PSC Careers

Vulnerability Assessment Analyst
PCI Security Consultant
Certified Ethical Hacker

Position Title: Vulnerability Assessment Analyst

Date Posted: August 1st, 2011

Level: Entry to Mid Level
Salary: Base commensurate with skill and level; with performance incentives.

Position Description:
Security Scanning Standard as well as best practices for network and application security testing procedures. Analysis of scans results and consultation with customers during remediation will be a major portion of the job. Projects may include:

• Communicating with Clients to configure setup network-based security vulnerability scans;
• Monitoring the execution of vulnerability scans;
• Setting up reports and information regarding te results of security scans;
• Providing integration support for customers using ASV services;
• Working as a team member on a large audit engagement to perform technical software and environment testing;
• Developing testing scripts and procedures;
• Other security-related projects that may be assigned according to skills.

Requirements:
The successful candidate MUST meet the following requirements:

• Strong ethics and understanding of ethics in business and information security
• English language written and oral communication skills a MUST
• Investigative and troubleshooting skills
• Understand and familiarity with common information security vulnerability testing methods
• Ability to organize project or job into tasks
• Ability to work within a budget on a project
• Be able to complete tasks and deliver written reports suitable for viewing by PSC Clients
• Willing to ask for help and willing to work with a mentor
• Reside in San Jose, California area or willing to relocate to the SF Bay Area at own cost

Optional Requirements:
The successful candidate SHOULD meet these additional requirements as a plus:

• Fluent in language other than English. Spanish, French, Mandarin, Cantonese or Japanese in order of importance
• Additional computer system security audit certificates, like: CISA, CISM, ISSMP

Must be authorized to work in the United States on a full-time basis

If this sound likes a job for you, Apply! Send your resume to PSC

Position Title: PCI Security Consultant (QSA)

Level: Mid to Senior Level

Skills:
PCI Security Consultant -- QSA

Past experience in: ISO 27001, IT Auditor, PCI DSS, PCI PA-DSS, HIPPA, CISSP, CISA, Information Security, QSA Certification, Network / Systems Security Administration

Job Description:
PCI QSA Security Consultant - Quality Security Assessor - Information Security Consultant- QSA Certification or QSA recertification offered

Position located in either San Jose, CA or Dallas, TX -- Our clients are top merchants and financial services companies. We are seeking is a PCI QSA Consultant to supplement our team. PSC is one of the oldest firms working in the payment card industry. PSC is certified globally as a a Qualified Security Assessor Company (QSAC), certified to perform PCI DSS and PCI PA-DSS assessments worldwide. PSC is also fully certified as a PCI Approved Scanning Vendor (ASV). PSC provides a comprehensive range of services and solutions to assist companies that accept or process consumer payments to achieve and maintain compliance with a wide range of local and international standards.

If you are a PCI QSA Consultant or PCI QSA subject matter expert with information security consulting experience the please read on!

What you need for this position:

• Must have either 3 years' experience in PCI assessment for end clients or 5 years' experience in IT Audits or Information security consulting
• Knowledge of payment industry regulations/standards: PCI DSS
• 6 months experience in certification as Quality Security Assessor (QSA) by the Payment Card Industry Security Standards Council (PCI SCC)
• Certification and possess one of the following security certifications: CISSP, CISA, CISM (CEH a plus)
• Strong ethics and understanding of ethics in business and information security
• Excellent oral and written communication skills
• Technical knowledge and understanding for audit of MS Windows and *NIX systems
• Strong organizational skills
• Willingness to travel up to 75% for US and International customers

What will you be doing?
You, the PCI QSA Security Consultant will:

• Conduct detailed data security assessments including applications, servers, databases, and other network components and associated processes against the PCI DSS standards to identify areas of non-compliance.
• Work as a team member on large assessment engagements.
• Perform security consultation projects to assist a wide variety of customers that accept and process payments
• Help enhance testing procedures and methodologies
• Receive technical training in security testing and vulnerability analysis tools
• Evaluate systems and environments to assess security exposures
• Provide training services to customers
• Other security-related consulting projects that may be assigned according to skills

• Very Competitive Salary! $100K and up, including performance incentives
• Career growth opportunities
• Exposure to top experts in the payments field
• Ongoing professional development and training program

Must be authorized to work in the United States on a full-time basis.

If this sound likes a job for you, Apply! Send your resume to PSC

Position Title: Certified Ethical Hacker

Level: Mid to Senior Level
Salary: Base commensurate with skill and level; with performance incentives to make salary best in industry.

Position Description:
The successful candidate will report directly to the Head of PSC Security Lab of PSC and will perform network-based security vulnerability assessments based on the current Payment Card Industry ASV security scanning procedures. This person will also perform penetration tests in accordance with industry-accepted methods and protocols. Projects may include

• Performing network-based security assessments;
• Performing security assessments on Internet-facing applications;
• Performing security assessments on software applications;
• Performing penetration tests across public networks;
• Performing penetration tests across internal networks;
• Performing assessments of wireless networks;
• Performing assessments of physical security using social engineering;
• Working as a team member on a large audit engagement to perform technical software and environment testing;
• Performing security consultation projects to assist PSC Client's implement security controls;
• Consulting with PSC Client's on approach and proper implementation of technical security controls;
• Developing testing scripts and procedures;
• Other security-related projects that may be assigned according to skills.

Requirements:
The successful candidate MUST have meet the following requirements:

• Strong ethics and understanding of ethics in business and information security
• English language written communication skills
• Investigative skills
• Understand and familiarity with common penetration testing methods and standards
• Ability to organize project or job into tasks
• Ability to work within a budget on a project
• Must understand security issues on both Microsoft and *NIX operating systems
• Minimum of 2 years work experience performing security penetration tests or internal technical security audits
• Be able to work independently, with minimal supervision
• Be able to complete tasks and deliver written reports suitable for viewing by PSC Clients
• Willing to ask for help and willing to work with a mentor
• Willing to travel <50% of the time>
• Possess current CISSP from (ISC)2

Optional Requirements:
The successful candidate SHOULD meet these additional requirements as a plus:

• Reside in San Jose, California area or willing to visit San Jose on 1-2 times per month
• Fluent in language other than English. Spanish, French, Mandarin, Cantonese or Japanese in order of importance
• Degree in either Computer Engineering, Computer Science, or Information Systems Management
• Possess current ISSEP from (ISC)2 or recognized equivalent
• Additional computer system security audit certificates, like: CISA, CISM, ISSMP

Must be authorized to work in the United States on a full-time basis.

If this sound likes a job for you, Apply! Send your resume to PSC

Who is PSC?

With offices in the USA, Canada, UK and Australia, PSC is a leading PCI assessor and Approved Scanning Vendor. (See our Web site for more information) We are one of an elite few companies qualified globally to provide expert services and solutions to organizations that require specialist compliance or consulting support in the areas of Payments, Security or Compliance.

Our focus is exclusively on Clients that accept or process payments or technology companies in the payment industry. All staff at PSC have either worked within large merchant/retail organizations or services providers. Each partner at PSC has held executive management positions with responsibilities for payments and security.

Our approach includes a high-touch, hands-on methodology, that helps guide our Clients from consideration of strategic alternatives all the way through implementation and sustaining activities. The partners at PSC work closely with Clients to understand their objectives produce pragmatic and actionable plans and aid in execution as required.

• PSC is certified globally as a Qualified Security Assessor Company (QSAC) for the PCI Security Standards Council
• PSC is certified globally as an Approved Scanning Vendor (ASV) for the PCI Security Standards Council
• PSC is certified globally Qualified Payment Applications Security Company (PA-QSAC) for the PCI Security Standards Council

To ensure Independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors.