PSC Careers

Level: Mid to Senior Level
Salary: Base commensurate with skill and level; with performance incentives to make salary best in industry

Position Description:

The successful candidate will work directly for a a partner of PSC on Payment Card Industry security audits and engagements. Projects may include:

• Performing independent security assessments in accordance with PCI Data Security Standard;
• Performing independent security assessments on payment applications in accordance with PCI Payment Application Data Security Standard
• Working as a team member on a large audit engagement to perform elements of PCI audits;
• Performing security consultation projects to assist PSC Client's implement security controls;
• Developing testing scripts and procedures;
• Assisting PSC security lab in performing vulnerability analysis;
• Evaluating systems and environments to identify security exposures;
• Other security-related projects that may be assigned according to skills;
• Marketing and sales of PSC services as may be required from time to time.

Requirements:

The successful candidate MUST have meet the following requirements:

• Strong ethics and understanding of ethics in business
• English language written communication skills
• Investigative interviewing skills
• Understand the difference between a security consultant and a security auditor; flexible to be either
• Understand and know all relevant PCI Security Audit Procedures
• Ability to organize project or job into tasks
• Ability to work within a budget on a project
• Must understand Windows and UNIX operating systems
• Possess current CISSP from (ISC)2
• Minimum of 5 years work experience performing security assessments or internal security audits (work as a security officer would suffice for this requirement)
• Minimum of 3 years work experience for a company that either accepted or processed consumer credit card payments
• Working knowledge of credit payment systems
• Be able to work remotely, independently and unsupervised
• Willing to ask for help and willing to work with a mentor
• Willing to travel 75% of the time

Optional Requirements:

The successful candidate SHOULD meet these additional requirements as a plus:

• Fluent in language other than English. Spanish, French, German, Mandarin,or Japanese in order of importance
• Ability to provide payment system consulting for Clients
• Degree in either Computer Engineering, Computer Science, or Information Systems Management
• Additional computer system security audit certificates, like: CISA, CISM, ISSMP, ISSEP
• Reside in San Jose, California area or willing to visit San Jose on monthly basis
• Strong background and knowledge of payment systems
• Current certified PCI DSS QSA
• Current certified PCI PA-QSA

Position Title: Network and Application Penetration Tester

Level: Mid to Senior Level
Salary: Base commensurate with skill and level; with performance incentives to make salary best in industry

Position Description:

The successful candidate will report directly to the Head of PSC Security Lab of PSC and will perform network-based security vulnerability assessments based on the current Payment Card Industry ASV security scanning procedures. This person will also perform penetration tests in accordance with industry-accepted methods and protocols. Projects may include

• Performing network-based security assessments;
• Performing security assessments on Internet-facing applications;
• Performing security assessments on software applications;
• Performing penetration tests across public networks;
• Performing penetration tests across internal networks;
• Performing assessments of wireless networks;
• Performing assessments of physical security using social engineering;
• Working as a team member on a large audit engagement to perform technical software and environment testing;
• Performing security consultation projects to assist PSC Client's implement security controls;
• Consulting with PSC Client's on approach and proper implementation of technical security controls;
• Developing testing scripts and procedures;
• Other security-related projects that may be assigned according to skills.

Requirements:

The successful candidate MUST have meet the following requirements:

• Strong ethics and understanding of ethics in business and information security
• English language written communication skills
• Investigative skills
• Understand and familiarity with common penetration testing methods and standards
• Ability to organize project or job into tasks
• Ability to work within a budget on a project
• Must understand security issues on both Microsoft and *NIX operating systems
• Minimum of 2 years work experience performing security penetration tests or internal technical security audits
• Be able to work independently, with minimal supervision
• Be able to complete tasks and deliver written reports suitable for viewing by PSC Clients
• Willing to ask for help and willing to work with a mentor
• Willing to travel <20% of the time>
• Possess current CISSP from (ISC)2

Optional Requirements:

The successful candidate SHOULD meet these additional requirements as a plus:

• Reside in San Jose, California area or willing to visit San Jose on 1-2 times per month
• Fluent in language other than English. Spanish, French, Mandarin, Cantonese or Japanese in order of importance
• Degree in either Computer Engineering, Computer Science, or Information Systems Management
• Possess current ISSEP from (ISC)2 or recognized equivalent
• Additional computer system security audit certificates, like: CISA, CISM, ISSMP

Who is PSC?

With offices in the USA, Canada, UK and Australia, PSC is a leading PCI assessor and Approved Scanning Vendor. (See our Web site for more information) We are one of an elite few companies qualified globally to provide expert services and solutions to organizations that require specialist compliance or consulting support in the areas of Payments, Security or Compliance.

Our focus is exclusively on Clients that accept or process payments or technology companies in the payment industry. All staff at PSC have either worked within large merchant/retail organizations or services providers. Each partner at PSC has held executive management positions with responsibilities for payments and security.

Our approach includes a high-touch, hands-on methodology, that helps guide our Clients from consideration of strategic alternatives all the way through implementation and sustaining activities. The partners at PSC work closely with Clients to understand their objectives produce pragmatic and actionable plans and aid in execution as required.

• PSC is certified globally as a Qualified Security Assessor Company (QSAC) for the PCI Security Standards Council
• PSC is certified globally as an Approved Scanning Vendor (ASV) for the PCI Security Standards Council
• PSC is certified globally Qualified Payment Applications Security Company (PA-QSAC) for the PCI Security Standards Council

To ensure Independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors.

To Apply

Interested candidates should submit the following items:

• Prepare a one page statement explaining how you meet the required qualifications
• Resume or CV covering prior 10 years of employement history or experience