Cybersecurity Consultant 3 - Payment Card Industry in New York, New York | DiversityInc Careers
This job has expired and you can't apply for it anymore. Start a new search.

Cybersecurity Consultant 3 - Payment Card Industry

As the largest communications company in the world, more than 120 million customers count on us every day to deliver the wireless, Internet, data and advertising services that fuel their businesses and connect them to their world. You will find yourself connecting communications and technology with opportunities that will take you to places you never imagined.

What does it take to join us? We demand exceptional skills in your discipline and a real dedication to being the best.

After all, we're asked to keep AT&T profitable and on the cutting edge, and at the same time, build on more than a century of innovation and success. We are a world leader in communications and entertainment, and we plan to keep on growing.
Overall Purpose: AT&T Security Consulting Group is seeking an expert and experienced Senior Consultant to provide Payment Card Industry (PCI) Trusted Advisor services to AT&T’s US and global clients.  Key services include: PCI-DSS compliance assessments, compliance preparation, compliance evaluation, compliance road-mapping, compliance remediation and ultimately compliance certification. Key Roles and Responsibilities:
  • Collaborates with and provides consulting services to clients in a trusted advisor role.
  • Works on billable consulting service projects.
  • Works independently on complex projects or works in a team as a project leader. 
  • Conducts PCI Data Security Standard (PCI DSS) compliance assessments for merchants and service providers. 
  • Conducts gap assessments and provides actionable recommendations to remediate shortcomings and prepare for compliance. 
  • Documents findings in Reports on Compliance (ROCs) and control status/recommendations in Remediation Roadmaps.
  • Manages aspects of delivery, customer satisfaction, and accurate timekeeping for billing purposes on projects where the consultant is the only technical resource or lead technical resource. 
  • Participates in group discussions to further knowledge in the PCI practice and provides peer review of deliverables.
Secondary Responsibilities:
  • In a sales support role, meeting with customers as a PCI SME in support of sales team. 
  • Support in identifying additional sales leads on assigned projects and beyond
  • Attending sales conference calls or client meetings, support in scoping and developing SOWs/proposals. 
Education: Bachelor’s degree desired or equivalent experience and a minimum of five (5) years of enterprise security related work experience.  Master’s Degree in a technical discipline preferred.

Requirements:·In-depth knowledge of and substantial experience with the PCI DSS is         required·Current/Former PCI Qualified Security Assessor (QSA) certification·Experience with PCI v2.0 or later, an understanding of PCI v3.0, with at least 4 years in compliance-related position(s). ·Technical skills in assessing servers (*NIX and Windows), firewalls, and other security platforms for PCI DSS controls required·Mid to advanced level methods knowledge of one or more of the following:oVulnerability scanningoPenetration testing (network, system and application)oApplication development oPolicy developmentoForensicsoSecurity event monitoring·Information Security consulting experience of a minimum of four years·A strong understanding of security operation & management in a large customer environment·Must be a flexible team player, hard-working, and possess excellent communication and customer-facing skills·Strong report writing skills and ability to explain complex security issues to customers in a formal presentation format·Creativity in finding cost-effective remediation solutions acceptable to our clients·Comfortable in working with all levels of technical and management client teams, from “C” levels down·One Security certification such as CISSP, CISA, CISM, PCI QSA, CEH, SANS GSEC, etc., is required and willingness to pursue further certification preferred.·Ability to travel 50%-75%, mostly within region, must possess drivers’ licenseAdditional Requirements·Knowledge of other compliance frameworks/assessments, such as ISO, HIPAA/HITECH, HiTrust, GLBA, SOX 404, etc desired. ·Bi-lingual candidates a plus