Leading Offshore IT & Software Development Outsourcing Company offers various services like software consulting, application development, etc.

Risk & Compliance Management Skills 

· Communicating and coordinating with internal technical teams

· Obtaining and reviewing supporting documentation

· Performing assessments (where necessary) and publishing reports

· Summarizing the adequacy of security controls

· Outlining gaps & remediation steps to develop practical recommendations

· Evaluating internal compliance to regulations such SOX, PCI, HIPPA & SSAE 16

· Capturing assessment results in centralized repository

· Document new processes and workflows while maintaining / improving on existing processes 

and workflows

· Effectively lead & manage multiple projects without a great deal of direction or oversight

· Interact with team members and department/division personnel in a professional and mature 

manner

· Coordinate enterprise information security risk assessments

· Catalog, track and report the status of risk assessments and resolution actions

· Propose risk mitigations based on cost, benefit and risk

· Keep abreast of current developments and emerging issues and risks both within the 

technology organization and the information technology industry, and apply gained knowledge 

to risk assessments

Technical skill set

· Should have thorough understanding about cryptographic solutions being used in IT industry

· Should have thorough understanding about cryptographic concepts such as encryption 

algorithms, hashing algorithms, digital signatures, nonrepudiation, certificate authority, various 

trust models, SSL/TLS encryption etc.

· Should have deep knowledge and working/hands-on experience in designing, implementing and 

managing cryptography based solutions such as Public Key Infrastructure (MUST), file integrity 

solutions, HSM’s (hardware security module) for secured storage of keys

· Should have thorough understanding about PKI components such as Root CA, Intermediate or 

Subordinate CA, Issuing CA, Policy CA, CRL, relevant protocols such as OCSP, SCEP

· Should have experience in integrating PKI solutions with applications/solutions based on 

standard protocols such as SSL/TLS - Client/Server authentication/session encryption, SMIME –

signing/encryption, Object signing, Digital Signatures, IPSEC-VPN Tunnels –

authentication/encryption, time-stamping

· Should have conceptual level good understanding on network technologies - basic level routing, 

switching

· Should have good understanding about PCI DSS/HIPPA/DPA, other leading compliance 

requirements

· Should understand customer's requirements & transform in to a technical control or technical

solution

· Should have understanding about product licensing/bill-of-material/part codes

Project Specific Responsibilities

· Managing several GRC related tasks simultaneously without a great deal of direction or oversight

· Interacting with team members and department/division personnel on other GRC related tasks

· Manage Audits and Coordinate with External Auditors

· Design, implement and manage Enterprise PKI solutions

· Prepare Technical Solution Design Documents, Project Plan

· Work with Customer’s Architecture team for finalizing the solution deployment design 

· Validation of Bill of Material/Bill of Quantity against the deliverables

· Documenting High-light key risks/issues, mitigation steps, High-light dependencies on 

customer/other teams

· Work with Program Manager for timely updates/tracking of deliverables

· Ensure that project implementation is completed in defined timelines

· Manage resources assigned to project effectively

· If any delays, prepare gap-analysis and raise alarms in project review meetings –

internal/external

· Managing various sign-offs/mile-stone achievement records, share with Sales Account 

Manager/Finance guys for billing/invoicing

Andy Bundad - Senior Technical Recruiter

Hi-Tech Solutions, Inc. (HTS)

2 Mid America Plaza Suite 630, Oakbrook Terrace, IL 60181

W: 630-473-6463

www.htsconsulting.com