Established in 2009, Advantio maintains an extensive team of consultants and security testing experts to provide digital security and assurance to its customers.
22 вересня 2022

PCI DSS QSA Consultant (Regional Lead) (вакансія неактивна)

Київ

Role Mission

To ensure delivery of PCI DSS compliance services in accordance with internal and external rules and regulations, within defined timeframe, allocated resources and budget, and maintain the highest level of quality of delivered services of managed team.

Responsibilities

Lead customer engagements and provide senior cyber security advice and services to a broad range of clients and industries. Provide detailed analytical reporting, internal reporting metrics and program management. Provide leadership and mentorship to Junior consultants.

People and Resources Management

  • Sets professional goals and facilitating team members professional career path development.
  • Facilitates internal tutoring and mentoring, personnel education and supports people with external and internal trainings
  • In cooperation with PMO, manages team’s project timelines, resources and deliverables for PS projects considering specific skills needed to assign projects
  • Ensures that personal and team’s KPIs are achieved
  • In cooperation with HR, supports the hiring process and develops individual development plans for team members, performs quarterly PDP discussions for team members

Projects Delivery

  • Prepares, organizes and supports delivery by team members of engagements offsite or at customer premises including but not limited to gap analysis, security assessment, risk and/or compliance assessment using one or more industry or regulatory standard or framework

Processes and Documentation

  • Assesses compliance related documentation including policies, procedures, standards and legislative directives
  • Provides remediation support and guidance on the security aspects of the administration and maintenance of processes & documentation, infrastructure components, applications, services and security systems
  • Delivers detailed reports following Advantio’s reporting best practice and templates
  • Ensure QA process for PCI is initiated and applied for relevant projects, in cooperation with QA and Backoffice team
  • Establishes new standards and reviews existing documentation to ensure the correct application of the processes
  • In cooperation with Practice Lead(s), estimating, planning & monitoring team budget
  • Provide regular status update to internal stakeholders (Practice Lead(s), PMO)
  • Participate in continuous improvement of internal processes (reporting tools, assessment automation etc.)

Communication

  • Participates to external conferences and promotes Advantio by identifying important Industry events
  • Support marketing activities related to existing Professional Service portfolio and customer acquisition working in collaboration with marketing team
  • Act as a communication point between regional team, other PS teams, PMO and other departments
  • Supports sales team in development and effort estimations for new opportunities (e.g. new and evolving industry standards)
  • Stay up-to-date on developments in the PCI realm, understanding new standards and regulations and their impact on Advantio

Knowledge and Skills (PCI QSA; P2PE)

  • PCI QSA qualification
  • P2PE qualification and/or relevant Encryption experience
  • Cryptography techniques including algorithms, key management, and key lifecycle.
  • Knowledge of industry standards for cryptographic techniques and key management, including but not limited to, ISO 11568 and 13491, ANSI X9.24 and X9.97, and NIST 140-2 Level 3
  • Public key infrastructure (PKI) and the role and operations of a Certification Authority (CA) and Registration Authority (RA)
  • Hardware security modules (HSMs) operations, policies, and procedures
  • POI key-injection systems and techniques including key-loading devices (KLDs) and key management methods, such as Master/Session or DUKPT
  • Physical security techniques for high-security areas
  • Relevant PTS Security Requirements (e.g., SRED, SCR, OP)
  • Authentication methods and techniques
  • Integrity controls
  • Networking (routing, switching, firewall network filtering)
  • Operating Systems (Linux/Unix, Windows)

Competencies

  • Problem Solving (analysis, helicopter view, problem setting, decision making)
  • Planning and Organization (time management, scheduling and control)
  • Communication (clearness, listening, persuasion)
  • Networking (reinforce relationships, use emotional intelligence and personal proximity)
  • Results Orientation (delivering solutions, work under pressures )

Advantio Core Values

  • Harmony, always strive to create harmony
  • Openness, always be open
  • Social responsibility, be socially responsible
  • Timeless, whatever you build make it timeless
  • Accommodating, make our customers feel at home
  • Learning, be a learn it all
  • Delivering results