PCI Qualified Security Assessor (QSA)
PCI Qualified Security Assessor (QSA)
Posted on :
28-08-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Job Description: PCI Qualified Security Assessor (QSA) ( GOVT EXP is MUST)
Location:Seattle WA Onsite
Position Type:Contract long Term
About the Port of Seattle:
The Port of Seattle is a public agency that operates critical infrastructure in the Puget Sound region including Seattle-Tacoma International Airport (SEA) multiple marine terminals and various commercial real estate properties. As a major hub for travel and commerce we process a significant volume of payment card transactions and are committed to the highest standards of data security and privacy for our customers and partners.
Position Overview:
The Port of Seattle is seeking a certified PCI Qualified Security Assessor (QSA) to perform a comprehensive assessment of our compliance with the Payment Card Industry Data Security Standard (PCI DSS). The successful candidate will be responsible for evaluating our people processes and technologies to validate our security posture identify gaps and guide us toward achieving and maintaining full compliance. This role is critical in ensuring the secure handling of payment card data across our diverse operations.
Key Responsibilities:
- Conduct a thorough PCI DSS gap analysis and scoping exercise to identify all systems and processes involved with the storage processing or transmission of cardholder data (CHD).
- Perform on-site and remote assessments of the Ports IT infrastructure applications and policies against all applicable PCI DSS requirements.
- Evaluate and validate the effectiveness of security controls including network security access control encryption vulnerability management and logging/monitoring.
- Work collaboratively with internal IT security and business teams to gather evidence clarify processes and explain findings.
- Document the assessment procedures evidence and results in detail.
- Author a formal Report on Compliance (ROC) for submission to acquiring banks and payment card brands.
- Provide clear actionable guidance and recommendations for remediation of any identified compliance gaps.
- Advise on best practices for maintaining ongoing PCI DSS compliance.
- Active PCI SSC Qualification:Must hold a current valid PCI Qualified Security Assessor (QSA) certification issued by the PCI Security Standards Council (PCI SSC).
- Experience:Minimum of 5 years of experience in information security IT audit or risk management with at least 3 years of hands-on experience leading PCI DSS assessments.
- Technical Expertise:Deep understanding of the PCI DSS requirements and their practical implementation in a complex organizational environment.
- Auditing Skills:Proven experience performing security assessments interviewing personnel reviewing evidence and writing detailed reports (ROCs).
- Communication:Exceptional written and verbal communication skills with the ability to articulate complex technical issues and compliance requirements to both technical and non-technical stakeholders.
- Experience assessing large complex organizations with diverse IT environments (e.g. airports transportation hubs retail hospitality).
- Additional relevant certifications such as CISSP CISA CRISC or CISM.
- Experience with other compliance frameworks (NIST ISO 27001 SOC 2).
Required Experience:
Manager
Employment Type
Contract
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
