Senior Information Security Consultant - QSA

Description

3B Data Security, a UBDS Group company, is seeking an experienced and highly motivated Senior Information Security Consultant with active PCI Qualified Security Assessor (QSA) status. The successful candidate will play a critical role in delivering high-quality information security consulting services to clients, encompassing PCI DSS (Payment Card Industry Data Security Standard) compliance, ISO 27001 implementation, Virtual Chief Information Security Officer (vCISO) engagements, and broader governance, risk, and compliance (GRC) support.

As a senior member of the consulting team, you will lead on complex projects, act as a subject matter expert, support business development, and contribute to the strategic growth of the organisation. You will have the opportunity to engage across diverse information security domains and help shape the direction of a growing and dynamic business.

• Deliver high‑quality PCI DSS assessments, including Report on Compliance (RoC) production for merchants and service providers.
• Lead and deliver consultancy engagements such as ISO 27001 audits and implementations, GDPR assessments, risk assessments, policy development, and vCISO support.
• Act as a trusted advisor to clients, ensuring pragmatic and tailored guidance aligned with regulatory requirements and business needs.
• Mentor junior consultants, providing technical oversight, guidance, and quality assurance on engagements.
• Contribute to the development and delivery of internal training materials and client‑facing information security training courses.
• Support the Leadership Team in identifying and developing new business opportunities.
• Lead the scoping and conversion of new client engagements, contributing to bid writing and client proposals.
• Provide escalation support for complex security queries and technical decision‑making.
• Maintain and enhance knowledge of PCI‑related standards (e.g., PCI P2PE, PCI PIN) and emerging areas such as cyber resilience, digital forensics, and incident response.

• Current PCI QSA (Qualified Security Assessor) certification.
• At least 5 years of experience in an information security consultancy role, with significant exposure to PCI DSS and ISO 27001.
• Demonstrable experience producing RoC documentation and conducting complex PCI‑DSS assessments.
• Strong knowledge of security standards and frameworks, including Cyber Essentials, DPA 2018, GDPR, NIST, and SOX.
• ISO 27001 Lead Auditor or Implementor certification.
• Excellent communication and stakeholder engagement skills with a client‑focused approach.
• Proven ability to manage multiple concurrent engagements autonomously.
• Full UK working rights and willingness to travel nationally and internationally as required.

• CISSP or CISM certification.
• Experience with Cyber Essentials Plus assessments, vulnerability assessments, or Cyber Advisor schemes.
• Interest in adjacent domains such as PCI P2PE, PCI PIN, automotive security, digital forensics, and penetration testing.

Professionals choose to grow their careers at UBDS Group for its reputation as a dynamic and forward‑thinking organisation that is deeply committed to innovation and employee development. Employees are given unique opportunities to work on cutting‑edge projects across diverse industries, fostering continuous improvement, mentorship, and the chance to gain certifications that enhance career progression.

• Training – a range of technical, business, and methodological development options for personal growth.
• Private medical cover for you and your spouse/partner, offered via Vitality.
• Discretionary bonus based on personal and company performance.
• Holiday – 25 days plus 1 day for birthday, 1 day for work anniversary, and UK bank holidays.
• Electric vehicle leasing with salary sacrifice.
• Contributed pension scheme.
• Death in service cover.

At UBDS Group our mission is to support entrepreneurs who are setting new standards with technology solutions across cloud services, cybersecurity, data, and AI, ensuring every investment advances innovation, makes a difference, and creates impactful solutions for organisations and society.

We are an equal opportunities employer and do not discriminate on the grounds of gender, sexual orientation, marital or civil partner status, pregnancy or maternity, gender reassignment, race, colour, nationality, ethnic or national origin, religion or belief, disability or age.