This job ad has been posted over 30 days ago...



Associate consultant-Quality Assessor (RAC) Full-time

at SISA INFORMATION SECURITY in Banglore (Published at 09-04-2019)

Role and Responsibilities:

The Information Security Risk and Compliance QA Consultant will play a key role in the administration of
Qualified Security Assessor (QSA), Approved Scanning Vendor (ASV), and Payment Application Qualified
Security Assessor (PA-QSA) Quality Assurance program as well as contribute to other Council program
Initiatives. In this role, the Quality Assurance Consultant will use former audit experience to exhaustively
Review reports provided by assessors to their clients and work closely with these security Vendors to
resolve issues. For the purposes of quality assurance, the QA consultant will also support all the
Council’s security standards – including the PCI Data Security Standard (PCI DSS), Payment Application
Data Security Standard (PA-DSS), and PIN Entry Device (PED) Security Requirements.
 Evaluate reports performed by PCI SSC approved security companies including PCI DSS Reports
 on Compliance (ROC), Approved Scanning Vendor (ASV) Scan Reports, and PCI PA-DSS Reports
 of Validation (ROV)
 Technical review of the report in accordance with PCISSC, RBI, UIDAI
Provide status reports for consistent findings and proposed solutions.
 Interact with QSA, PA-QSA and ASV security professionals to confirm findings and resolve
Misunderstandings resulting from the review.
 Work in a team environment to analyze the QA test process and help develop procedural
 Strategies for reviewing reports and services.
 Help ensure relevant test coverage and appropriate sampling.
 Participate as an integral part of the team, exhibiting ownership, follow through,
 Initiative, awareness and effective communication with peers and management.
 Continually learn, actively share knowledge and foster exchange of skills;
 Proactively identify opportunities to improve the quality of reporting and usability
of that information;
 Contribute to newsletters, whitepapers and other written communication sent by
the Council as needed;
 Perform ad hoc projects as required;
 Technical Qualitative analysis for audit process
 Keep track on evidences and reports being retained based on PCI QA policy.

Education Qualification:

-Masters or Engineering degree
-PCI DSS experience
-CEH, ISo 27001 LA certifications preferred.

Preferred Skills:
Knowledge on Information Security concepts
Must be well and good in communication skills - verbal and written
Understanding of information systems and networking diagrams
Flexible, proactive, quick to learn and possessing a can-do attitude


Viewed: 1946 times
« Go back to category
Is this job ad fake? Report it!   
Recommend to a friend