As a Technical Payments Consultant QSA, provide expert guidance on payment security and compliance, conduct assessments, and enhance security measures for clients in the payments industry.
Technical Payments Consultant (QSA)
at Tevora
Irvine, CA, or Fairfax, VA
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the Role?
As a Technical Payments Consultant and Qualified Security Assessor (QSA), you will play a critical role in providing expert guidance and technical expertise to clients in the payments industry. You will be responsible for assessing and ensuring the security and compliance of payment systems, applications, and processes. Your experience as a PCI QSA will be instrumental in evaluating, recommending, and implementing robust security measures to protect sensitive payment data and maintain regulatory compliance.
A day in the life could include:
Payment Security Assessments:
•Conduct comprehensive and detailed assessments of clients' payment systems, applications, and processes to identify potential security vulnerabilities and compliance gaps.
•Evaluate and analyze payment architectures, technologies, and payment processing environments to ensure they meet industry standards and regulatory requirements.
Compliance and Certification:
•Leverage your expertise as a Qualified Security Assessor (QSA) to guide clients through the compliance process, ensuring adherence to relevant industry standards such as PCI DSS, PA-DSS (or SSF), and other payment-related regulations.
•Assist clients in obtaining and maintaining relevant certifications and compliance reports.
Security Recommendations and Remediation:
•Provide clients with detailed recommendations and strategies to enhance the security posture of their payment systems and applications.
•Collaborate with client teams to develop and implement effective remediation plans to address identified security vulnerabilities and compliance issues.
Technical Consultation:
•Offer technical expertise and guidance to clients on implementing secure payment technologies, encryption methods, secure data storage, and secure coding practices.
•Advise clients on best practices for securing payment card data and sensitive financial information.
Client Relationship Management:
•Establish and maintain strong working relationships with clients, acting as a trusted advisor on payment security matters.
•Serve as the primary point of contact for technical discussions and security-related inquiries.
Industry Awareness:
•Stay up-to-date with the latest trends, developments, and regulatory changes in the payments industry and cybersecurity domain.
•Continuously improve your knowledge and skills to remain at the forefront of payment security practices.
Qualifications and Skills:
- Minimum of 1 year of experience as a PCI Qualified Security Assessor (QSA), conducting payment security assessments and ensuring compliance with industry standards such as PCI DSS.
- Bachelor's degree in Computer Science, Information Security, or a related technical field in STEM.
- Strong analytical and problem-solving skills, with the ability to identify security risks and recommend appropriate solutions.
- Excellent communication and interpersonal skills, with the ability to convey technical concepts to both technical and non-technical audiences.
- Proven ability to work independently and in cross-functional teams to achieve project objectives.
- In-depth knowledge of payment security technologies, payment processing, encryption, and tokenization methods.
- Familiarity with industry frameworks and standards, including PCI DSS, PA-DSS (or SSF), ISO 27001, and NIST Cybersecurity Framework.
- A commitment to maintaining the highest level of confidentiality and professionalism.
Additional Qualifications:
- Valid driver's license as driving will be required in this role
- Eligible to work in the United States
Benefits:
- Comprehensive Healthcare Benefits
- 401k w/ Employer Matching
- Catered Lunches/Restaurants on Campus at HQ
- Paid Vacations
- Paid Holiday
- Vibrant Work Culture
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.
Top Skills
Encryption
Iso 27001
Nist Cybersecurity Framework
Pa-Dss
Pci Dss
Tokenization
Similar Jobs
Artificial Intelligence • Fintech • Payments • Financial Services • Generative AI
As a GRC Specialist, you will manage security controls, design compliance programs, maintain standards, and facilitate cross-team collaboration for information security.
Top Skills:
Iso 27001Pci-DssSoc2
Artificial Intelligence • Cloud • HR Tech • Information Technology • Productivity • Software • Automation
Design and engineer secure networking solutions, manage firewalls, develop mitigation strategies, and ensure compliance for Federal environments.
Top Skills:
AnsibleBgpCiscoFortinet FortiosIpsecJuniperLinuxMplsNetwork SecurityNext-Generation FirewallsOspfPalo Alto Pan-OsPrisma AccessPythonSsl VpnsTcp/IpVpn Technologies
Cloud • Consumer Web • eCommerce • Information Technology • Software
Responsible for securing cloud infrastructure, responding to incidents, ensuring compliance, and mentoring teams while implementing security practices across GCP and AWS.
Top Skills:
Api SecurityAWSBashCi/Cd ToolsCloudFormationCspmCwppDockerEdrGCPGoIamKubernetesPythonSIEMTerraform
What you need to know about the Boston Tech Scene
Boston is a powerhouse for technology innovation thanks to world-class research universities like MIT and Harvard and a robust pipeline of venture capital investment. Host to the first telephone call and one of the first general-purpose computers ever put into use, Boston is now a hub for biotechnology, robotics and artificial intelligence — though it’s also home to several B2B software giants. So it’s no surprise that the city consistently ranks among the greatest startup ecosystems in the world.
Key Facts About Boston Tech
- Number of Tech Workers: 269,000; 9.4% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Thermo Fisher Scientific, Toast, Klaviyo, HubSpot, DraftKings
- Key Industries: Artificial intelligence, biotechnology, robotics, software, aerospace
- Funding Landscape: $15.7 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Summit Partners, Volition Capital, Bain Capital Ventures, MassVentures, Highland Capital Partners
- Research Centers and Universities: MIT, Harvard University, Boston College, Tufts University, Boston University, Northeastern University, Smithsonian Astrophysical Observatory, National Bureau of Economic Research, Broad Institute, Lowell Center for Space Science & Technology, National Emerging Infectious Diseases Laboratories
