Sikich · 13 hours ago
Security Consultant, QSA
United States
Full-time
Remote
Mid, Senior Level
$123K/yr - $123K/yr
3+ years expSikich is a global company specializing in Accounting, Advisory, and Technical professional services. They are seeking an experienced Information Security Consultant to assist clients in meeting compliance obligations by evaluating business technology and operations against top security standards like PCI DSS and NIST, while also mentoring other consultants and ensuring high-quality project deliverables.
AccountingAdviceBusiness Development
Responsibilities
Assist clients in meeting compliance obligations by evaluating business, technology & operations against security standards (ex. PCI DSS, NIST, CMMC)
Produce detailed, high-quality reports for clients & industry third parties (ex. payment card brands & the PCI Security Standards Council)
Take ownership of project work, such as a PCI DSS assessment, from start to finish including deliverables and work product
Act as a mentor and coach for other consultants on PCI compliance and security best practices
Serve as a SME to Sikich customers assisting them with developing and/or maintaining their security program
Develop and maintain technology related policies, procedures, and standards that address requirements related to strategies, regulations, business & technology risks, and industry standards
Execute control reviews across technology and business teams to address risk and compliance against various industry and technology frameworks outside of the PCI DSS (i.e., SSAE18 SOC2; NIST Cybersecurity Framework, CIS, and ISO27001)
Assist clients in meeting compliance obligations by evaluating business, technology & operations against security standards (ex. HIPAA, PCI, NIST, CMMC, etc.)
Contribute to assessment methodology, project planning, reporting, budgeting, and scheduling
Share expertise to help make top-level decisions on strategy & scope of engagements
Provide clear, organized findings & recommendations to clients & be able to track progress towards resolution
Analyze requirements & work closely with team members to produce results aligned to client needs
Work closely with the project team to ensure high-quality standards
Learn from the Security group & contribute tools, industry news & lessons learned back to the team
Efficiently juggle several concurrent client projects at any given point in time
May require some domestic & international travel to client sites & events (up to 50%)
Qualification
Required
Bachelor's degree in computer science, information technology, or related field, or equivalent practical experience
Must have a minimum of three years' experience performing security assessments for PCI compliance as a QSA
Current QSA certification from the PCI Security Standards Council, or ability to obtain it within one month of hire
Strong demonstrated experience in assessing, developing, and implementing cybersecurity risk management programs that integrate with Enterprise Risk Management within an organization
Ability to present security concepts & findings to technical & functional audiences
Willingness to obtain additional professional certifications
Strong analytical & problem-solving skills, with excellent written & verbal communication skills
Ability to work independently and collaboratively with clients and team members and manage multiple projects and deadlines
Willingness to travel up to 50% of the time to client sites, as needed
Servant Leader – You are hyper focused on engaging employees, fostering their development, and building a positive culture
Solutions Focused – You see opportunities in every business problem and can develop, articulate, and implement solutions
Collaboration – You are a relationship builder across all levels of the organization and across all business units
Instills Trust - You do what you say, and you follow through on commitments, you act with integrity, you are consistent and are perceived as credible
Impact & Influence Thinking – You gain support for ideas, proposals, and solutions, and get others to act, with or without formal authority, to advance initiatives/objectives
Preferred
Audit or security certifications (e.g., CRISC, CRMP, CISSP, CISM, CISA) preferred
Membership in relevant organizations (ex. OWASP, InfraGard, or ISSA) desired
Benefits
Flexible Time Off (FTO) Policy
Paid holidays during the year
Comprehensive wellness program
Flexible work arrangements
Health, dental, vision, life, and accident/death/disability insurance options
HSA employer contribution
Nine (9) paid holidays annually.
Paid Parental Bonding Leave program covering birth, adoption, and foster children
401(k) with employer contributions
CPA bonus with four (4) paid exam days & four (4) paid study days.
Tuition reimbursement
Generous employee referral bonus program
Client referral bonus program
Pet insurance
FORCE – Sikich community volunteer program enabling each team member to use up to four hours of paid time annually to volunteer and make a difference in their local communities.
Company
Sikich
Sikich is a Chicago-based investment banking firm offering expert M&A and capital markets advisory services tailored to the middle market.
1001-5000 employees
Funding
Current Stage
Late StageTotal Funding
$250MKey Investors
Bain Capital
2024-05-09Private Equity· $250M
Leadership Team
Bobby Roy
Partner
Cameron Petroff
Chief Marketing Officer
Recent News
Business Wire
2026-01-16
GlobalFinTechSeries
2025-11-13
Company data provided by crunchbase