Feb 21, 2026
PCI DSS Consultant (ROC) – Contract – Outside IR35
We’re supporting an organisation that has recently been reclassified as a PCI DSS Service Provider and now requires a full Report on Compliance (ROC) rather than SAQ-D.
This is a short, focused engagement (circa 25 days) to lead and deliver the ROC end-to-end.
The role
Lead delivery of a PCI DSS ROC for a Service Provider environment
Assess controls across the Cardholder Data Environment (CDE)
Work closely with internal security, infrastructure and third-party suppliers
Identify gaps, agree remediation actions and support evidence collation
Produce and finalise the ROC documentation to audit standard
What we’re looking for
Proven experience delivering PCI DSS ROCs (not just SAQs)
Strong understanding of Service Provider / Level 1 requirements
Hands-on PCI DSS 4.0 experience
QSA status preferred, or demonstrable experience leading ROC engagements
Comfortable operating autonomously in a time-bound engagement
Contract...
| IR35 Status: |
Outside IR35
|
CV-Library
United Kingdom
Contractor