QSA Consultant

Location:
Birmingham
Job Type:
Permanent
Industry:
Cyber Security
Job reference:
BBBH233121_1744362573
Posted:
8 days ago

About LRQA Nettitude

Founded in 2003, LRQA Nettitude is a global leader in cyber security, offering world-class services in red teaming, penetration testing, threat intelligence, R&D, detection and response, and GRC. Our clients range from central banks and government bodies to major retailers and critical national infrastructure.

We're an award-winning cyber security provider at an exciting stage of growth. As technology and threats evolve, we're looking for talented individuals to help us stay at the forefront of the industry.

The Role - QSA Consultant (UK, Remote)

We're looking for a QSA to join our GRC team in a home-based role, with travel to client sites (mostly in the UK). You'll deliver security consultancy in areas including:

  • PCI DSS consultancy and assessments

  • ISO 27001 gap analysis and implementation support

  • Risk assessments and third-party risk management

  • Reviews against standards like NCSC's 10 Steps and NIST CSF

Requirements

Essential:

  • Active QSA with experience in complex PCI DSS assessments

  • ISO 27001 experience, including ISMS implementation and certification

  • Familiar with NIST CSF and basic IT/security concepts (networking, OS, etc.)

  • Comfortable leading client-facing consultancy work

  • Self-organized and quality-focused

Desirable:

  • Knowledge of NIS directive, NCSC CAF, or CAA ASSURE

  • Experience presenting to C-level audiences

  • Mentoring or team leadership experience

  • Security awareness training delivery

  • Hands-on technical experience (past or present)

Certifications

As a QSA, you must meet PCI SSC requirements (certs from List A & B). Useful certifications include:

  • ISO 27001 Lead Auditor/Implementer

  • CISSP, CISM, CISA, CRISC

What We Offer

Join a high-performing, people-focused team with a strong culture of collaboration. We support remote work, personal growth, and getting involved in the broader cyber community.

You'll have opportunities to:

  • Make a difference - shape services and challenge the status quo

  • Get involved - blog, speak, or attend industry events

  • Keep learning - beyond certifications, explore new domains and ideas

Back to Search Results