Senior Information Security Consultant; QSA
Listed on 2026-06-30
-
IT/Tech
Cybersecurity, Information Security, IT Consultant
Senior Information Security Consultant (QSA) — US
• Remote
Join our dynamic team as a Sr. Information Security Consultant (QSA). This remote, full‑time role offers the opportunity to assist clients in meeting their compliance obligations by evaluating business technology and operations against top security standards such as PCI DSS, NIST, and CMMC. You will produce detailed, high‑quality reports, take ownership of projects from start to finish, coach other consultants, and help clients develop robust security programs.
Whatyou will do in this role
- Assist clients in meeting compliance obligations by evaluating business, technology, and operations against security standards (PCI DSS, NIST, CMMC).
- Produce detailed, high‑quality reports for clients and industry third parties.
- Take ownership of project work, such as a PCI DSS assessment, from start to finish including deliverables and work product.
- Act as a mentor and coach for other consultants on PCI compliance and security best practices.
- Serve as a SME to Sikich customers assisting them with developing and/or maintaining their security program.
- Develop and maintain technology‑related policies, procedures, and standards that address requirements related to strategy, regulations, risk, and industry standards.
- Execute control reviews across technology and business teams to address risk and compliance against various frameworks (SSAE
18 SOC2, NIST Cybersecurity Framework, CIS, ISO
27001). - Contribute to assessment methodology, project planning, reporting, budgeting, and scheduling.
- Share expertise to help make top‑level decisions on strategy and scope of engagements.
- Provide clear, organized findings and recommendations to clients and track progress toward resolution.
- Analyze requirements and work closely with team members to produce results aligned to client needs.
- Work closely with the project team to ensure high‑quality standards.
- Learn from the Security group and contribute tools, industry news, and lessons learned back to the team.
- Efficiently juggle several concurrent client projects.
- May require some domestic and international travel to client sites and events (up to 50%).
- Bachelor's degree in computer science, information technology, or related field, or equivalent practical experience.
- Minimum of three years’ experience performing security assessments for PCI compliance as a QSA.
- Current QSA certification from the PCI Security Standards Council, or ability to obtain it within one month of hire.
- Audit or security certifications (CRISC, CRMP, CISSP, CISM, CISA) preferred.
- Strong experience in assessing, developing, and implementing cybersecurity risk management programs that integrate with Enterprise Risk Management.
- Ability to present security concepts and findings to technical and functional audiences.
- Willingness to obtain additional professional certifications.
- Membership in relevant organizations (OWASP, Infra Gard, ISSA) desired.
- Strong analytical and problem‑solving skills, with excellent written and verbal communication skills.
- Ability to work independently and collaboratively with clients and team members and manage multiple projects and deadlines.
- Willingness to travel up to 50% of the time to client sites as needed.
In compliance with this state’s pay‑transparency laws, the midpoint of the salary range for this role is $130,000. Final offer amount may vary based on experience and geographic location.
Benefits- Flexible Time Off (FTO) Policy activated on the first day.
- Paid holidays and flexible work arrangements.
- Comprehensive health, dental, vision, life, and disability insurance options.
- HSA employer contribution.
- 9 paid holidays annually.
- Robust paid parental bonding leave program.
- 401(k) with employer contributions.
- Tuition reimbursement and employee referral bonus program.
- Pet insurance.
- Volunteer program with up to four hours of paid time annually.
Sikich is an Equal Opportunity Employer. Sikich practices in an alternative practice structure in accordance with the AICPA Professional Code of Conduct and applicable law, regulations, and professional standards.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).