Wednesday, February 22, 2017

Director of Information Security

Director of Information Security (Security Ops, Compliance)

Based in beautiful San Mateo, CA, we are one of the most exciting start-up companies to hit the news. We are a global cloud infrastructure company that offers a suite of SaaS applications to efficiently manage loan portfolios, increase transaction volume, and rapidly bring new products to market for financial institutions all over the world. We are looking to hire a Director of Information Security that possesses solid experience in information security, security operations, and compliance to join our team.

We are actively interviewing this week, if this sounds like you, please apply immediately or send your resume directly to lowell.santos@cybercoders.com.

What You Will Be Doing
-Day-to-day operational management and maintenance of various technologies in use
-Creating the automation needed to monitor the detection technologies for the enterprise
-Development of new data feeds and services including the writing of data parsers, installation of data connectors and log collectors, and tuning and aggregation of these sources
-Must maintain an advanced level of understanding of the technologies involved with service delivery and troubleshooting to support operations
What You Need for this Position
1.) 7+ years' experience with Information Security (at least 2 years in a lead or leadership role)
2.) Experienced with Security Operations (e.g. SIEM, IDS, IPS)
3.) Experienced with Security Compliance (i.e. SOC, ISO, PCI, etc.)
4.) Experience speaking with clients in the sales process to provide security expertise and address any vendor questions.
5.) Experience in a SaaS environment and/or Financial Services industry
What's In It for You
• Competitive salary
• Benefits
• Stock Options
• Unlimited Vacation!

https://www.cybercoders.com/director-of-information-security-security-ops-compliance-job-311315

Tuesday, February 21, 2017

Senior Information Security Risk Analyst

If you would consider relocating to beautiful Portland, Oregon, it’s a good time to consider an opportunity as a Senior Information Security Risk Analyst at The Standard. 
 
In this role you would:
  • Perform security assessments of large, complex internal IT projects based upon NIST 800-53.
  • Develop and maintain standard operating procedures (SOPs) in the performance of the project and third party risk assessments.
  • Policy, standard, guidelines, and procedures research, review, and development.
  • Provide input and recommendations for identified security exceptions; participate in defining remediation efforts.
  • Perform third party risk assessments.
Click here to view all our IT opportunities!  

Connect with Us!
  

Wednesday, February 15, 2017

Programmer Analyst

Parallel HR Solutions is currently seeking technical professionals for Global Portfolio Solutions - Programmer Analyst  role. In networking for this position, we came across your resume in our database and, after reviewing your background, felt you may be interested in applying for this role or if you have a friend or colleague that would have some interest in this opening. Included below are a few details about the opportunity:

Position: Global Portfolio Solutions - Programmer Analyst 
Location: New York
Duration: Initial 6 months contract.
Rate: $72/hr on W2.
 
Job Summary & Responsibilities
Global Portfolio Solutions is a multi-asset class portfolio manager group that works very closely with our largest institutions to model and allocate investments to strategic asset allocation targets. As part of this the GPS technology team is closely aligned to build the platform required to scale the business while enabling client flexibility.

Software developer on critical project to integrate and automate cross asset class daily risk reporting. Involvement in full software project lifecycle: analysis, technical design, development, testing, release, support.
Build partnerships with senior business and technology clients to understand business requirements, propose creative solutions and build maintainable systems.
Opportunity for close engagement with intricate multi-function business as well as to learn the Investment Management business and interact with business functions and technology teams across the division.

Basic Qualifications
Strong core capability in functional and/or OO programming languages: Java & Ruby
Strong communication and consensus building skills
Demonstrates taking ownership of issues to ensure successful conclusion
Experience of partnering clients to deliver benefit to the business
Preferred Qualifications
Working knowledge of Python and SQL

Sakeeb Khan
Talent Acquisition Specialist
Parallel HR Solutions, Inc.
Main:     +1-801-386-8008
Direct:   +1-801-892-5534 (Ext : 4401)
www.parallelhr.com
Let’s Connect on LinkedIn

Wednesday, February 8, 2017

ISAC ANALYST

Responsibilities

  • Collaborate and share information with R-CISC members on a daily basis
  • Identify and prioritize emerging threats and potential attack campaigns
  • Build contextual threat analysis using open and private intelligence sources
  • Produce or contribute to the development of in-depth situational intelligence briefs covering emergent threats and attack campaigns
  • Produce threat bulletins that keep customers informed
  • Define threat intelligence collection, analysis and presentation requirements to drive continuous improvement and enhanced capabilities
  • Maintain and grow subject matter expertise and trust group connections
  • Support technologies and systems that comprise the R-CISC’s sharing platform and contribute to the threat analysis resources

Key Objectives

  • Perform daily operational activities related to information sharing and analysis for threat information to enable R-CISC Member sharing
  • Identify trends and behaviors that can help R-CISC Members prioritize detection and response to critical threats
  • Contribute to the production of R-CISC Threat Intelligence products and reports

Required Skills and Experience

  • An understanding of how threat actors exploit vulnerabilities in networks, protocols, operating systems, and applications, including malware, social engineering, and other hacking methods
  • Exposure to and familiarity with different malware families, botnets, threats by sector, and various attack campaigns
  • Experience collecting, analyzing, and validating Open Source Intelligence
  • Demonstrable prior experience creating and publishing complex technical information security content for external consumption, as an individual contributor and in a collaborative context
  • Excellent verbal skills including the ability to communicate effectively when working remotely
  • Ability to produce when working independently with minimum structure and supervision
  • Ability to take on additional tasks as incidents arise and demand warrants
  • Be capable of achieving a security clearance

Preferred Skills and Experience

  • Foreign language fluency a plus, preferably Chinese (Mandarin/Other) or Russian
  •  Prior experience in an operational security role, preferably incident response or experience with common host and network security tools
  • Ability to network traffic generated by malware
  • Experience working within the retail industry, or for retail industry clients
  • Existing security clearance a plus

Education

Bachelor of Science in Computer Science preferred

Interested? 

Contact Dan Holden, Intelligence Director at Dan.Holden@r-cisc.org.


Tuesday, January 31, 2017

Security Architect

Title: Security Architect 
Location: San Jose
Duration: Full Time


Primary Responsibilities
• Lead application security framework
• Provide security requirements for test-driven design
• Routinely deliver metrics report of the application security status
• Integrating security tools, standards, and processes into the product life cycle (PLC).
• Help train development and QA teams to an appropriate level of security knowledge.
• Improve and support application security tools such as static analysis, runtime testing tools.
• Improve development standards
• Participate in architecture review where security expertise is needed
• Routinely perform code reviews, penetration tests and standards gap analysis of existing and new services – internal and partners
• Stay on top of third-party and open source activities to ensure development meets company standards

Job Requirements

• Proven hands-on work experience as a software security engineer is a must.
• Detailed technical knowledge of techniques, standards and state-of-the art capabilities for authentication and authorization, applied cryptography, security vulnerabilities and remediation
• Can translate security concepts into language that is meaningful to business and technical leaders and individual contributors.
• Candidates must be able to approach application security from the perspective of risk management and avoid purely academic thinking about software security.
• Demonstrable ability to influence decision-making processes at all levels of a large organization will be critical to success.
• Candidates must have strong leadership skills to lead highly technical individuals.
• Candidates must have excellent verbal and written communication skills. Experience speaking in public forums and writing/contributing to technical publications is a plus.
• Candidates should have experience integrating secure development practices into both waterfall and agile development processes.
• The ideal candidate has experience writing and testing web applications and web services in the following programming languages: C/C++, Java, and JavaScript. Embedded experience is a plus.
• The candidate should have familiarity with a variety of development and testing tools, including: Eclipse, GCC, JIRA, Confluence, Subversion, Maven, ClearQuest/Case, Silk, FindBugs, Client/Fortify SCA, IBM AppScan, Client WebInspect, Veracode.
• Candidates must be able to explain all vulnerabilities and weaknesses in the OWASP Top 10, WASC TCv2, and CWE 25 to any audience, and discuss effective defensive techniques. Knowledge of embedded security models such as HSM is a plus.
• Candidates must have experience planning multi-year roadmaps.
• Familiarity with industry standards and regulations including PCI, FFIEC, SOX, and ISO27001 is desired.BS degree in Computer Science or related field

Education

Bachelor's degree or higher in Computer Science is preferred.Title: Lead, Application Security Engineer
 
Alex McChester
Technical Recruiter, Mondo
(310) 905-2410
Los Angeles, CA 90045

www.mondo.com
 

Information Security Officer

As a member of the global Information Security department, the Information Security Officer for the Americas contributes to Information Security activities at a global level and supports the appropriate implementation of the Information Security policies and initiatives in the US (Orinda, CA, Greenwich, CO, New York and Mexico City).

• Contribute to the information security strategy and the information governance framework by identifying local specifics and requirements; • Promote Information Security communication and awareness in the US in accordance with the global communication plan and local specificities • Monitor local information and systems risks through supporting the risk analysis of information, systems and applications, defining and updating the global and local information and systems risks map in accordance with the Risk and Controls department, and carrying out the relevant reporting and monitoring of risk mitigation actions • Take part in control reviews to evaluate whether Functional and Technical Support and Project activities managed by the IT Department are carried out in line with the approved and validated Information Security strategy and related roadmaps; the Information security standards and policies; and the approved risk-appetite framework • Contribute to the definition of a flexible annual control plan, taking into account any risk or control concerns identified by the Senior Information Security Officer for the USA, management or any other relevant person or committee • Provide advice to local users and IT teams • Contribute locally to the incident processes and activities to support the global operational support team in case of an incident • Contribute to the definitions of security policies adapted from standards and assist IT experts and the business to adapt standards and policies into operational procedures • Represent the Global Information Security department in the local governance instances

Education/Qualifications • Bachelor’s degree-level education or equivalent • A recognized certification (CISSP, CISA, CISM) would be a plus Experience • Relevant experience in Information Security • Experience in IT audit (internal or external) would be a plus • Experience in financial services institution or in an asset manager would be a plus • Experience in an international and multicultural environment would be a plus Knowledge and Skills • Good knowledge on organizational and governance of information security: policy definition / risk management / control • Good knowledge in technical information security: network security, system security, application security Competencies • Client focus: ability to understand and take into account various business context and situations, and to translate them into security analysis • Excellent written and oral communication skills • Team spirit / positive attitude • Autonomous • A good level in French (oral) would be a plus

Saturday, January 28, 2017

Cyber Security Ethical Hacker

Cyber Security Ethical Hacker
Addison, TX
Permanent/Direct Hire 


Job description
Candidate will be a member of a world-class ethical hacking team and will be responsible for performing automated ethical hack assessments against high risk applications to identify application security risks. Candidate must be able to meet the demands of a fast paced, high stress work environment.


As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.


Required Skills & Experience:

Must have strong and effective communication skills


Must be knowledgeable about application security vulnerabilities and threats and be able to explain risks associated with application vulnerabilities (OWASP Top 10)


Must be motivated and willing to continuously learn and improve application security skills.


Must be proficient in standard application security tools (plus - IBM AppScan, Burp)


Ability to work independently on initiatives with little oversight.


Strong analytical skills/problem solving/conceptual thinking.


Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding


Must have strong leadership skills and qualities which enable you to work with peers and various levels of management



Desired Skills & Experience:

Bachelor's degree or equivalent work experience in Application Security or related field


Strong understanding of common application security vulnerabilities and ability to articulate associated risks.


Strong analytical skills/problem solving/conceptual thinking


Expertise with IBM AppScan and/or Burp a PLUS



More information about the job


Is Relocation Available?

No


Are you open to sponsorship?

No


This position is:

New Position


Is there a possibility to work remote?

No


Is there equity?

No


Are there flexible work hours?

No



Zachary Herman
Senior Recruiting Specialist
Axelon Services Corporation
44 Wall Street, 18th Floor |New York, NY 10005
Direct(212) 306-0180 | Fax(212) 306-0191 
Email: zachary.herman@axelon.com
For more job opportunities: www.axelon.com