PCI SSF Assessor Consultant

Summary

Join RSI Security as a PCI SSF Consultant and conduct PCI Secure Software Framework (SSF) Advisory and Assessments for our clients. You will evaluate and ensure compliance with PCI Secure Software Standards, guide organizations through the SSF certification process, and provide expert advisory services. Responsibilities include performing PCI SSF assessments, evaluating software security controls, conducting gap analysis, developing remediation roadmaps, performing application security testing, assessing software security posture, and developing detailed reports. The role requires proficiency in PCI SSF, PCI DSS, and software security testing. RSI Security offers a remote work environment and various benefits including health insurance, paid time off, retirement plan, performance bonuses, and professional development opportunities.

Requirements

• Proficient knowledge and experience demonstrated on your resume in the following: PCI SSF
• Proficient knowledge and experience demonstrated on your resume in the following: PCI DSS
• Proficient knowledge and experience demonstrated on your resume in the following: Software security testing

Responsibilities

• Conduct PCI SSF Assessments
• Perform PCI Secure Software and Secure Software Lifecycle (Secure SLC) assessments in accordance with PCI SSC requirements
• Evaluate software security controls, SDLC processes, and vendor security practices
• Advisory & Gap Analysis Guide customers on PCI SSF compliance requirements and help them understand the necessary steps to achieve compliance
• Conduct gap analysis to identify areas of non-compliance and provide structured remediation plans
• Develop remediation roadmaps for clients, ensuring alignment with PCI SSF security objectives
• Provide advisory services on secure software development, threat modeling, and compliance best practices
• Perform application security testing, including secure code reviews, dynamic testing (DAST), and static code analysis (SAST)
• Identify software vulnerabilities related to data security, encryption, authentication, and access control
• Assess the security posture of software applications and SDLC processes
• Provide security architecture recommendations and best practices for secure coding, DevSecOps, and CI/CD pipeline integration
• Develop detailed reports outlining assessment findings, compliance gaps, and security vulnerabilities
• Prepare Attestations of Validation (AOVs) and compliance documentation for PCI SSC submissions
• Educate clients on PCI SSF best practices, secure development principles, and regulatory requirements
• Work closely with engineering, compliance, and risk teams to improve software security and compliance programs

Preferred Qualifications

PCI SSF Assessor certification

Benefits

• Personal wellness and employee assistance program
• Employer-paid medical, dental, vision coverage, and life insurance
• Paid holidays, vacation, and sick time
• Educational reimbursement program
• E-learning training courses
• Company-sponsored leadership and mentoring program
• 401K retirement plan with 100% employer match
• Performance bonus
• Employee referral bonus program
• Work and life balance
• Remote work