[Remote] Senior Information Security Consultant, QSA

Note: The job is a remote job and is open to candidates in USA. Sikich is a global company specializing in Accounting, Advisory, and Technical professional services. They are seeking an experienced Information Security Consultant (QSA) to assist clients in meeting their compliance obligations by evaluating business technology and operations against top security standards and mentoring other consultants on best practices. Responsibilities • Assist clients in meeting compliance obligations by evaluating business, technology & operations against security standards (ex. PCI DSS, NIST, CMMC) • Produce detailed, high-quality reports for clients & industry third parties (ex. payment card brands & the PCI Security Standards Council) • Take ownership of project work, such as a PCI DSS assessment, from start to finish including deliverables and work product • Act as a mentor and coach for other consultants on PCI compliance and security best practices • Serve as a SME to Sikich customers assisting them with developing and/or maintaining their security program • Develop and maintain technology related policies, procedures, and standards that address requirements related to strategies, regulations, business & technology risks, and industry standards • Execute control reviews across technology and business teams to address risk and compliance against various industry and technology frameworks outside of the PCI DSS (i.e., SSAE18 SOC2; NIST Cybersecurity Framework, CIS, and ISO27001) • Assist clients in meeting compliance obligations by evaluating business, technology & operations against security standards (ex. HIPAA, PCI, NIST, CMMC, etc.) • Contribute to assessment methodology, project planning, reporting, budgeting, and scheduling • Share expertise to help make top-level decisions on strategy & scope of engagements • Provide clear, organized findings & recommendations to clients & be able to track progress towards resolution • Analyze requirements & work closely with team members to produce results aligned to client needs • Work closely with the project team to ensure high-quality standards • Learn from the Security group & contribute tools, industry news & lessons learned back to the team • Efficiently juggle several concurrent client projects at any given point in time • May require some domestic & international travel to client sites & events (up to 50%) Skills • Bachelor's degree in computer science, information technology, or related field, or equivalent practical experience • Must have a minimum of three years' experience performing security assessments for PCI compliance as a QSA • Current QSA certification from the PCI Security Standards Council, or ability to obtain it within one month of hire • Strong demonstrated experience in assessing, developing, and implementing cybersecurity risk management programs that integrate with Enterprise Risk Management within an organization • Ability to present security concepts & findings to technical & functional audiences • Willingness to obtain additional professional certifications • Strong analytical & problem-solving skills, with excellent written & verbal communication skills • Ability to work independently and collaboratively with clients and team members and manage multiple projects and deadlines • Willingness to travel up to 50% of the time to client sites, as needed • Servant Leader – You are hyper focused on engaging employees, fostering their development, and building a positive culture • Solutions Focused – You see opportunities in every business problem and can develop, articulate, and implement solutions • Collaboration – You are a relationship builder across all levels of the organization and across all business units • Instills Trust - You do what you say, and you follow through on commitments, you act with integrity, you are consistent and are perceived as credible • Impact & Influence Thinking – You gain support for ideas, proposals, and solutions, and get others to act, with or without formal authority, to advance initiatives/objectives • Audit or security certifications (e.g., CRISC, CRMP, CISSP, CISM, CISA) preferred • Membership in relevant organizations (ex. OWASP, InfraGard, or ISSA) desired Benefits • Flexible Time Off (FTO) Policy • Paid holidays during the year • Comprehensive wellness program • Flexible work arrangements • Health, dental, vision, life, and accident/death/disability insurance options • HSA employer contribution • Nine (9) paid holidays annually. • Robust paid Parental Bonding Leave program covering birth, adoption, and foster children. • 401(k) with employer contributions • CPA bonus with four (4) paid exam days & four (4) paid study days. • Tuition reimbursement • Generous employee referral bonus program • Client referral bonus program • Pet insurance • FORCE – Sikich community volunteer program enabling each team member to use up to four hours of paid time annually to volunteer and make a difference in their local communities. Company Overview • Sikich is a Chicago-based investment banking firm offering expert M&A and capital markets advisory services tailored to the middle market. It was founded in 1982, and is headquartered in Naperville, Illinois, USA, with a workforce of 1001-5000 employees. Its website is Company H1B Sponsorship • Sikich has a track record of offering H1B sponsorships, with 3 in 2025, 5 in 2024, 1 in 2022, 1 in 2021, 2 in 2020. Please note that this does not guarantee sponsorship for this specific role. Apply tot his job