Lead PCI-DSS assessments and SSF validations, document findings, support pre-sales efforts, and maintain client relationships within payment security compliance.
Senior Consultant - SSF Assessor
at Tevora
Irvine, CA or Fairfax, VA
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the role?
Tevora is seeking a PCI QSA + SSF (Secure Software Framework) Consultant to join our growing Payments Compliance team. This team plays a crucial role in helping some of the world's largest organizations secure their payment systems and software, ensuring full compliance with PCI-DSS and SSF standards. As a key contributor, you will be responsible for guiding clients through the complexities of payment security and performing secure software validations.
The successful candidate will have exceptional attention to detail, a proactive attitude, and a passion for solving complex security challenges. Strong communication skills and technical writing abilities are essential, as you will be working closely with clients and documenting your findings. Staying current with evolving security standards and continuously improving your technical knowledge will be critical for success in this role.
A day in the life could include:
- Leading PCI-DSS assessments and Secure Software Standard validations for clients to ensure full compliance with payment security requirements.
- Performing Secure Software Standard testing procedures on payment applications, ensuring compliance with SSF guidelines.
- Writing detailed Secure Software Standard Reports on Validation (ROV), documenting findings and providing recommendations.
- Collaborating with development teams to help implement secure software practices and ensure PCI compliance.
- Supporting pre-sales efforts by scoping SSF-related engagements, preparing proposals, and participating in client presentations.
- Building and maintaining strong professional relationships with clients, offering expert guidance throughout the compliance process.
- Working closely with marketing to produce thought leadership content around PCI-DSS, SSF, and payment security trends.
Necessary skills and qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
- Secure Software Assessor Certification (with a valid listing on the PCI SSC website) is required.
- PCI Qualified Security Assessor (QSA) certification is also required.
- Experience performing at least one Secure Software Standard validation in the past year.
- Strong knowledge of Secure Software Standard testing procedures and the ability to apply these to payment applications.
- Demonstrated experience writing Secure Software Standard Reports on Validation (ROV) with attention to detail and clarity.
- Strong communication skills for building and maintaining relationships with clients.
- Ability to explain technical details clearly to non-technical stakeholders.
Bonus Points:
- Secure Software Lifecycle (SLC) Certification and experience is preferred but not required.
- Additional experience with other payment security standards, such as P2PE.
- Certifications such as CISSP, CISM, or CSSLP.
- Experience working with large, global organizations in complex compliance environments.
We've got you covered!
- Comprehensive benefits including: Medical, Dental, Vision & Basic Life Insurance
- Paid Vacations, Sick Time, & Holidays
- 401 (k) with discretionary company match
- Vibrant work culture
Additional requirements:
- Eligibility to work in the United States.
- Must work a hybrid schedule at our Irvine, CA or Fairfax, VA office.
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.
Top Skills
Payment Security
Pci-Dss
Secure Software Framework
Secure Software Standard Testing
Similar Jobs
Fintech • Financial Services
The Marketing Campaign Specialist will execute data-driven marketing campaigns, manage CRM strategies, and collaborate with teams to enhance customer experiences.
Top Skills:
GCPHubspotLookerSalesforce Marketing CloudSigma Computing
Fintech • Financial Services
The Business Analyst will analyze and manage revenue data, optimize processes, and support strategic decision-making in the Commercial Operations team.
Top Skills:
Hubspot,GongSalesforceSQL
.png)
Food • Software
As a Senior Data Analyst, you will analyze data, build predictive models, create dashboards, and present insights to support strategic decision-making.
Top Skills:
LookerPythonRSQLTableau
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
