Technical Expertise :
- Understanding of PCI DSS v4.0 : The contractor should possess a strong understanding of the Payment Card Industry Data Security Standard (PCI DSS) requirements.
- RoC and / or SAQ-D Assessment Experience : Experience conducting internal PCI v3.2.1 or v4.0 SAQ-D assessments is crucial. They should be familiar with all the specific controls and testing procedures.
- Knowledge of Industry Best Practices : Familiarity with current industry best practices for data security and PCI compliance is highly desirable.
Experience and Qualifications :
Former PCI QSA or ISA Background : Verifiable experience as a former PCI QSA or ISA, (Please obtain PCI Certificates.)Security Assessment Experience : Experience conducting security assessments in general is valuable, even if not specifically focused on PCI DSS.Proven Track Record : Look for a contractor with a proven track record of successful internal PCI assessments and a strong reputation within the security community.Communication and Reporting :
Excellent Communication Skills : The ability to clearly communicate complex technical information to both technical and non-technical audiences is essential.Detailed Reporting : The contractor should be able to produce comprehensive reports that document the assessment findings, including identified control gaps, remediation recommendations, and evidence of testing procedures.Basic Qualifications : Education and Experience : Bachelors in Computer Science, MIS and Accounting and 3 years experience or HS / GED and 7 years experience in Internal Control and Audit.Preferred Qualifications : Experience : 5 years of progressive audit experience One professional designation (CISA, CISM, CRISC, CISSP) 1 year of public accounting experience.Strong business risk acumen. Strong communication and presentation skills. Strong analytical skills.
Technical Expertise :
Understanding of PCI DSS v4.0 : The contractor should possess a strong understanding of the Payment Card Industry Data Security Standard (PCI DSS) requirements.RoC and / or SAQ-D Assessment Experience : Experience conducting internal PCI v3.2.1 or v4.0 SAQ-D assessments is crucial. They should be familiar with all the specific controls and testing procedures.Knowledge of Industry Best Practices : Familiarity with current industry best practices for data security and PCI compliance is highly desirable.Experience and Qualifications :
Former PCI QSA or ISA Background : Verifiable experience as a former PCI QSA or ISA, (Please obtain PCI Certificates.)Security Assessment Experience : Experience conducting security assessments in general is valuable, even if not specifically focused on PCI DSS.Proven Track Record : Look for a contractor with a proven track record of successful internal PCI assessments and a strong reputation within the security community.Communication and Reporting :
Excellent Communication Skills : The ability to clearly communicate complex technical information to both technical and non-technical audiences is essential.Detailed Reporting : The contractor should be able to produce comprehensive reports that document the assessment findings, including identified control gaps, remediation recommendations, and evidence of testing procedures.Basic Qualifications : Education and Experience : Bachelors in Computer Science, MIS and Accounting and 3 years experience or HS / GED and 7 years experience in Internal Control and Audit.Preferred Qualifications : Experience : 5 years of progressive audit experience One professional designation (CISA, CISM, CRISC, CISSP) 1 year of public accounting experience.Strong business risk acumen. Strong communication and presentation skills. Strong analytical skills. ['PCI DSS'] Shift : ['PCI DSS']
