Tuesday, January 22, 2013

[KITlist-Tech] CONTR: System Engineer - Security (San Jose, CA)

Please direct your responses to: kimchi.nguyen@experis.com

Title: Security System Engineer
Location: Santa Clara, CA
Duration: 12+ months

Looking for a seasoned security engineer that has a positive attitude and ability to think and work independently in a growing security environment. This person should have 5+ years of experience in a security response, systems administration, or network administration role and be able to follow processes and execute effectively.

Responsibilities:
- Develop and maintain hardening guidelines in partnership with infrastructure teams including CentOS, MySql, Tomcat, etc.
- Support the security architects to investigate new technologies, replicate application testing scenarios, validate infrastructure remediation
- Analyze Qualys and MVMD reports as necessary
- Validate vulnerabilities based on reports through Qualys and RedSeal
- Proactively look for ways to improve network and infrastructure security practices
- Take a leadership role in driving internal security and privacy initiatives to secure a SaaS environment
- Proactive research to identify and understand new threats, vulnerabilities, and exploits
- Provide risk analysis for vulnerabilities, incidents and change requests
- Monitoring IDS, Firewall, and log correlation tools for potential threats
- Perform vulnerability assessments & penetration testing on infrastructure and applications
- Management/review of *nix & windows host security configuration and architecture
- Assists in developing a model for our vulnerability program and event logging, monitoring program

Skills and knowledge:
- 5+ years of professional experience and a bachelor´s degree in engineering, computer science or a related field.
- 5+ years of experience in network, server or application security positions (on the system side prior system admin or administrator web apps).
- CISSP is a required
- Certified Ethical Hacker, Global Information Assurance Certification (GIAC) nice to have
- Experience with developing and implementing IT security plans and Internet security
- Exposure to open source infrastructure management, and automation, and security tools. (Nessus, Nmap, tcpdump/wireshark, snort, burp, etc)
- Experience with Splunk, Qualys, RedSeal, and MVMD
- Experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling
- Ability to perform threat, vulnerability and risk assessments against environment
- Ability to perform security tool administration providing risk analysis of Vulnerability scanners (Qualys), and incidents
- Security event logging & monitoring analyzing Intrusion Detection/Prevention System (IDS/IPS) and firewall logs, sys logs, event logs, etc
- Solid working experience and knowledge of Unix/Linux operating systems
- Knowledge with Unix shell scripting, Bourne shell
- Knowledge with Oracle DB mysql and mssql
- Fundamentals of network routing & switching and understanding of L2/L3 network layers
- Security related experience included Data-at-rest encryption, certificate validation, IDS/IPS, Firewalls, SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessment to include; cross-site scripting, SQL injection, cross-site request forgery, HTTP response splintering, the OWASP Top 10 and SANS Top 25.
- Knowledge in TCP/IP; web architectures and technologies such as HTML, JavaScript, XML, REST, PHP
- Web application penetration testing experience identifying architectural design weaknesses from analyzing a web application

Thank you,

Kim Nguyen
Technical Recruiter at Experis
408-369-4109
kimchi.nguyen@experis.com


------------------------------------

********************************************************************

Read the new KIT List blog at www.kitlist.wordpress.com for job tips and to connect to our community!

Please go to www.KITlist.org to join, post jobs, or get answers to common questions. If you have any comments or questions, you can reach us directly at KITtechmoderator@KITlist.org.

By using the KIT List you agree to comply with the Terms of Use on the site, and will not use discriminatory employment practices. The KIT List is a service of Connelly Communications, Inc.

TO UNSUBSCRIBE:
Replying to KIT emails with an "unsubscribe" request does not work.
Instead, just send an email (from the same account you used to subscribe) to KITlist-Tech-unsubscribe@yahoogroups.com. If you are still receiving emails after a few days, please email us at KITtechmoderator@KITlist.org and we will manually remove you. Thanks!
Yahoo! Groups Links

<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/KITlist-Tech/

<*> Your email settings:
Individual Email | Traditional

<*> To change settings online go to:
http://groups.yahoo.com/group/KITlist-Tech/join
(Yahoo! ID required)

<*> To change settings via email:
KITlist-Tech-digest@yahoogroups.com
KITlist-Tech-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
KITlist-Tech-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/

No comments:

Post a Comment