SSF Assessor

1 week ago

Reston, Virginia, United States Tevora Full time
Job Overview

Tevora is seeking a highly skilled PCI QSA + SSF Consultant to join our Payments Compliance team. As a key contributor, you will be responsible for guiding clients through the complexities of payment security and performing secure software validations.

Key Responsibilities
  • Lead PCI-DSS assessments and Secure Software Standard validations for clients to ensure full compliance with payment security requirements.
  • Perform Secure Software Standard testing procedures on payment applications, ensuring compliance with SSF guidelines.
  • Write detailed Secure Software Standard Reports on Validation (ROV), documenting findings and providing recommendations.
  • Collaborate with development teams to help implement secure software practices and ensure PCI compliance.
  • Support presales efforts by scoping SSF-related engagements, preparing proposals, and participating in client presentations.
  • Build and maintain strong professional relationships with clients, offering expert guidance throughout the compliance process.
  • Work closely with marketing to produce thought leadership content around PCI-DSS, SSF, and payment security trends.
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
  • Secure Software Assessor Certification (with a valid listing on the PCI SSC website) is required.
  • PCI Qualified Security Assessor (QSA) certification is also required.
  • Experience performing at least one Secure Software Standard validation in the past year.
  • Strong knowledge of Secure Software Standard testing procedures and the ability to apply these to payment applications.
  • Demonstrated experience writing Secure Software Standard Reports on Validation (ROV) with attention to detail and clarity.
  • Strong communication skills for building and maintaining relationships with clients.
  • Ability to explain technical details clearly to non-technical stakeholders.
Preferred Qualifications
  • Secure Software Lifecycle (SLC) Certification and experience is preferred but not required.
  • Additional experience with other payment security standards, such as P2PE.
  • Certifications such as CISSP, CISM, or CSSLP.
  • Experience working with large, global organizations in complex compliance environments.
What We Offer
  • Comprehensive benefits offering
  • Paid time off and holidays
  • 401k with Company match
  • Vibrant work culture
Equal Opportunity Employer

Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.