As a Senior Consultant, assess compliance with PCI-DSS and SSF standards, guide clients through payment security complexities, and document findings.
Senior Consultant - SSF Assessor
at Tevora
Irvine, CA or Fairfax, VA
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the role?
Tevora is seeking a PCI QSA + SSF (Secure Software Framework) Consultant to join our growing Payments Compliance team. This team plays a crucial role in helping some of the world's largest organizations secure their payment systems and software, ensuring full compliance with PCI-DSS and SSF standards. As a key contributor, you will be responsible for guiding clients through the complexities of payment security and performing secure software validations.
The successful candidate will have exceptional attention to detail, a proactive attitude, and a passion for solving complex security challenges. Strong communication skills and technical writing abilities are essential, as you will be working closely with clients and documenting your findings. Staying current with evolving security standards and continuously improving your technical knowledge will be critical for success in this role.
A day in the life could include:
- Leading PCI-DSS assessments and Secure Software Standard validations for clients to ensure full compliance with payment security requirements.
- Performing Secure Software Standard testing procedures on payment applications, ensuring compliance with SSF guidelines.
- Writing detailed Secure Software Standard Reports on Validation (ROV), documenting findings and providing recommendations.
- Collaborating with development teams to help implement secure software practices and ensure PCI compliance.
- Supporting pre-sales efforts by scoping SSF-related engagements, preparing proposals, and participating in client presentations.
- Building and maintaining strong professional relationships with clients, offering expert guidance throughout the compliance process.
- Working closely with marketing to produce thought leadership content around PCI-DSS, SSF, and payment security trends.
Necessary skills and qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
- Secure Software Assessor Certification (with a valid listing on the PCI SSC website) is required.
- PCI Qualified Security Assessor (QSA) certification is also required.
- Experience performing at least one Secure Software Standard validation in the past year.
- Strong knowledge of Secure Software Standard testing procedures and the ability to apply these to payment applications.
- Demonstrated experience writing Secure Software Standard Reports on Validation (ROV) with attention to detail and clarity.
- Strong communication skills for building and maintaining relationships with clients.
- Ability to explain technical details clearly to non-technical stakeholders.
Bonus Points:
- Secure Software Lifecycle (SLC) Certification and experience is preferred but not required.
- Additional experience with other payment security standards, such as P2PE.
- Certifications such as CISSP, CISM, or CSSLP.
- Experience working with large, global organizations in complex compliance environments.
We've got you covered!
- Comprehensive benefits offering
- Paid time off and holidays
- 401k with Company match
- Vibrant work culture
Additional requirements:
- A valid driver's license is required.
- Eligibility to work in the United States.
- Must work a hybrid schedule at our Irvine, CA or Fairfax, VA office.
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.
Top Skills
Pci Dss
Pci Qualified Security Assessor Certification
Secure Software Assessor Certification
Secure Software Framework
Secure Software Standard Testing Procedures
Similar Jobs
.png)
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
As a Specialist in Trust & Safety, you'll focus on analyzing account takeover issues, training others, identifying root causes, and managing processes within the security operations group.
Top Skills:
AutomationBlockchainCryptoProcess Management
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
Drive security compliance programs at Coinbase, focusing on IT and security initiatives, auditing, and risk management. Collaborate with cross-functional teams and advise on security requirements.
Top Skills:
AWSAzureGCP
Cloud • Security • Software • Cybersecurity
As a Senior Threat Hunter, you will partner with customers to enhance their security programs, identify and remediate threats, and mentor junior team members.
Top Skills:
Cyber SecurityDigital ForensicsEndpoint Detection And ResponseIncident ResponseInformation Security Controls
What you need to know about the Charlotte Tech Scene
Ranked among the hottest tech cities in 2024 by CompTIA, Charlotte is quickly cementing its place as a major U.S. tech hub. Home to more than 90,000 tech workers, the city’s ecosystem is primed for continued growth, fueled by billions in annual funding from heavyweights like Microsoft and RevTech Labs, which has created thousands of fintech jobs and made the city a go-to for tech pros looking for their next big opportunity.
Key Facts About Charlotte Tech
- Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
- Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
- Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
- Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus
