PCI-DSS Senior Consultant

Job Description : PCI DSS Senior Consultant

Job Type : Permanent

Job Location : Gurgaon (Hybrid)

Notice Period : 30 Days ONLY

Role Overview :

- We are looking for an experienced PCI DSS Senior Consultant to lead and deliver end-to-end PCI DSS assessments and advisory engagements for clients across banking, fintech, and payment service provider environments.

- The ideal candidate will have strong technical expertise, hands-on PCI assessment experience, and excellent client-facing and reporting skills.

Key Responsibilities :

- Lead and execute PCI DSS gap assessments, readiness reviews, and formal compliance assessments (SAQ / RoC).

- Perform detailed scoping of the Cardholder Data Environment (CDE) including data flows, system boundaries, and segmentation validation.

- Assess organizational, technical, and operational controls against PCI DSS requirements and identify compliance gaps and risks.

- Provide practical remediation guidance, compensating controls, and security best practices to clients.

- Review and validate policies, procedures, technical configurations, and audit evidence.

- Work closely with client technical, security, and business stakeholders throughout the assessment lifecycle.

- Prepare and deliver high-quality reports, including :

1. Gap Assessment Reports,

2. Reports on Compliance (RoC),

3. Attestation of Compliance (AoC),

4. Executive and management summaries

- Support clients during revalidation cycles, regulatory queries, and ongoing compliance activities.

- Mentor junior consultants and contribute to internal knowledge sharing.

- Stay updated with PCI DSS updates, emerging security threats, and industry best practices.

Required Skills & Technical Expertise :

- Strong, hands-on knowledge of PCI DSS (latest version) and payment card ecosystems.

- Deep understanding of Cardholder Data Environment (CDE) design and scoping.

- Solid experience with :

1. Network security (firewalls, IDS/IPS),

2. Encryption and key management,

3. Secure system configurations

- Working knowledge of :

1. Windows and Linux operating systems,

2. Databases and virtualization,

3. Cloud environments (AWS / Azure preferred)

- Familiarity with vulnerability management, penetration testing, and log monitoring controls.

- Excellent documentation, analytical, and report-writing skills.

- Strong communication and stakeholder management abilities.

Experience Requirements :

- 3-5+ years of experience in : Information Security, Risk / Compliance, PCI DSS consulting or audit roles

- Proven experience delivering PCI DSS assessments for : Banking, Financial Services, Fintech, Payment Service Providers

- Prior consulting or audit experience is strongly preferred.

Qualifications & Certifications :

- Bachelors degree in Information Technology, Computer Science, Cybersecurity, or a related field.

- PCI QSA or PCI ISA certification (preferred).

- Additional certifications such as CISSP, CISA, CISM, ISO 27001 Lead Auditor are desirable.

Key Attributes :

- Client-focused and delivery-oriented mindset.

- High attention to detail and commitment to quality.

- Ability to manage multiple engagements and meet deadlines.

- Strong professional ethics and confidentiality awareness.

- Ability to work independently as well as collaboratively within a team.