Qualified Security Assessor

• Work on Client identified PCI-related gaps in many of its systems and processes
• Transform the enterprise to evangelize PCI Compliance as a standard operating procedure.
• Establish Program Framework
• Define organizational roles & responsibilities
• Update critical processes, e.g. scope/descope
• Work on FY26 plan & budget forecast
• Discover and Document Enterprise Landscape
• Prioritize past audit findings
• Establish Remediation Framework and plan
• Deploy automation for data lineage, dependency and impact analysis
• Create program metrics and governance framework
• Build complete PCI / Non-PCI asset inventory
• Elaborate PCI related policies and procedures
• Initiate design and implementation for priority items
• Define Tokenization, Encryption & Key Management Strategies
• Ensure alignment with PCI 4 requirements
• Transition to PCI as core discipline
• Preform PCI Scope Reduction
• Modernize and embed PCI Processes
• Integrate enterprise compliance

Required:

• Must be Certified PCI DSS QSA from PCI Security Standards Council.
• 10+ years overall experience as an IT Professional – Infrastructure, Security, Data Engineering and/or Multi-tiered complex application architecture
• 5+ years of experience with PCI DSS audits
• Expert in PCI DSS standards and compliance requirements
  • Must be able to determine whether the system is subject to PCI audit
  • Clear experience and ability to identify technical, process and documentation requirements to descope systems
• Demonstrated experiences partnering with clients to remediate PCI findings including descoping systems, securing PCI data and ensuring documentation compliance
• Experience establishing PCI compliance programs within complex organizations with a broad range of technology platforms
• Banking, Payments and/or Financial Services experience
• Experience with diverse technology platforms and heterogenous systems (Window/.Net, SQL Server, Java, Linux, Oracle, Cobol, Mainframe, AS400/I-Series, other)
• Strong understanding of Infrastructure storage and network architecture and design for PCI compliance
• Experience with designing/implementing Encryption, Tokenization and other data security mechanisms to either descope systems or bring into compliance
• Excellent verbal and written communication skills
• Must be able to travel for client meetings

GalaxE, now Endava, is a professional IT services firm that specializes in platform-driven solutions and the use of automation to achieve enterprise business transformation and mission-critical change for some of the largest companies in the world. Using our proprietary solution set, GxFource®, we apply machine learning techniques and predictive analytics tools as part of a broad artificial intelligence strategy that provides effective impact and data-driven business transformation. 

Since its founding, GalaxE has been dedicated to advancing the benefits of technology. Recently, we have joined forces with Endava, to offer our employees global exposure and enhanced opportunities. As we continue that legacy and look to the future, a focus on business enablement through agile, cost-efficient, and effective integration of people, process, and technology anchors our success. We revolutionize change in the costs of doing business that transform companies and their ability to leap beyond the competition.

We value people and are committed to diversity and inclusion where our employees are made to feel comfortable and are encouraged to be authentic.

We are always looking for passionate, entrepreneurial-minded innovators and disrupters; game-changers that take ownership of the work they produce and bring it each and every day. Working with like-minded team members you will get a chance to discover, develop, and use cutting-edge technologies to transform the way we deliver creative business solutions.

Sound like you? Join us and find out for yourself what it means for you, and your career, to be part of the GalaxE team. Let’s build something, together.

*Equal Opportunity Employer/Veterans/Disabled

** Pay is based on several factors including market location and may vary depending on actual job-related knowledge, skills, and experience.

Physical Requirements:

• Prolonged periods of remaining stationary at a desk and working on a computer
• Must be able to lift to 15 lbs., as needed
• Must be able to work on-site (corporate/client offices), as needed (not applicable for 100% remote roles)
• Occasionally required to bend, kneel, crouch, and reach overhead.
• Hand-eye coordination necessary to operate computers and various pieces of office equipment. 
• Specific vision abilities required include close vision, the ability to tolerate fluorescent lighting, and the ability to adjust focus.

Employees must be able to perform the physical requirements of the position satisfactorily and, if requested, reasonable accommodations will be made to enable employees requiring accommodations to perform the essential functions of their jobs, absent undue hardship.

For more information, please visit https://info.endava.com/galaxe-has-joined-endava