Full-Time PCI Penetration Testing Coordinator

• Managing and maintaining PCI ASV scan schedules.
• Initiating and tracking ad hoc scans.
• Validating remediation of vulnerabilities.
• Acting as the single point of contact for the ASV vendor.
• Negotiating false positives and scan disputes with the vendor.
• Coordinating annual and ad hoc PCI penetration tests.
• Scoping, scheduling, and executing penetration tests internally.
• Performing manual and automated testing techniques.
• Analyzing test results, documenting findings, and providing remediation guidance.
• Tracking remediation efforts.
• Generating and maintaining reports for internal stakeholders.
• Interfacing with business unit technical teams.
• Providing guidance and support to teams with limited PCI knowledge.

• Bachelor’s Degree in an IT-related field or equivalent work experience.
• Minimum 3–5 years of experience in PCI compliance, vulnerability management, or penetration testing.
• Strong understanding of PCI DSS requirements.
• Proficiency in penetration testing methodologies (OWASP, NIST SP 800-115, PTES).
• Experience with tools such as Burp Suite, Nmap, Nessus, Metasploit, Kali Linux, and scripting (Python, Bash).
• Working knowledge of network protocols, web application architecture, and common vulnerabilities.
• Experience working with external vendors and internal technical teams.
• Excellent organizational, communication, and documentation skills.
• Ability to manage multiple concurrent projects and deadlines.

• Offensive Security Certified Professional (OSCP)
• GIAC Penetration Tester (GPEN)
• Certified Ethical Hacker (CEH)

• PCI Internal Security Assessor (ISA)
• GIAC Web Application Penetration Tester (GWAPT)
• CISSP or CISM

What is the last date for applying to the job?

Which countries are accepted for this remote job?