Post Tue Dec 15, 2009 12:10 pm

Sr. Security Consultant-PCI Practice

Title: Senior Consultant – PCI Services
Skills: PCI Consulting, PCI Remediation Planning, PCI DSS Gap Assessment and Audit, PCI PA-DSS Gap Assessment and Audit, Network and Application Architecture
Date:
Location: Schaumburg
Tax term: FULLTIME 
Pay rate: Based on experience
About Halock: HALOCK Security Labs is a professional services organization focused 100% on information security. HALOCK is a hybrid services firm capable of addressing both the strategic and technical security needs of our clients. We are in partnership with our clients to help them protect critical information assets and meet compliance needs as well as international security standards best practices.
HALOCK offers services in PCI compliance and validation, vulnerability assessments, penetration testing, network security architecture reviews, development of information security management systems, and security solution implementations including SIEM, DLP, and encryption. Our full-time consultants and engineers may be a part of one or more of these service offerings depending on their skills and interests.
HALOCK prides itself on its ability to perform in-depth security assessments across a wide range of technical environments. Tired of the plain vanilla *checklist* audit? Looking to demonstrate your assessment skills with like-minded team members? HALOCK has a unique, challenging and motivated environment for you to further develop your career.
Due to client demand, we are continuing to expand our consulting team. Each client engagement is assigned a dedicated and capable group of consultants, project management, resources, and tools. You will be expected to utilize your skills and abilities to satisfy the scope of the engagement within budgetary requirements.
Job Responsibilities:  Perform PCI consulting and advisory services
 Plan and execute PCI DSS Gap Assessments and Audits
 Assist Clients with Remediation Planning
 Perform PCI PA-DSS consulting and advisory services
 Plan and execute PCI PA-DSS Gap Assessments and Audits
 Perform internal and external network and application penetration testing using a variety of methods, tools, and techniques
 Perform wireless penetration testing using both collaborative and covert methods
 Perform hands-on review of network environments, including network device and server configurations, from both an advisory perspective as well as in support of HALOCK's PCI Audit and ISO governance practices
 Exhibit knowledge of PCI DSS, PA-DSS, ISO, and NIST standards and demonstrate ability to complete required work papers with detail
 Contribute to HALOCK's PCI Services Framework including findings, checklists, templates, testing methods and techniques, and research
 Adhere to HALOCK's code of conduct (http://www.halock.com/thecode.php)
 Author detailed PCI assessment reports and Reports on Compliance, including presentation of findings to clients following the conclusion of testing
Required Skills: The ideal candidate must meet the following minimum criteria:
 PCI QSA Certification
 Five years full time gap assessment or audit experience
 Strong background in network and application technologies, including penetration testing
 Excellent technical and business level writing skills
 Ability to multi-task without compromising deadlines and assignment expectations
 Take direction from project management and work as part of a collaborative team
 Previous consulting experience and ability to deliver under pressure
 Strong organizational skills, including ability to deliver with minimal supervision
 Basic to intermediate project management competencies such as following process and protocol for project delivery, ability to identify project risks, project multitasking, and ability to self manage when appropriate
 Ability to execute assessments as defined in proposals, within assigned budgets and due dates
 High motivation, integrity, and commitment to self development
 Strong verbal communication skills
Preferred Skills: The following are ideal but not prerequisites for the role:
 PCI PA-QSA Certification
 Formal education in Information Security, Information Technology, Computer Science, Engineering or related discipline preferred
 Applicable certifications such as C|EH, C|EI, CSSLP, CISSP, CISA, technical certifications such as MCSD, SCJD, SCJP, MCAD, MCPD
 Network design and implementation experience
 Application development experience
Disclosures: All candidates invited to interview will be required to sign strict confidentiality and non-disclosure agreements. Full background checks are performed, with consent, on all successful candidates before employment offers can be extended.
Benefits and Extras:  Comprehensive benefits package including health, dental, 401(k), long-term disability and more
 Career Roadmap Program with annual performance reviews
 Training and paid certification opportunities
 Strong team culture
 Virtual testing labs
Contact:
US citizens and Green Card Holders, EAD and TN are encouraged to apply.
We are unable to sponsor H1 candidates at this time
No 3rd parties please
Individuals only need apply
Travel required: Up to 25%
Telecommute: No
Keywords: Information security, assessment, application security, network security, CISSP, PA-QSA, QSA, CISA, PCI, hacking, penetration test, pen test, audit