Senior Security Consultant – PCI-QSA | Remote | LATAM

This a Full Remote job, the offer is available from: Brazil

JOB DESCRIPTION

Transform the Future of Application Security with Conviso!

Our purpose is to empower developers to build more secure applications, helping companies achieve greater maturity in secure development, mitigate risks, and protect what matters most: their business. We are driven by innovation, investing in research and new technologies to transform the culture of application security around the world.

In 2025, Conviso acquired Matrix Cyber Security, a company recognized by the PCI Security Standards Council as a qualified organization to conduct official compliance audits. We are currently hiring for the position of Senior Security Consultant | PCI-QSA - LATAM, to contribute directly to assessment and compliance projects in information security.

In this role, you will act as an auditor and assessor, collaborating with internal teams and clients from various industries, depending on the nature of each project. We are looking for someone with a sharp analytical mindset and critical thinking skills, capable of evaluating environments, controls, and security processes with accuracy — ensuring compliance with required standards and the effectiveness of implemented practices.

Here at Conviso, we believe that great results come from people who are passionate about hacking and who share our commitment to making the world a safer place. Our culture is transparent, collaborative, and focused on continuous learning. We are also an anywhere office team, with people working from over 34 different cities — and every Insider (what we call our team members) has the freedom to grow from wherever they are.

• Remote work, global impact.

Ready to turn challenges into solutions and grow with us?

Join Conviso! ??

RESPONSIBILITIES AND ASSIGNMENTS

• Lead audits/assessments, including preparing the audit plan, reviewing documentation and evidence, evaluating procedures, and conducting client interviews.
• Prepare, review, and approve assessment reports.
• Manage priorities, tasks, and hours on projects in conjunction with the project manager to achieve utilization goals.
• Ensure that quality products and services are delivered on time.
• Escalate client and project issues to management in a timely manner to inform and involve the resources needed to resolve the problem.
• Interact with clients throughout the project, engaging with all levels of the client organization. Establish and maintain positive collaborative relationships with clients and stakeholders.
• Continuous professional development in maintaining industry-specific certifications. Maintain in-depth knowledge in the area of expertise.
• Collaborate with project managers, quality management, sales, and other delivery team members to increase client satisfaction and meet project requirements.
• Estimated travel around 30%.
• Current PCI-QSA certification is preferred (we will consider PCI-ISA, PCI Professional, and ex-QSA.)
• One of the following information security certifications is required: CISSP, CISM, or ISO 27001 Lead Implementer.
• One of the following audit certifications is required: CISA, GSNA, CIA, IRCA ISMS Auditor or higher, or ISO 27001 Lead Auditor.
• Strong knowledge of PCI-DSS security standards.
• Experience in preparing Reports on Compliance.
• Experience in conducting IT security risk assessments and gap analysis.
• Experience interacting with management in a consultative manner.

• MUST HAVE
• Ability to be successful when working remotely.
• Strong understanding of IT with respect to networks, servers, workstations, and applications.
• Excellent communication and presentation skills.
• Written and verbal communication skills, including the ability to explain technical subjects to a non-technical audience.
• Consulting skills with executive leadership and technical professionals.
• Ability to quickly build a relationship of high trust and credibility.
• Strong attention to detail, strong problem-solving, decision-making, organization, and analytical skills.
• Ability to prioritize and manage multiple initiatives/projects.
• Ability to be self-motivated and have strong independent initiative.
• Intemediate English and Portuguese language for development of documents, presentations and reports and meetings.
• Spanish is preferred.

• WANT TO KNOW MORE ABOUT CONVISO?!

Culture Code

Blog

Podcast

youtube

Diversity matters here! We value differences and the plurality of race, color, religion, gender and gender identity, nationality, sexual orientation, and age — because we believe in the importance of sharing diverse ideas and perspectives.

Every person matters — no one here is just a number.

• Sobre a Conviso_

Nosso portfólio inclui importantes players do setor financeiro do mundo todo e grandes e-commerces.

O propósito que nos move

Seguimos a cultura dev-first e nossos produtos são criados para otimizar a rotina de profissionais de desenvolvimento para que segurança deixe de ser um gargalo e se torne uma cultura.

Para essa missão, reunimos desenvolvedores que conhecem muito bem os desafios de incluir segurança em uma rotina de DevOps e criamos uma plataforma de devs para devs.

AppSec como cultura

Apenas 18,2% de pessoas que trabalham em empresas de softwares ou e-commerces acreditam que existe conhecimento suficiente sobre AppSec dentro das organizações. Na Conviso, acreditamos que implementar ações de conscientização e treinamentos é a chave para uma cultura que priorize a inserção de segurança nas primeiras etapas de design de uma aplicação.

Remote first

Nascemos remotos e hoje contamos com uma equipe que trabalha em mais de 34 cidades diferentes e cada Insider (nossas pessoas colaboradoras) tem liberdade para crescer de onde quiser.

This offer from "Conviso Application Security" has been enriched by Jobgether.com and got a 72% flex score.