PCI Controls Consultant - Senior

CLA is a top 10 national professional services firm where our purpose is to create opportunities every day, for our clients, our people, and our communities through industry-focused wealth advisory, digital, audit, tax, consulting, and outsourcing services. Even with more than 8,500 people, 130 U.S. locations, and a global reach, we promise to know you and help you.

CLA is currently seeking a PCI Controls Consultant Senior to join our growing Cybersecurity Team.

This role is responsible for examining and evaluating clients’ networks, systems, applications, and people for PCI compliance. They are responsible for assessing and identifying areas of improvement, control issues, and developing recommendations to meet the DSS requirements and enhance the security posture of our client's information technology infrastructure. They may also proactively work with their team to identify potential areas where solutions could enhance the firm's delivery of services and products.

Essential Job Functions

• PCI consulting: Perform engagement activities such as planning, control evaluation, test activities, reporting, and findings documentation in accordance with professional standards and applicable regulatory requirements and laws.  Minimum one IT Security or Audit Certification, such as CISSP, CISA, CISM (active current pursuit of a certification may be considered in lieu).  PCI QSA or AQSA preferred.
• Client Service: Develop reports for clients and conduct client interviews to understand processes and controls and present observations. Assist managers and directors with client relationships, practice management, and business development activities. Provide recommendations for improving internal controls.
• Training/Mentorship: Provide guidance to Associates during complex engagements and conduct technical reviews of Associate workpapers. Take client In-Charge role as assigned. Lead department meetings as necessary. Attend training and provide technical training to staff as required. May act as career coach and/or peer advisor to help other team members grow their inspired careers.
• Professional Development: Maintain professional certification and continuing education requirements. Stay abreast of new legislation and market trends in information security that can be leveraged for clients.

Requirements:

Experience

• 3 years of relevant experience required.
• Experience working within an internal audit or IT governance, risk and compliance function as an internal employee or as part of a professional services firm preferred.
• Experience leading and executing risk-based IT focused internal audits, risk and control assessments, leveraging IT governance and control frameworks (COBIT, NIST, CSF, ITL etc.) preferred.

Education

• Bachelors degree in Computer Science, Information Technology or related field (combination of education, training, and experience may be considered a degree equivalent)

Certifications / Licenses

One industry recognized certification required, such as:

• CISA or equivalent (GSEC, ECSA, SSCP)
• CompTIA certs - like Security +
• Privacy Certifications (CDPSE)
• CISSP or equivalent (CISM)
• CRISC

Travel Requirements

This position requires frequent local travel to/from client sites and may require occasional non-local or overnight travel for client visits, training, meetings and/or other business-related purposes.

Our Perks:

• Flexible PTO (designed to offer flexible time away for you!)
• Up to 12 weeks paid parental leave
• Paid Volunteer Time Off
• Mental health coverage
• Quarterly Wellness stipend
• Fertility benefits
• Complete list of benefits here

#LI-RC1

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
 
Click here to learn about your hiring rights.

Wellness at CLA

To support our CLA family members, we focus on their physical, financial, social, and emotional well-being and offer comprehensive benefit options that include health, dental, vision, 401k and much more.

To view a complete list of benefits click here.