Job Title: Qualified Security Assessor (QSA) Location: Solihull Duration: Until 31/12/2025 Rate: Up to £1380 per day via an approved umbrella company Role Description: Job Summary: As a QSA or ISA, you will be responsible for conducting formal assessments of organizations' compliance with the Payment Card Industry Data Security Standard (PCI DSS). You will evaluate security controls, identify gaps, and provide guidance to help organizations achieve and maintain compliance. This role requires deep technical knowledge, strong communication skills, and a commitment to upholding the integrity of the PCI DSS program. Key Responsibilities: Conduct PCI DSS assessments for merchants and service providers. Review and validate security controls, policies, and procedures. Perform on-site inspections, interviews, and technical testing. Document findings and prepare detailed Reports on Compliance (RoC) and Attestations of Compliance (AoC). Provide remediation guidance and support to clients. Maintain up-to-date knowledge of PCI DSS standards and related security practices. Ensure independence and objectivity in all assessments. Participate in internal quality assurance and peer review processes. Required Qualifications: For QSA: Employed by a PCI SSC-approved QSA Company. Successfully completed PCI SSC QSA training and certification. Holds at least one recognized industry certification (e.g., CISSP, CISA, CISM, GIAC). Minimum of 5 years of experience in IT security, audit, or compliance. For ISA: Employed by a PCI SSC-registered ISA Sponsor Company. Completed ISA training and certification through PCI SSC. Strong understanding of internal security controls and PCI DSS requirements. Preferred Skills: In-depth knowledge of network security, encryption, firewalls, and access control. Familiarity with cloud security and modern IT architectures. Strong analytical and problem-solving skills. Excellent written and verbal communication. Ability to manage multiple assessments and deadlines. Certifications (Preferred): CISSP, CISA, CISM, CRISC, CEH, OSCP, or similar. PCI DSS QSA/ISA certification (mandatory for role). If this is the role for you please submit your CV at your earliest convenience.