Tuesday, September 19, 2017

Senior Security Architect

Job Title: Senior Security Architect
Location: Basking Ridge, NJ
Duration: 12+ Months (Possible Extension)
W2 Candidates Only.
On Site position, No remote work

Job Description:
Business Overview:
• Focused on working with application project and development teams throughout the entire software development lifecycle to build security into applications produced.

• Work with development teams to employ a secure architecture
• Provide education and guidance about secure coding practices
• Ensure compliance with Policies, Standards, Requirements, and Directives are met
• Schedule, scope and prioritize security assessments of applications
• Assess applications for vulnerabilities using manual and automated methods, such as threat modeling, code reviews, tool scans and penetration testing
• Identify, document, rate, and communicate vulnerabilities in terms of Confidentiality, Integrity and Availability to multiple audiences
• Reproduce, demonstrate and retest vulnerabilities
• Provide guidance and direction on remediating vulnerabilities
• Maintain awareness of security issues amongst the development community
• Continually improve the secure development process and environment

Required Qualifications:
• Understanding of the Software Development Lifecycle (SDLC)
• Understanding of multi-tiered architecture
• Passion for application security
• Process oriented
• Ability to describe vulnerabilities and application security concerns to both technical and non-technical persons
• 1-3 years of hands-on technical experience developing and testing apps in .NET or Java
• 3-5 years application security experience

Preferred Qualifications:
• Experience with SAST tools such as Fortify, Veracode, Checkmarx
• Experience with DAST tools such as IBM AppScan, Client WebInspect, Acunetix, Qualys WAS, Zap, Burp
• GIAC GWAPT, GSSP, or GWEB certified
• Experience performing architecture reviews
• Experience with cloud security: Amazon AWS, Windows Azure

Nikhil Mohaniya
(973) 967-3491

Sr. Compliance Consultant

Job Title: Sr. Compliance Consultant in San Francisco, CA 
Company: Mindlance 

Title: Sr. Compliance Consultant 
Location: San Francisco, CA 941057 
Duration: 12 Months (Can be extended) 

Qualifications: Minimum Qualifications 5 years experience at the senior consultant level Bachelor's degree in a related field or equivalent experience required Strong regulatory familiarity and expertise Excellent compliance and risk experience in corporate environment Strong knowledge and experience in compliance functions and documentation Strong research, analytical and information gathering skills Strong attention to detail and organizational skills, ensuring quality in deliverables Excellent skills in understanding complex business processes, working with the business compliance experts, and providing clear, concise guidance Proven ability to partner and work collaboratively as a team player; relationship building Ability to managing performance and be resourceful and adaptable to change. Demonstrated ability in advocacy and influence, conflict resolution, and process improvement Excellent communication and presentation skills Process Improvement utility industry knowledge Strong Excel, Word, PowerPoint skills; technological saavy 

• NERC CIP v5 subject matter knowledge 
• Knowledge of database and information systems - for example SCADA, EMS, OMT, OIS, SAP, ERP, COSO, Teradata, COBIT, QuestionMark - as needed to perform at the job level 
• Ability to apply project management theories, concepts, methods, best practices, and techniques as needed to perform at the job level 
• Knowledge of Physical Security and IT Cyber Security products and technologies 
• Knowledge of risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems 
• Understanding of computer networking technologies and protocols, and/or network security methodologies 
• Demonstrated systematic problem analysis, solving, and decision-making skills 
• Ability to influence and work with and across all levels within the business 
• Excellent written and verbal communication skills required 
• Ability to perform complex tasks using established policies, procedures and guidelines as reference 
• Policy and Procedure writing experience 
• Process development and process flow mapping experience 

Responsibilities: Obtain, review, and interpret organizational CIP policies, standards and procedures to identify control points that would assist in mitigating risk to the business. 
• Review test results or interpret evidence for vulnerabilities, gaps, or control deficiencies and work with Compliance Specialists to close gaps 
• Identify risks associated with control failures and supports the identification of mitigating controls 
• Partner with System Owners to ensure control documentation is updated periodically to reflect current control environment 
• Leads and provides guidance on walkthroughs of processes and identification of gaps in controls. 
• Review compliance action plan and follow-up on open items. 
• Report on the “Health” for each NERC CIP Standard 
• Identify NERC CIP program gaps and initiate/coordinate mitigations 
• Coordinates upcoming NERC CIP activities to ensure timely completion of compliance requirements though Appian and tracking sheets. 
• Owns and documents the implementation of the controls and creates auditable evidence of security measures. 
• Ensure artifacts and evidence is of best-quality to meet compliance requirements.

diwakar chand 

Monday, September 18, 2017

IT Security Analyst

Job Title: Exciting Job Opportunity – Rose Opening # : 266218 - Job Title : IT Security Analyst 
Company: Rose International 

The following job is now available and potentially matches your skills! I'd like to work with you in finding your next dream assignment, whether it is this position or another one of our thousands of openings. Please contact me at your earliest convenience or respond with a time and phone number where I can reach you. We look forward to working with you! 

New IT Security Analyst Job in Menlo Park, CA! 

Title: Information Security Risk Assessment and Metrics Analyst Contractor 
Duration: 6 months 
Location: Menlo Park CA 
Desired Skill Set: 
Analytical Skills, Risk Analysis, Risk Management 

Job Details: 
Client is seeking an Information Security Risk Assessment and Metrics Analyst to join the Information Security team. This position will be responsible for documenting and assessing risks and developing and analyzing metrics as part of Client''s Information Security Risk Management Program. The Risk Assessment and Metrics analyst will be someone that has a passion for identifying, evaluating, and quantifying security risk across a widespread and dynamic environment and helping demonstrate Client''s dedication to security to the world. This role requires a mix of broad business and technical acumen, evaluating risk, and a polished ability to communicate. This is a contract position. 

• 3+ years of risk management experience, including risk identification, assessment, and remediation, with proven ability to effectively apply risk principles to challenging business situations 
• 3+ years of experience developing, analyzing, and visualizing risk-based information security metrics 
• Experience with developing security reporting that is meaningful and actionable for a variety of audiences including internal stakeholders and external third parties 
• Proficient in delivering messages to a wide spectrum of individuals having varying degrees of technical understanding 
• Familiar with National Institute Standards and Technology (NIST) security controls, ISO 27000, or other major security controls framework 

B.S. in Information Systems, Computer Science, or related field, or equivalent experience 

Anamika Sah 
Phone: (636) 812-4000, Ext.: 5013 (C) 972-971-0142 
E-mail: asah@roseint.com 

Friday, September 15, 2017

Sr Information Technology Analyst

Sr Information Technology Analyst 
Sacramento, CA 95814
6+ Months
This position will be primarily responsible for the management of our Trend-Micro Anti-Virus and Deep Discovery systems. Tasks will include managing Trend systems for efficient detection, containment, and recovery of malware events in a large enterprise network.
Key Accountabilities:
•         Respond to and analyze severity of malware alerts via endpoint controls, host-based intrusion prevention systems, email inspection and log correlation
•         Manage and tune anti-virus platforms to ensure maximum coverage and optimal signature/heuristics capabilities
•         Manage Deep Security deployments of Inspector and Analyzer across our data center environment
•         Work with appropriate technology groups, business operating units and individuals to mitigate infections and reduce propagation
Minimum Qualifications:
•         5+ years of actual work related experience in the field of Information Security in an operations center environment
•         Bachelor’s degree in related field or equivalent. Typical Certifications: CISSP, CISSP-ISSAP, GISP
•         Strong experience using Trend Micro Deep Security suite or similar enterprise-class AV solutions
•         Subject Matter Expert understanding of malware distribution and technical risk
•         Ability to prioritize response activities based on intake queues and SLAs
•         Ability to work across varying levels of technical competency in order to accurately communicate risk and mitigation activities

Yachna Narang
22nd Century Technologies Inc.

8251 Greensboro Drive, Suite 250
Mclean, Virginia - 22102
1703-373-7340 Ext.396

Senior Information Security Analyst

Job Title ::Senior Information Security Analyst
Location:: San Jose, CA
Duration :: Fulltime

This is a critical role responsible for providing program support & leading a global and cross- functional team to identify & drive remediation of security vulnerabilities. As leader the priority is protecting client corporate environment by ensuring highest level of security scrutiny.

Roles and Responsibilities
Candidate will work as a member of the Corporate Security Team and assist in various day to day operational activities such as:
Drive Corporate Security Program based on the NIST CSF ? Identify, Detect, Protect,Respond and Recover. 
Identify and Monitor Corporate Networks to determine if there have been any attacks. 
Analyze network traffic to identify anomalies and test information security controls for weaknesses.
Design and implement safeguards to protect the system with the help of network engineers and other members of the Technology Services team.
Respond to threats by taking mitigating actions to contain the activity and minimize damage.
Participate in risk assessments and breach readiness exercises for incident management.
Facilitate forensics analysis to determine the source of the threat. Document lessons learned as well as identify process improvements.
Communicate security issues to management via reports, dashboards. Provide weekly metrics on overall security posture.
Research emerging threats and work with the Security Operations Center (SOC).
Drive the Vendor Security Program including annual self-assessments.
Participate in the security toll-gates on projects.

Bachelor's Degree in Business, Computer Science or in a STEM major (Science, Technology, Engineering, or Math).
Industry Certifications ? Network Security or Certified Information System Security Professional (CISSP) with professional experience in Network Security.
Knowledge of software development, computer networks and Internet threat activity.
Knowledge of Security Incident and Event Management (SIEM) tools (Splunk, Qualys).
Previous enterprise or platform/cloud vulnerability management experience.
Previous experience leading an information security program in large, national or international enterprise a plus.
Excellent written and verbal communication skills, including experience engaging with executive and technical audiences.
Must be able to work in a fast paced, high profile environment.

Talent Acquisition
Inter Sources Inc.
An E-Verified Employer
39159 Paseo Padre Pkwy # 106 Fremont CA 94538.
Direct: 510 369 4177 Email: Anvesh@intersourcesinc.com

IT Security Analyst

Position Title: IT Security Analyst
Position Number: 266036
Location: Concord, CA
Desired Skill Set:
CISSP, cyber security, IEF
Position Description:
U.S. Citizens and those authorized to work in the U.S. are encouraged to apply. We are unable to sponsor or consider Corp 2 Corp candidates

Title: IT- Cyber Security Threat Analyst/Specialist – Senior
Location: Concord, CA, 94518
Duration: 5 Months

• Qualifications:
• Bachelors in Computer Science, or related discipline, or equivalent experience Certified Information Systems Security Professional (CISSP) certification Experience in Information Technology (IT), 6yrs Utilizes digital forensic tools including Guidance EnCase, SIFT Workstation,volatility, IEF, and Responder Pro to execute digital investigations and perform incident response activities

• Responsibilities:
Acts as a subject matter expert in area of field. Leads moderately to complex projects which may be cross functional. Conduct computer forensics, registry and memory analysis to identify malicious activity. Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if client systems are vulnerable.
• Leads development of framework for implementing tools and processes to improve quality and timeliness of reports. expert in area of field and applies extensive knowledge of concepts, principles, and practices.
• Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems.
• Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events.
• Assists in performing basic research internally and externally.
• Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools. Develops a strategy to implement work in department.

Haroon Fayyaz
Phone: (636) 812-4000, Ext.: 6631 | Fax: (636) 812-0078
E-mail: hfayyaz@roseint.com

Senior Security Engineer

Job Title: Lead/Senior Security Engineer
Job Type: Contract to Hire
Location: Grand Rapids, MI

This role is responsible for the creation, enhancement, and operation of information security incident response process and technology. This includes HR and legal investigations, endpoint and network incident detection and response coordination, and threat hunting.

  • Basic Qualifications:
  • Education - Bachelor's Degree or equivalent or equivalent
  • Experience - 10 years of experience typically gained through skills/knowledge/abilities in the field

Preferred Qualifications:
  • Education - Bachelor's Degree or equivalent or equivalent
  • Experience - 15 years of experience typically gained through skills/knowledge/abilities in the field.
  • Full-time experience and demonstrated maturity in security engineering, including experience with network intrusion detection systems, packet capture techniques and analysis of raw packet captures.
  • Expert experience with or knowledge of network topology/ infrastructure, client/server, databases, web security, multiple operating systems (Windows, *nix, mainframe, IOS/mobile, embedded), web operations, encryption, authentication, vulnerability scanning, virus/malware management, data loss/leakage prevention, logging/security information management, firewall and intrusion detection systems.
  • Experience with security information management systems and common system log formats, including syslog and Event Log, as well as using vulnerability assessment systems to test enterprise networks and applications.
  • Experience leading security incident response procedures, and authoring information security policies and procedures.
  • Strong experience with the theory and practice of information risk analysis and risk management
  • Licenses - Information security certification, such as: SANS GSEC or GCIH, Cisco CCSP, Microsoft MCSE: Security, CISSP, CISA or CRISC

If you are not interested in looking at new opportunities at this time I fully understand. I would in that case be appreciative of any referrals you could provide from your network of friends and colleagues in the industry. We do offer a referral bonus that I’d be happy to extend to you if they turn out to be a great fit for my client.

Thank you for your time and for consideration. I look forward to hearing from you.

Best Regards,
Navdeep Sachdev
Technical Recruiter
Integrated Resources, Inc
(732) 429-1930
Edison NJ 08817