supply chain assurance
- PCI 3DS, PCI P2PE, PCI SSF audits
- Incident response readiness and planning
- Card production and PIN audits
- Cyber maturity assessments
- Incident response planning
- Gold/Silver/Bronze tabletops
We have a fantastic new opportunity to join our UK Consulting and Implementation division for a Senior Consultant operating as a Qualified Security Assessor (QSA). The ideal candidate will have prior extensive PCI consulting experience and commercial exposure within the cyber and payments space, gained from delivering a diverse range of cyber and assurance services ideally across a broad client base. In addition to your technical skills, you will have strong client facing skills and be comfortable dealing with senior client stakeholders.
Key Responsibilities
- Build and maintain sustainable trusted client relationships through high-quality delivery, ensuring output exceeds client expectations.
- Conduct onsite and remote activities to advise, assess, analyse, and report in line with the engagement and client business requirements. This will involve meeting client stakeholders, conduct of documentation reviews, auditing technical solutions and systems as well as presenting information and advice to senior business partners.
- Translate the technical and non-technical findings from an assessment or exercise into relevant, actionable remediation road maps for customers.
- Responsible for adhering to all internal policy and procedures in relation to security and quality best practice.
- Engage with Markets and Pre-Sales teams during the sales cycle to assist in quantifying, pricing and assessing the capability required for the project delivery.
- Assist with sales proposals, bids and tenders for delivery of Assurance & Compliance services.
- You will act as mentor to less experienced consultants and foster knowledge sharing throughout the delivery team.
Skills, Knowledge & Expertise
- You hold or have held a PCI Qualified Security Assessor (QSA) qualification and delivered PCI DSS assessments.
- You hold or have held other PCI assessor qualifications such as PCI 3DS Assessor, PCI Card Production Security Assessor (CPSA), P2PE Assessor, Qualified PIN Assessor (QPA) or Secure Software Assessor. You are interested in expanding your PCI skills to include assessing against these standards.
- You will be working in areas mainly focusing on PCI QSA however other skills include as NIST 800-53, SANS Top 20 CSC, ISO 27001, Risk Assessment (ISO27005) EU GDPR and other frameworks as requested by clients.
- Have the ability to deliver projects within time and in budget and to a high level of customer satisfaction β exercising customer care at all times.
- Demonstrate a strong ability to develop a rapport with customers and to engender long lasting relationships.
- Have strong business, consultancy and technical skills within the IT Security Industry.
- Excellent communication and presentation skills.
Desired Skills and Qualifications
- Demonstrable capability and qualifications across multiple of the following technical areas is advantageous:
- SOC / SIEM assessments and tooling
- Identity and Zero trust
- Security design and architecture
- GovAssure
- Operational Technology (OT)
- ISA 62443
- Artificial Intelligence
- SWIFT CSP
- Cloud related certifications across AWS/GCP/Azure
- CISM / CISSP / CRISC / ISO 27001 LI/LA / CISA
What do we offer in return?
- Flexible Working: Balance your work and personal life with our flexible working options.
- Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
- Medicash & Critical Illness Scheme
- Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
- Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
- Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
- Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
- Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
- Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
PCI DSS QSA (Senior Consultant) in London employer: NCC Group plc
NCC Group is an exceptional employer, offering a dynamic work environment in the heart of London where innovation meets expertise in cyber security. With a strong emphasis on employee growth, we provide extensive training opportunities and mentorship, ensuring that our team members thrive both personally and professionally. Our flexible working options, generous holiday allowance, and commitment to community engagement make NCC Group a rewarding place to build a meaningful career.
StudySmarter Expert Adviceπ€«
We think this is how you could land PCI DSS QSA (Senior Consultant) in London
β¨Tip Number 1
Network like a pro! Get out there and connect with people in the cyber security field. Attend industry events, join relevant online forums, and donβt be shy about reaching out to potential colleagues on LinkedIn. You never know who might have the inside scoop on job openings!
β¨Tip Number 2
Prepare for interviews by practising common questions and scenarios related to PCI DSS. Think about how you can showcase your experience and skills in a way that aligns with what the company is looking for. Role-play with a friend or use mock interview tools to boost your confidence.
β¨Tip Number 3
Donβt just apply and wait! Follow up on your applications after a week or so. A quick email to express your continued interest can set you apart from other candidates. It shows initiative and enthusiasm, which employers love!
β¨Tip Number 4
Check out our website for the latest job openings and apply directly through us. Weβre always on the lookout for talented individuals like you, and applying through our site can give you a better chance of getting noticed. Plus, itβs super easy!
We think you need these skills to ace PCI DSS QSA (Senior Consultant) in London
Some tips for your application π«‘
Tailor Your CV:Make sure your CV is tailored to the PCI DSS QSA role. Highlight your relevant experience and qualifications, especially any PCI-related certifications. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about the role and how your background makes you a perfect fit. Donβt forget to mention your client-facing skills and experience in the cyber space.
Showcase Your Achievements:When detailing your experience, focus on specific achievements rather than just duties. Use metrics where possible to demonstrate your impact. We love seeing how you've exceeded expectations in previous roles!
Apply Through Our Website:We encourage you to apply directly through our website. Itβs the best way to ensure your application gets into the right hands. Plus, it shows us you're keen on joining the StudySmarter team!
How to prepare for a job interview at NCC Group plc
β¨Know Your PCI Inside Out
Make sure you brush up on your PCI DSS knowledge before the interview. Be ready to discuss your previous experiences with PCI assessments and how you've navigated challenges in the past. This will show that you're not just familiar with the standards, but that you can apply them effectively.
β¨Showcase Your Client Relationship Skills
Since this role involves building trusted relationships with clients, prepare examples of how you've successfully managed client expectations in the past. Think about specific situations where you exceeded client expectations or turned a challenging relationship into a positive one.
β¨Prepare for Technical Questions
Expect to be asked technical questions related to PCI compliance and other frameworks like ISO 27001 or NIST 800-53. Brush up on these topics and be ready to explain complex concepts in simple terms, as you'll need to communicate effectively with both technical and non-technical stakeholders.
β¨Demonstrate Your Mentorship Abilities
As a senior consultant, you'll likely be mentoring less experienced consultants. Prepare to discuss your approach to mentorship and knowledge sharing. Share examples of how you've helped others grow in their roles, which will highlight your leadership skills and commitment to team development.
