Please direct your responses to: jeannie.fernandez@experis.com
Title: Security Architect
Duration: 6 mos+ (quarterly extension)
Location: San Jose, CA
Experis has a Security Architect position for our enterprise client in San Jose, searching for a Strategic Consultant with at least 8+ years of experience and has the following skills:
Strategic Leadership:
Business Acumen, Coaching peers, Facilitation, Change Management, Strategic Business Planning, Team Effectiveness
Technical/Domain Expertise:
- Expertise in at least three or more of the following: Application Security Architecture, Infrastructure Security, Secure Network Design, Identity and Access Management, Data Security and Mobility Security
- Proven knowledge and experience with new technologies and programming techniques for multiple software languages, including, but not limited to Java, SOAP, J2EE, and XML.
- Demonstrated experience with common application security issues (XSS, CSRF, session fixation, SQL injection, information leakage, etc.) and related attack vectors. Solid understanding of web application security counter-measures, vulnerability assessments and penetration tests of networks and applications. Understand deployment infrastructure as well as application level attacks. In-depth understanding of exploiting and protecting web applications and services against security vulnerabilities including OWASP top 10 and SANS top 25
- Solid understanding of securing storage including NFS, knowledge of cryptography, Certificates, PKI, SSL, IPSEC
- Demonstrated experience in developing and maintaining hardening guides for OS, DB and Middleware (Cent OS, Apache, Tomcat, JBoss, Nginx, Oracle, MySQL)
- Experience securing large-scale web applications. Web application penetration testing experience identifying architectural design weaknesses from analyzing a web application
- Good understanding with standard security/ and networking troubleshooting tools (e.g. Nessus, Nmap, tcpdump/wireshark, snort, burp, etc)
- Experience with Web 2.0 architectures, service delivery, telephony, VoIP, streaming media, database and storage architecture.
- Security related experience included Data-at-rest encryption, certificate validation, IDS/IPS, Firewalls, SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis
- Client-Facing: Influence, Consult, and partner with key stakeholders
- Core Expertise: Applied conceptual thinking, design concepts, it analysis / analytical thinking, innovation management, enterprise perspective, process knowledge, risk management in enterprise scale environments.
- Communication: Proven ability to tailor communications to specific audiences including senior management. Must demonstrate the ability to communicate technical risks as business and customer impact.
Responsibilities include:
- Client Relationships
- Security Architecture Reviews
- Security Technologies: Evaluate vendor and internal products for security capabilities and integration into a service delivery environment. Provide architecture guidance for implementation
- Risk Leadership Governance: Interpret business, compliance, and security requirements, operational requirements, enterprise/customer requirements, conduct rigorous analysis, assess security of the code/system, create recommendations, prioritize solutions, and work with business to mitigate exposure to achieve the desired risk posture.
- Strategic Security Risk Analysis & Planning
- Policy and Best Practices: Establish security policies, standards, and best practices consistent with industry best practices, CSPO, and compliance regulations. Communicate and drive them to implementation guidelines.
- Industry and Customer Engagement: Develop white papers, contribute to industry practices, and stay current on trends.
- Security Education and Mentoring: Develop content and instructional design strategy for security courses and develops security competence of colleagues and partners.
- Threat Analysis and Response: Assist in threat modeling of web applications, infrastructure; work with other architects, designers, engineering to develop and deploy solutions that mitigate security and privacy risks.
- Take a leadership role in driving internal security and privacy initiatives to secure a SaaS environment
- Own Define configuration and hardening standards for systems, databases and application
- Management/review of *nix & Windows host security configuration and architecture
Education:
BS in Computer Science or Information Systems or equivalent plus 8+ years of technical experience, MS or additional experience strongly preferred. Security related certifications a plus.
Send resume to jeannie.fernandez@experis.com for immediate consideration
Jeannie Fernandez
Experis
408-369-4105
| Reply via web post | Reply to sender | Reply to group | Start a New Topic | Messages in this topic (1) |
Read the new KIT List blog at www.kitlist.wordpress.com for job tips and to connect to our community!
Please go to www.KITlist.org to join, post jobs, or get answers to common questions. If you have any comments or questions, you can reach us directly at KITtechmoderator@KITlist.org.
By using the KIT List you agree to comply with the Terms of Use on the site, and will not use discriminatory employment practices. The KIT List is a service of Connelly Communications, Inc.
TO UNSUBSCRIBE:
Replying to KIT emails with an "unsubscribe" request does not work.
Instead, just send an email (from the same account you used to subscribe) to KITlist-Tech-unsubscribe@yahoogroups.com. If you are still receiving emails after a few days, please email us at KITtechmoderator@KITlist.org and we will manually remove you. Thanks!
No comments:
Post a Comment