Security Consultant PCI (Barcelona)

Advantio
Barcelona - España 16/06/2021

Descripción de la oferta de empleo

Role

Due to our continued expansion we now have an immediate opening for a Security Consultant in Madrid and Barcelona.

Mission: to lead Cyber Security Consultancy engagements with clients and customer within financial services and payment card industries. Focusing on delivery of PCI DSS and/or PA-DSS Information Security compliance assessments, Cyber Security Maturity Assessments and ISO27001 engagements.



Responsibilities

Main:

Lead customer engagements and provide senior cyber security advice and services to a broad range of clients and industries.
Provide detailed analytical reporting, internal reporting metrics and program management.
Provide leadership and mentorship to Junior consultants.


Preliminary Analysis:

Identifying all the stakeholders, sponsors, technical references (e.g. IT Project Manager, Software Engineer, Security Analyst) of the client in order to define the initial conditions and the needs analysis


Gap Analysis and Scoping

Review and validation of the PCI DSS scope and network segmentation controls, payment application design and functionality
Review of all locations and flows of cardholder data, as well as asset inventories
Conducting PCI standards interviews to have a complete map of information/data workflows, processes and procedures, payment card data flow, information security controls
Conducting technical interviews to understand eventual data security problems from in-depth technical point of view
Producing Scoping and Gap Analysis Documentation

Remediation

Providing the customer with a remediation plan/gap report
Guiding and supporting all the remediation processes ensuring that the gaps are mitigated correctly


Formal Assessment

Conducting PCI DSS/PA-DSS related interviews with responsible employees in order to have a complete map of information/data workflows, processes and procedures, payment card data flows, application design and functionality
Conducting technical interviews to understand eventual data security problems from in-depth technical point of view
Analysis of network diagrams, asset lists to understand the infrastructure used by the customers
Analysis of Penetration Testing reports (PCI DSS Compliance Process) and/or performance of applications penetration tests and forensic analysis (PA-DSS Compliance Process) within ad-hoc penetration testing laboratories

Documentation

Preparation, validation and approval Reports on Compliance (RoC) and/or Reports of Validation (RoV) according to the standard templates provided by PCI SSC
Preparation, validation and approval of Attestation of Compliance (AoC) and/or Attestation of Validation (AoV) according to the standard templates provided by PCI SSC
Submission all the documentation to PCI SSC for the final approval in case of PA-DSS process (signed RoV, AoV, Implementation Guide and Vendor Release Agreement)


Knowledge and Skills (Security Consultant)

Information Security Experience
PCI DSS (PA-DSS, P2PE, PCI 3DS), GDPR
Virtualization
Cloud technologies
Authentication methods and techniques
Integrity controls
Networking
Operating Systems (Linux/Unix, Windows)


Values and Competencies

Problem Solving (analysis, helicopter view, problem setting, decision making)
Planning and Organization (time management, scheduling and control)
Communication (clearness, listening, persuasion)
Networking (reinforce relationships, use emotional intelligence and personal proximity)
Results Orientation (delivering solutions, work under pressures

Otros detalles de la oferta

Idiomas: Español (Excelente) | Inglés (Excelente)

Formación Mínima: Licenciado

Nivel Profesional: Especialista

Otras Provincias: Madrid

CVs inscritos en el proceso: 4

Comparte esta Oferta
Datos principales de la oferta
  • Barcelona - España
    Ubicación
  • Madrid
  • Ciberseguridad
    Funciones
  • Jornada completa
    Jornada
  • 3 años
    Experiencia
  • Temporal
    Tipo contrato
  • PCI ISO

¿No tienes cuenta en Tecnoempleo.com?

Regístrate como candidato en Tecnoempleo.com y vincula tu CV a las ofertas de empleo.

Crea tu cuenta gratis