9:49:00 PM
Job Title
Enterprise Information Security Engineer/ PKI Solutions/ PCI Components
Location
Newark, California, United States
Recruiter/Company
Description
Enterprise Information Security Engineer/ PKI Solutions/ PCI Components
Newark, CA
Risk & Compliance Management Skills
• Communicating and coordinating with internal technical teams
• Obtaining and reviewing supporting documentation
• Performing assessments (where necessary) and publishing reports
• Summarizing the adequacy of security controls
• Outlining gaps & remediation steps to develop practical recommendations
• Evaluating internal compliance to regulations such SOX, PCI, HIPPA & SSAE 16
• Capturing assessment results in centralized repository
• Document new processes and workflows while maintaining / improving on existing processes and workflows
• Effectively lead & manage multiple projects without a great deal of direction or oversight
• Interact with team members and department/division personnel in a professional and mature manner
• Coordinate enterprise information security risk assessments
• Catalog, track and report the status of risk assessments and resolution actions
• Propose risk mitigations based on cost, benefit and risk
• Keep abreast of current developments and emerging issues and risks both within the
• technology organization and the information technology industry, and apply gained knowledge to risk assessments
Technical skill set • Should have thorough understanding about cryptographic solutions being used in IT industry
• Should have thorough understanding about cryptographic concepts such as encryption algorithms, hashing algorithms, digital signatures, nonrepudiation, certificate authority, various trust models, SSL/TLS encryption etc.
• Should have deep knowledge and working/hands-on experience in designing, implementing and managing cryptography based solutions such as Public Key Infrastructure (MUST), file integrity solutions, HSM’s (hardware security module) for secured storage of keys
• Should have thorough understanding about PKI components such as Root CA, Intermediate or Subordinate CA, Issuing CA, Policy CA, CRL, relevant protocols such as OCSP, SCEP
• Should have experience in integrating PKI solutions with applications/solutions based on standard protocols such as SSL/TLS - Client/Server authentication/session encryption, SMIME – signing/encryption, Object signing, Digital Signatures, IPSEC-VPN Tunnels – authentication/encryption, time-stamping
• Should have conceptual level good understanding on network technologies - basic level routing, switching
• Should have good understanding about PCI DSS/HIPPA/DPA, other leading compliance requirements
• Should understand customer's requirements & transform in to a technical control or technical solution
• Should have understanding about product licensing/bill-of-material/part codes
Soft skills
• Shall have good verbal/written communication skills
• Should have good presentation skills - shall be able to participate the review meetings and be able put across the points of concern
• Should have required skillset for managing/tracking progress of project
• Should have Capability to conduct risk analysis, impact analysis, dependencies on customer/internal teams
Project Specific Responsibilities
• Managing several GRC related tasks simultaneously without a great deal of direction or oversight
• Interacting with team members and department/division personnel on other GRC related tasks
• Manage Audits and Coordinate with External Auditors
• Design, implement and manage Enterprise PKI solutions
• Prepare Technical Solution Design Documents, Project Plan
• Work with Customer’s Architecture team for finalizing the solution deployment design
• Validation of Bill of Material/Bill of Quantity against the deliverables
• Documenting High-light key risks/issues, mitigation steps, High-light dependencies on
• customer/other teams
• Work with Program Manager for timely updates/tracking of deliverables
• Ensure that project implementation is completed in defined timelines
• Manage resources assigned to project effectively
• If any delays, prepare gap-analysis and raise alarms in project review meetings – internal/external
• Managing various sign-offs/mile-stone achievement records, share with Sales Account Manager/Finance guys for billing/invoicing
Other Responsibilities
• Review and Validate change requests/SOW documents
• Ensure quality work - review and validate the technical configurations, proposed changes
• Coordinate with Security COE resources for resolution of technical issues/problems before escalation to OEM
• Prepare/Maintain various documents to be delivered as per SOW or best practices
• Should be able to understand and enforce the RACI-matrix
• Resource Management
Qualification:
• Preferably a Graduate or Post-graduate from reputed university
• Should have completed reputed certifications like CISA, CISSP, CISM, CRISC, CGEIT and other technical certifications including PKI related ones
Should have six to ten years of experience
• Should have minimum four years of experience in PKI solutions including designing/implementation and management
Newark, CA
Risk & Compliance Management Skills
• Communicating and coordinating with internal technical teams
• Obtaining and reviewing supporting documentation
• Performing assessments (where necessary) and publishing reports
• Summarizing the adequacy of security controls
• Outlining gaps & remediation steps to develop practical recommendations
• Evaluating internal compliance to regulations such SOX, PCI, HIPPA & SSAE 16
• Capturing assessment results in centralized repository
• Document new processes and workflows while maintaining / improving on existing processes and workflows
• Effectively lead & manage multiple projects without a great deal of direction or oversight
• Interact with team members and department/division personnel in a professional and mature manner
• Coordinate enterprise information security risk assessments
• Catalog, track and report the status of risk assessments and resolution actions
• Propose risk mitigations based on cost, benefit and risk
• Keep abreast of current developments and emerging issues and risks both within the
• technology organization and the information technology industry, and apply gained knowledge to risk assessments
Technical skill set • Should have thorough understanding about cryptographic solutions being used in IT industry
• Should have thorough understanding about cryptographic concepts such as encryption algorithms, hashing algorithms, digital signatures, nonrepudiation, certificate authority, various trust models, SSL/TLS encryption etc.
• Should have deep knowledge and working/hands-on experience in designing, implementing and managing cryptography based solutions such as Public Key Infrastructure (MUST), file integrity solutions, HSM’s (hardware security module) for secured storage of keys
• Should have thorough understanding about PKI components such as Root CA, Intermediate or Subordinate CA, Issuing CA, Policy CA, CRL, relevant protocols such as OCSP, SCEP
• Should have experience in integrating PKI solutions with applications/solutions based on standard protocols such as SSL/TLS - Client/Server authentication/session encryption, SMIME – signing/encryption, Object signing, Digital Signatures, IPSEC-VPN Tunnels – authentication/encryption, time-stamping
• Should have conceptual level good understanding on network technologies - basic level routing, switching
• Should have good understanding about PCI DSS/HIPPA/DPA, other leading compliance requirements
• Should understand customer's requirements & transform in to a technical control or technical solution
• Should have understanding about product licensing/bill-of-material/part codes
Soft skills
• Shall have good verbal/written communication skills
• Should have good presentation skills - shall be able to participate the review meetings and be able put across the points of concern
• Should have required skillset for managing/tracking progress of project
• Should have Capability to conduct risk analysis, impact analysis, dependencies on customer/internal teams
Project Specific Responsibilities
• Managing several GRC related tasks simultaneously without a great deal of direction or oversight
• Interacting with team members and department/division personnel on other GRC related tasks
• Manage Audits and Coordinate with External Auditors
• Design, implement and manage Enterprise PKI solutions
• Prepare Technical Solution Design Documents, Project Plan
• Work with Customer’s Architecture team for finalizing the solution deployment design
• Validation of Bill of Material/Bill of Quantity against the deliverables
• Documenting High-light key risks/issues, mitigation steps, High-light dependencies on
• customer/other teams
• Work with Program Manager for timely updates/tracking of deliverables
• Ensure that project implementation is completed in defined timelines
• Manage resources assigned to project effectively
• If any delays, prepare gap-analysis and raise alarms in project review meetings – internal/external
• Managing various sign-offs/mile-stone achievement records, share with Sales Account Manager/Finance guys for billing/invoicing
Other Responsibilities
• Review and Validate change requests/SOW documents
• Ensure quality work - review and validate the technical configurations, proposed changes
• Coordinate with Security COE resources for resolution of technical issues/problems before escalation to OEM
• Prepare/Maintain various documents to be delivered as per SOW or best practices
• Should be able to understand and enforce the RACI-matrix
• Resource Management
Qualification:
• Preferably a Graduate or Post-graduate from reputed university
• Should have completed reputed certifications like CISA, CISSP, CISM, CRISC, CGEIT and other technical certifications including PKI related ones
Should have six to ten years of experience
• Should have minimum four years of experience in PKI solutions including designing/implementation and management
Job Type
Contract
Contact Name
Abraham B
Telephone
678-720-3170
Job ID
#PKI #Security #PCI #EnterprisePKI #GRC #CISA #InfoSec #InformationSecurity #Job #Jobs #Newark #California #CA
This blog has been verified by Rise: Rea3f8c4b6000e4b930f5c371a1c64fea