Managing Consultant

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit

The Managing Consultant will join Trustwave’s Global Compliance & Risk Services (GCRS) organization, the leader in Payment Card Industry-Data Security Standard (PCI-DSS) Assessment and Consulting. Trustwave’s GCRS team works with the world’s leading merchants, banks, and service providers, to advise and asses their security programs against PCI Standards.

Trustwave’s Global Compliance & Risk Services team also provides comprehensive professional services beyond PCI-DSS, such as compliance and risk assessments, remediation consulting, compliance program development, and Virtual CISO.

Managing Consultants are the heart and soul of GCRS. They are front-line leaders of the world’s strongest QSA teams. The MC connects Trustwave management with delivery, and client management with Trustwave. They are strong managers who are experts in the services they manage.  They are innovators. They are the primary interface with enterprise accounts, owning the timeliness and quality of multiple projects on an ongoing basis. They are the leader and mentor of their consulting team.  

The key job expectations of the Managing Consultant are:


  • Set the highest standards for your QSA team
  • Expand your professional capabilities, while maintaining Information Security and Compliance expertise 
  • Adopt operational initiatives, quickly and effectively
  • Innovate, and assume leadership of special projects
  • Represent the Company at all times in an ethical and professional manner.
  • Develop the QSA Team
    • Build your team as needed, through interview, selection, and training
    • Provide GCRS Methodology training to new hires, and on a recurring basis
    • Lead and manage a GCRS Consulting team, which consists of up to seven Consultants, four Associate Consultants, and may include Principals and Team Leaders.
    • Develop Team Leaders and coordinate the activity of Associate Consultants
    • Proactively request personnel resources in a timely fashion
    • Provide coaching and guidance for a broad range of topics, including client relationship management, professionalism, and communications
    • Motivate team members to identify up-sells with existing clients
    • Review your team’s performance on a quarterly and annual basis, define goals aligned with management objectives, and report progress.


  • Pre-sales PCI-DSS assessment project scoping support to include:
    • Scoping calls/visits, Sales Engineer (SE) technical support, sample calculations, project effort estimates, and scoping sheet completion.
  • Manage the GCRS relationships for assigned clients.
    • Manage a broad range of client engagements and relationships.
    • Supervise and coordinate the delivery of GCRS projects
    • Monitor project activity and manage timelines
    • Provide clear, direct, and professional communications to clients during escalations
    • Ensure PCI-DSS project deliverables are of the highest quality through completion of standard Report on Compliance (ROC) document Quality Assurance (QA) review process
    • Ensure that work is delivered per the Statement of Work (SOW)
    • Manage the hours budgeted per SOW
    • Periodically validate client satisfaction with delivery services
    • Identify for new opportunities within existing clientele
    • Verify all project-related documentation is collected and retained per the Security Standards Council (SSC) and legal department mandates
    • Work closely with sales team to manage client and delivery expectations
    • Manage client and internal issues, with appropriate escalations, as needed
    • Objectively resolve disputes between client and assessor regarding assessment findings
    • Notify management proactively of resource management issues
  • Provide Quality Assurance reviews of PCI DSS Reports on Compliance, provide feedback and coaching to the QSA, and interface with QA.
  • Coordinate internal Trustwave departments and teams to solve GCRS business problems
  • Guide team in the use of internal client tools for workflow and document exchange/repository, across all client PCI-DSS projects
  • Periodically support Sales and Marketing activities to include (but not limited to): speaking engagements; Webinars; meeting/conference attendance; white papers; and thought leadership


  • Provide on-time Trustwave internal status reports of all assigned projects on a weekly basis to GCRS Directors
  • Ensure all team communications are professional, and consistent with Trustwave policies
  • Utilize Weekly Status Reports (WSR) to
    • Monitor and manage team members’ project loads and closures
  • Utilize time & expense tools to:
    • Review and approve or reject expense reimbursements and PTO in accordance with Trustwave policies
    • Monitor consultant timesheets for on-time submission and accuracy
    • Monitor consultant utilization relative to defined targets
    • Track completed projects within their team

Skills and Qualifications:

  • Enterprise Risk, Audit, Regulatory compliance (PCI-DSS, HIPAA, SOX, GLBA) background/experience
  • Minimum of 5 years of information security experience
  • Payment Card Industry Data Security Standard (PCI-DSS) experience
  • Strong communication skills (oral and written)
  • Strong time management skills and the ability to deal with multiple competing priorities
  • Ability to manage technical projects and client expectations
  • Security Architecture, Design and Implementation experience
  • Risk Assessment and Management experience
  • QSA, CISSP, CRISC, CISA, CISM or equivalent certification required
  • This position requires at least 50% travel and the applicant/consultant must be available and willing to travel. 

Additional Preferred Skills/Experience:

  • Substantial professional experience as a senior consultant
  • Demonstrated Project Management skills
  • Documented experience in a people/team supervisory role or lead senior consultant with clients who have multiple contacts, departments, and engagements
  • Additional professional and technical certifications a plus
  • Project management (PMP) certification a plus
  • Previous technology or security consulting experience preferred
  • Previous professional services management experience preferred


We prefer college-educated applicants, but at minimum, high school diploma or equivalent is required for employment. 

Trustwave is an Equal Opportunity Employer of Minorities, Females, Protected Veterans, and Individuals with Disabilities.  

To All Agencies:

Please, no phone calls or emails to any employee of Trustwave outside of the Talent Acquisition team. Trustwave’s policy is to only accept resumes from agencies via the Trustwave Agency Portal. Agencies must have a valid fee agreement in place and they must have been assigned the specific requisition to which they submit resumes, by the Talent Acquisition team. Any resume submitted outside of this process will be deemed the sole property of Trustwave and in the event a candidate is submitted outside of this policy is hired, no fee or payment of any kind will be paid.

Back to top