Rumesh Karunaratne
Round Rock
Summary
Dynamic Principal Compliance Architect at HP, Inc., specializing in PCI compliance and security architecture. Orchestrated a significant reduction of CDE firewall rules by over 85%, strengthening security operations. Demonstrated capacity to influence senior management and streamline documentation processes, while cultivating robust client relationships and advancing compliance initiatives.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Principal Compliance Architect
HP, Inc.
ROUND ROCK
01.2017 - Current
- Drove Level-1 PCI compliance across global operations, executing 30 annual assessments and overseeing 25 call centers.
- Inherited convoluted CDE and established clear evidence for compliance.
- Prepared environment for successful QSA assessment by hardening servers and enhancing documentation processes.
- Spearheaded timely transition to DSS 4.0 across all relevant environments.
- Influenced senior management to implement DTMF suppression, removing thousands of personnel from PCI scope.
- Developed configuration standards for IIS, SQL Server, Windows 2012/2017/2022, and RHEL7/9 based on CIS benchmarks.
- Audited servers to verify compliance with hardening standards.
- Reduced CDE firewall rules from over 1,500 to 230, optimizing security operations.
IT Security Auditor
GLOBAL Payment Systems, Inc.
PLANO
01.2015 - 01.2017
- Led PCI-DSS compliance program for Heartland Payment Systems, Xpient Solutions, and eWAY payment systems.
- Served as PCI-DSS SME, guiding scope definition and IT security control maintenance.
- Enhanced PCI service provider compliance through technical analysis and optimization of firewall rules.
- Implemented SIEM log-correlation rules and represented controls during QSA assessments.
- Conducted dry runs for 12 PA-DSS assessments, ensuring all controls were evidenced prior to PA-QSA.
- Approved acceptance of over 25 level 1-3 merchants' PCI Report On Compliance submissions.
- Reviewed reports to validate scope and control applicability, advising merchants on remediation actions.
- Provided insights to network operation and security teams regarding security controls and firewall configurations.
IT Security Consultant
Coalfire Systems, Inc.
Dallas
01.2013 - 01.2015
- Delivered end-to-end PCI-DSS advisory and assessment projects, including documentation of Report on Compliance (ROC).
- Conducted PCI GAP analyses while advising clients on security architecture and solutions like tokenization and network segmentation.
- Managed client relationships to guide PCI DSS compliance through security controls and scope reduction strategies.
- Led PCI DSS 3.0 assessments for US Air Force service provider, enhancing compliance standards.
- Established reputation as a Trusted Advisor for PCI DSS initiatives with key clients.
- Oversaw client engagements and PCI DSS 3.0 assessments for five entities within a global payment processing company.
- Completed five ROCs for diverse business units across multiple geographies.
- Participated in developing security hardening controls for various products within VCE VBlock systems.
Intern - Information Security
HEB Corporation.
San Antonio
05.2013 - 08.2013
- Upgraded internal network security by revising architecture with bastion host access and multifactor authentication.
- Implemented fine-tuned firewall rules to enhance protection.
- Utilized Cisco ASA firewalls and VPNs for secure remote access.
Associate IT Security Consultant
Coalfire Systems, Inc.
Dallas
01.2013 - 08.2013
- Conducted PCI-DSS annual assessments and GAP exercises to ensure compliance standards.
- Supported lead QSA in achieving project milestones through effective stakeholder communication.
- Completed annual PCI DSS 2.0 assessment for over eight merchants and 15 service providers.
- Reviewed Xen hypervisors for IBM Softlayer against HIPAA framework independently.
- Performed vulnerability scans for prominent financial institution, covering over 1,000 IPs using Nexpose.
- Analyzed policies and procedures for administrative, physical, and technical safeguards to facilitate PCI compliance.
Education
Bachelor of Business Administration - Major in Infrastructure Assurance
The University of Texas at San Antonio
Skills
- PCI compliance and security architecture
- Firewall management
- Documentation processes
- Vulnerability assessment
- Network segmentation
Certification
- CISA#16133796
- CISM#1634249
- CISSP
- CCSP#611229
- PCI-ISA#804-444
Timeline
Principal Compliance Architect
HP, Inc.
01.2017 - Current
IT Security Auditor
GLOBAL Payment Systems, Inc.
01.2015 - 01.2017
Intern - Information Security
HEB Corporation.
05.2013 - 08.2013
IT Security Consultant
Coalfire Systems, Inc.
01.2013 - 01.2015
Associate IT Security Consultant
Coalfire Systems, Inc.
01.2013 - 08.2013
Bachelor of Business Administration - Major in Infrastructure Assurance
The University of Texas at San Antonio
Similar Profiles
Brittany TurnerBrittany Turner
Executive Administrative Assistant III at HP, Inc.Executive Administrative Assistant III at HP, Inc.
Christian Omar Villarruel VizcainoChristian Omar Villarruel Vizcaino
Country Manager at Poly HP (formerly Plantronics + Polycom, a part of HP Inc.)Country Manager at Poly HP (formerly Plantronics + Polycom, a part of HP Inc.)
Phelisha NguyenPhelisha Nguyen
Process Engineer at Hp IncProcess Engineer at Hp Inc
Jo CrossJo Cross
Ticket Agent at Capital Area Transportation System (CARTS)Ticket Agent at Capital Area Transportation System (CARTS)
Sujata B CSujata B C
Server at Baltimore Country Club - Hostess, LuthervilleServer at Baltimore Country Club - Hostess, Lutherville