Support PCI DSS assessments by evaluating payment systems for security vulnerabilities, helping document compliance, and contributing to security recommendations while pursuing QSA certification.
PCI Technical Payments Analyst (QSA Track)
at Tevora
Irvine, CA
If you haven't heard of Tevora, it's because we've done our job!
Tevora is a tight-knit community of professionals with a shared passion for our craft. Every day, we combine in-depth knowledge of cybersecurity, technology, and compliance to help create more secure digital environments. To Tevorans, every problem is a puzzle in need of solving. We strongly believe that if we put smart, driven people in a room together, they will accomplish great things. We maintain a supportive culture that celebrates continuous learning, diverse perspectives, and sharing the wins. That's why we have our eyes on you.
What's the role?
As a Technical Payments Analyst (QSA Track), you will support consultants and PCI Qualified Security Assessors (QSAs) in delivering payment security and compliance assessments for clients in the payments industry. This role is intended for professionals already working with PCI DSS who want to deepen their assessment experience and progress towards PCI QSA qualification.
In this role, you will contribute to evaluating payment environments, reviewing documentation and evidence, and identifying gaps in security controls across payment systems, applications, and processes. Working closely with experienced QSAs, you will help assess and document controls designed to protect sensitive payment data and support PCI DSS compliance while continuing to build the experience required for QSA certification.
A day in the life could include:
- Participate in PCI DSS assessments of client payment systems, applications, and processes to identify potential security vulnerabilities and compliance gaps.
- Assist in reviewing payment architectures, technologies, and processing environments to evaluate alignment with industry security standards and compliance requirements.
- Support the collection, analysis, and documentation of evidence related to payment security controls.
- Work alongside experienced QSAs and consultants to help clients navigate payment security standards such as PCI DSS, SSF (or PA-DSS), and other payment domain requirements.
- Contribute to assessment documentation, compliance reports, and supporting materials used in certification and validation processes.
- Gain practical experience with PCI assessment methodologies as part of the path toward QSA qualification.
- Assist in developing recommendations to strengthen the security posture of client payment systems and applications.
- Collaborate with consultants and client teams to help track and document remediation efforts addressing identified vulnerabilities and compliance gaps.
- Support consultants in advising clients on secure payment technologies, encryption approaches, secure data storage, and secure development practices.
- Participate in technical discussions related to protecting payment card data and sensitive financial information.
- Build productive working relationships with client stakeholders while supporting engagement teams during assessments and advisory activities.
- Participate in client meetings, workshops, and technical discussions as part of the assessment process.
- Stay current with emerging cybersecurity threats, evolving payment security standards, and trends impacting the payments ecosystem and cybersecurity threat landscape.
- Continuously develop technical and compliance expertise in preparation for pursuing QSA certification.
Payment Security Assessments:
Compliance and Certification:
Security Recommendations and Remediation:
Technical Consultation:
Client Relationship Management:
Industry Awareness:
Necessary skills and qualifications:
- Minimum of 1 year of experience participating in PCI DSS assessments or supporting PCI compliance engagements, such as evidence review, control validation, gap analysis, documentation preparation, or quality assurance.
- Ideal candidate has experience contributing to PCI DSS Reports on Compliance (ROC), Self-Assessment Questionnaires (SAQ), or PCI gap assessments.
- Demonstrated interest in advancing a career in payment security and progressing towards PCI Qualified Security Assessor (QSA) certification.
- Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related STEM field (or equivalent practical experience).
- Strong analytical and problem-solving skills, with the ability to identify security risks and contribute to recommending appropriate solutions.
- Excellent communication and interpersonal skills, with the ability to convey technical concepts to both technical and non-technical audiences.
- Ability to work independently and collaboratively within cross-functional teams to support client engagements and project objectives.
- Foundational understanding of cybersecurity principles, including areas such as network security, access control, encryption, and secure system design.
- Exposure to payment technologies, payment processing environments, or compliance frameworks is a plus, including PCI DSS, SSF (or PA-DSS), ISO 27001, and NIST Cybersecurity Framework.
- A commitment to maintaining the highest level of confidentiality and professionalism.
Preferred Certifications
(Not required but beneficial)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- ISO 27001 Lead Auditor
Additional requirements:
- Eligibility to work in the United States.
We've got you covered!
- Comprehensive benefits including: Medical, Dental, Vision & Basic Life Insurance
- Paid Vacations, Sick Time, & Holidays
- 401 (k) with discretionary company match
- Vibrant work culture
EEOC Statement
Tevora is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or other applicable legally protected characteristics.
Top Skills
Cybersecurity Principles
Encryption
Iso 27001
Nist Cybersecurity Framework
Pa-Dss
Pci Dss
Ssf
Tevora Irvine, California, USA Office
Irvine, CA, United States
Similar Jobs
Artificial Intelligence • Big Data • Healthtech • Information Technology • Machine Learning • Software • Analytics
The Business Process Analyst will manage membership activities, drive collaboration with stakeholders, develop training materials, create workflows, and present performance reports.
Top Skills:
AvailityExcelMicrosoft PowerpointMicrosoft Word
.png)
Consumer Web • eCommerce • Marketing Tech • Retail • Software • Analytics • Generative AI
As a Solutions Engineer, you will lead technical strategy for complex Mid-Enterprise deals, architect solutions, and enhance customer engagements by leveraging AI and automation to drive revenue outcomes.
Top Skills:
Javascript FrameworksNode.jsPythonReactRestful ApisSQL
Aerospace • Artificial Intelligence • Hardware • Robotics • Security • Software • Defense
The role involves performing structural analyses, developing FEM, collaborating with engineers, conducting validation testing, and documenting methodologies.
Top Skills:
AbaqusAnsysMatlabNastranNxPythonSolidworks
What you need to know about the Los Angeles Tech Scene
Los Angeles is a global leader in entertainment, so it’s no surprise that many of the biggest players in streaming, digital media and game development call the city home. But the city boasts plenty of non-entertainment innovation as well, with tech companies spanning verticals like AI, fintech, e-commerce and biotech. With major universities like Caltech, UCLA, USC and the nearby UC Irvine, the city has a steady supply of top-flight tech and engineering talent — not counting the graduates flocking to Los Angeles from across the world to enjoy its beaches, culture and year-round temperate climate.
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
