Senior Security Assessor – PCI

By October 15, 2018 No Comments

Job Description

Are you a former systems or network engineer who’s since focused on cybersecurity?  Are you an auditor with a strong technical understanding of IT controls?  Perhaps both?  If so, and you have experience with the Payment Card Industry (PCI) Data Security Standards (DSS), we have a great opportunity for you. 

Security Assessors manage and complete complex PCI and Payment Application (PA) DSS assessments, cybersecurity risk assessments, and consultations.  Successful candidates must possess deep technical knowledge, risk management, and project management experience, as well as exhibit maturity, confidence, and strong communication and time management skills.


Founded in 1997, Fortrex, LLC, a Drummond Group company, is focused on delivering IT security, operational risk, and regulatory compliance services with a mission to be our clients’ long-term, trusted security, risk management, and compliance advisors.  Our handpicked team ensures every customer confidentiality, integrity, and availability through world-class, enterprise-wide information security services and solutions that are scalable, repeatable, and affordable. Our experience further establishes us as an authoritative resource for PCI DSS, HITRUST, HIPAA/HITECH, NIST, SOC2, and ISO, as well as other standards, frameworks, and regulations.

In working with Fortrex, you will participate in transforming challenging technical issues into logical business objectives. In a world of technological change, Fortrex helps you to take control.



  • At least 3 years of experience in conducting PCI DSS assessments or managing internal PCI DSS compliance.
  • Minimum of 5 years in Information Security, Cybersecurity Audit and or Compliance
  • More than 2 years of experience in roles specific to technical controls
  • Knowledge of and demonstrated practical experience preferred includes:
  • Security architecture
  • Configuration management
  • Vulnerability management
  • Policy and procedure development.
  • Writing detailed technical reports and Executive Summaries.
  • Project management and PMBOK best practices including time management, delivery, and communications
  • FFIEC and/or NCUA cybersecurity assessments
  • Strong written and oral communication skills.
  • Ability to translate technical knowledge to non-technical audiences
  • Experience with both client and executive communications
  • Professional certifications including CISSP, CISM, ISO 27001 Lead Auditor, CISA, CRISC, PMP, and/or ITILv3F preferred.
  • Payment Card Industry (PCI) certification including QSA, PA-QSA, ISA, and/or PCIP preferred.
  • Bachelor degree, preferably in Information Technology, Computer Science, or Business; or equivalent experience required. Fortrex will evaluate the accreditation status of the universities and the accreditation status of the degree conferred.
  • Candidates must be willing to travel up to 35% of the time.

This position will work remotely.


Drummond Group is an Equal Opportunity Employer. This company does not and will not discriminate in employment and personnel practices on the basis of race, sex, age, disability, religion, national origin or any other basis prohibited by applicable law. Hiring, transferring and promotion practices are performed without regard to the above-listed items.