Information Security Consultant

Advantio is a leading Cyber Security and Managed Security Services (MSS) provider that helps businesses fight Cybercrime, protect data and reduce security risk. Offering a comprehensive portfolio of Cyber Security Advisory & Testing Services, Managed Security Services, Technology Solutions and Cyber Security Education, Advantio is the security partner of choice for many large corporate enterprises globally covering a wide range of industries including but not limited to banking, insurance, gambling, travel, retail, telco, oil & gas and public sector bodies. Advantio primarily serves the Payment Card Industry and when it comes to payment transactions, has been recognised by VISA as one of Europe’s top Qualified Security Assessor (QSA) providers.

*
Role*

Due to our continued expansion we now have an immediate opening for a **_Security Consultant_** in Europe*
Mission: to lead Cyber Security Consultancy engagements with clients and customer within financial services and payment card industries. Focusing on delivery of PCI DSS and/or PA-DSS Information Security compliance assessments, Cyber Security Maturity Assessments and ISO27001 engagements.

*
Responsibilities*

Main:

- Lead customer engagements and provide senior cyber security advice and services to a broad range of clients and industries.
- Provide detailed analytical reporting, internal reporting metrics and program management.
- Provide leadership and mentorship to Junior consultants.

Preliminary Analysis:

- Identifying all the stakeholders, sponsors, technical references (e.g. IT Project Manager, Software Engineer, Security Analyst) of the client in order to define the initial conditions and the needs analysis

Gap Analysis and Scoping
- Review of all locations and flows of cardholder data, as well as asset inventories
- Conducting PCI standards interviews to have a complete map of information/data workflows, processes and procedures, payment card data flow, information security controls
- Conducting technical interviews to understand eventual data security problems from in-depth technical point of view
- Producing Scoping and Gap Analysis Documentation

Remediation
- Providing the customer with a remediation plan/gap report
- Guiding and supporting all the remediation processes ensuring that the gaps are mitigated correctly

Formal Assessment
- Conducting technical interviews to understand eventual data security problems from in-depth technical point of view
- Analysis of network diagrams, asset lists to understand the infrastructure used by the customers

Documentation
- Preparation, validation and approval Reports on Compliance (RoC) and/or Reports of Validation (RoV) according to the standard templates provided by PCI SSC
- Preparation, validation and approval of Attestation of Compliance (AoC) and/or Attestation of Validation (AoV) according to the standard templates provided by PCI SSC
- Submission all the documentation to PCI SSC for the final approval in case of PA-DSS process (signed RoV, AoV, Implementation Guide and Vendor Release Agreement)

**Knowledge and Skills (Security Consultant)**
- Information Security Experience
- PCI DSS (PA-DSS, P2PE, PCI 3DS), GDPR
- Virtualization
- Cloud technologies
- Authentication methods and techniques
- Integrity controls
- Networking
- Operating Systems (Linux/Unix, Windows)
- Italian and English fluency

**Values and Competencies**
- Problem Solving (analysis, helicopter view, problem setting, decision making)
- Planning and Organization (time management, scheduling and control)
- Communication (clearness, listening, persuasion)
- Networking (reinforce relationships, use emotional intelligence and personal proximity)
- Results Orientation (delivering solutions, work under pressures

**Advantio Core Values**
- Harmony, always strive to create harmony
- Openness, always be open
- Social Responsibility, be socially responsible
- Timeless, whatever you build make it timeless
- Accommodating, make our customers feel at Home
- Learning, be a Learn it all
- Deliver, Results