Thursday, December 14, 2017

Certified Ethical Hacker

Role: Certified Ethical Hacker
Location: Auburn Hills, MI
Work Auth Type: Any
Type: FTE
Interview Process: Skype, Telephonic 
 



Overview:
  • Welcome to L&T Technology Services, where you'll discover that our People truly are our biggest asset. It's the innovative spirit, quest for perfection, and passion to outperform that is ingrained in every employee that has become our driving force for sustained success.
  •  
Now, you too, can become part of the L&T Technology Services family. We are currently seeking a Certified Ethical Hacker to join our growing team in Auburn Hills, MI to support ongoing projects with FCA. In this role, you will be responsible for performing end-to-end testing for the TBM, Head Unit, Mobile & Web Portal Networks, and various systems related to the Connected Vehicle Services, including: Remote Door Lock / Remote Start / Remote Horns & Lights / Theft Alarm / On-board GPS / Theft Location Assistance / Driver Assist / Emergency Calls / SQDF / VHR / UAA / Local Search / Traffic Probe / Notificiations / Registration / Life-Cycle Management / Performance / In-Vehicle Assistance / Vehicle Finder / Head Unit Swap
  •  
Primary Responsibilities
  •  
    • Test interfaces with various system applications that support Connected Vehicle Services
    • Develop SOWs for Third Party Penetration Testing; regression, validation, verification of presence of security requirements
    • Perform connectivity / security validation based off global core security system levels
    • Review TPPT reports and create tracking dashboard to report across various platforms
    • Upload version-controlled reports in repository
    • Manage reviews with cyber-security team for penetration testing reports; create / close tickets
    • Perform Threat Assessments and Risk Assessments regarding identified vulnerabilities
    • Report on vulnerabilities to project management using prefabricated templates
    • Manage security tickets and manage ticket tracking system; update response received by 3rd Party Suppliers
    • Perform functional, performance, stability, and regression testing of new and existing connectivity enhancements
    • Identify vulnerabilities in Connected Services, UConnect and Vehicle Electrical Systems

  • Required Skills & Abilities
  •  
    • Bachelor's Degree in Electrical Engineering, Computer Engineering, Computer Science, or related field
    • Must have Certified Ethical Hacker (CEH) Certification
    • 5 years of experience in IT Security domain
    • 5 years of experience as Security Penetration Tester
    • 3 years of experience in Automotive Industry preferred
    • Demonstrated ability to identify exploits and vulnerabilities within Connected IoT devices, network infrastructure, web, mobile, and database systems
    • Hands-on experience executing vulnerability scans and penetration testing
    • Knowledgeable with regulatory and compliance requirements: PCI / HIPAA / SOX
    • Knowledgeable with information security frameworks: NIST / ISO / CoBIT
    • Knowledgeable with vehicle, mobile, web, and IT systems and related areas of vulnerability
 
Primary Skills:
CONNECTIVITY security test 
 
Secondary Skills:
 
Educational Qualifications
B.E/B.Tech 

 
 
Jagan - AM
EROS Technologies Inc.
16192, Coastal Highway, Lewes, DE- 19958
Direct : 516-545-0711
E Mail: jagan@erostechnologies.com

Wednesday, December 13, 2017

Stroz Friedberg openings

Stroz Friedberg is part of Aon Cyber Solutions – a group that brings together cyber experts across Aon’s business units to help clients manage the financial and technical aspects of cyber risk holistically. As one of the largest brokers of cyber insurance in the world, Aon is a leader in risk quantification and transfer services. Stroz Friedberg offers the ability to react to cybersecurity incidents, proactively assess digital risk, and remediate technical vulnerabilities. Together, Aon Cyber Solutions is uniquely positioned in the market to provide a comprehensive set of services to assess, test, improve, quantify, transfer, and respond to cyber risks. 

Available Positions:
Sr. Consultant, Proactive Advisory Services
Locations: New York, Boston, Washington DC, Dallas, Los Angeles, San Francisco

Vice President, Digital Forensics & Incident Response
Locations: Washington DC, Los Angeles, San Francisco

Sr. Analyst, Threat Intel 
Locations: Remote or any US office

Full-Stack Software Developer
Locations: New York, Washington DC

Tuesday, December 12, 2017

Sr. AWS Security Architect

Sr. AWS Security Architect
Location:           Pleasanton, CA (1/2 mile from Metro)
Duration:           12 to 24+ months
Rate:                $85-125/HR DOE on C2C/1099

The recognized SaaS cloud based industry leader in its market is looking for a Sr. AWS Security Architect. The company has been in business for 20+ years, is public, earns $400+ million in revenue/year, $50+ million in net income/year, has $400+ million in cash reserves, is NOT VC funded, is cash flow positive and has 1,000+ employees. The company has been named to Glassdoor's 2017 Best Places to Work.

The Sr. AWS Security Architect will be solely responsible for leading the ground up design, build out and implementation of an enterprise AWS security infrastructure. The Sr. AWS Security Architect will initially perform an overall assessment of the company’s extremely high-volume SaaS products, the supporting platforms, 3 colocation data centers, existing private cloud, networks, data and web applications and the IT corporate infrastructure to gain an understanding of the environment as a basis for the design of the AWS Security Architecture.

More specifically, the Sr. AWS Security Architect will:
Perform security requirements gathering and controls reviews and then design, develop and execute the AWS Cloud Security initiatives and strategies
Have overall responsibility for the enterprise AWS cloud security architecture and, then, perform the deployment and operationalization of all AWS Security Services and AWS Security controls for cloud-based applications, across all cloud layers (including Infrastructure, Platform, and Software as a Service).
Implement AWS Security Services such as AWS Cloud HSM, Amazon Guard Duty, Amazon Inspector, AWS Key Management Service, Amazon Macie, AWS Shield, AWS Security Groups and any other necessary AWS Security Services
Research, design and implement AWS security measures necessary in order to address security issues related to public clouds such as hardware, network and software monitoring and controls, intrusion detection protection (i.e. VPC flow log, cloud trail, etc.), VPC for AWS, secure Amazon Route 53 DNS web services, the development of AWS Open API’s, etc.
Perform threat modeling and design reviews to assess security implications and requirements for introduction of new technologies into the AWS cloud
Partner closely with several levels of staff (C-Level to staff) and various departments (Network Engineering, Infrastructure, DevOps, Development staff, Data Engineers, Product Managers, etc.) to identify AWS Security risks and develop and deliver AWS security solutions
Design security and privacy controls for AWS cloud hosted applications.
Serve as a subject matter expert for AWS Security during development of AWS Cloud Security strategies and new AWS Service deployments.
Research, stay abreast of and implement all applicable new AWS Cloud Security Service provider offerings and industry emerging trends
The Sr. AWS Security Architect reports to the Director of Security

The company is currently operating a SaaS hybrid private and public cloud environment. The company is a large AWS user with 100+ AWS accounts in production utilizing AWS Services such as EC2: Elastic Load Balancing (ELB) and Launch Configurations, S3, Elastic Bean Stalk, Lambda and API Gateway, Route 53 DNS Service, VPC, CloudFront, CodePipeline and CloudFormation.

REQUIREMENTS:
Must have 10+ years of progressive experience in information technology, information security and network engineering
Expert in Information Security
MUST HAVE experience in designing and securing at least one AWS Information Security architecture (experience must be proven and detailed in resume to be considered).
Should have experience designing and implementing one or more of the following AWS Security Services: AWS Cloud HSM, Amazon Guard Duty, Amazon Inspector, AWS Key Management Service, Amazon Macie, AWS Shield, AWS Security Groups or any other necessary AWS Security Services
Experience securing basic AWS Services such as EC2, S3, ELB, etc.
Experience identifying and implementing traditional security solutions and controls specifically for an AWS public cloud environment i.e. network controls, intrusion detection protection, VPC, network integration with public cloud, application development, etc.
Should come from a network engineering background or have a solid understanding of network engineering concepts and technologies (i.e. MPLS and BGP protocols, firewalls, encryption, virtualization)
Any knowledge and/or hands on experience with security tools including SIEM, IDS (Intrusion Detection Systems), IPS, Vulnerability Management Assessments, Network and Application Scanners, DLP/DLS, Network, Malware, DDoS and and/or security analysis tools is a plus

Al Karaptian
Phone:  310.937.3388

Information Analyst

Job Title: Information Analyst at San Francisco, CA 
Company: Pacific Gas and Electric Company 

Location: San Francisco, CA 
Duration: 6+ Months (Could be extended as per the client needs) 

Description: 

Qualifications: 
Excellent verbal and written communication skills Able to embrace flexibility in assigned roles • Excellent follow-through Demonstrated ability to act independently, develop project plans and meet deadlines. • Ability to quickly gain knowledge and comprehension of new subject matter areas, Minimum of 1 year of experience if they have a Masters or advanced education * BA/BS Information Technology or equivalent experience • Demonstrated willingness to express constructive concerns or issues • Demonstrated success in process improvement initiatives * CCNA, CCNP, ACE and/or equivalent experience 

Responsibilities: 
Providing excellent client and peer interaction using system analytic skills. Assist and support other business analysis on ad hoc requests. Work with the peer and clients to provide ad hoc cyber security services and approvals. Support existing implementation with providing helpdesk, systems support, palo alto firewalls to meet end user needs.

Deval Chaudhary
732-243-0713 

Security Analyst

Job Title: Security Analyst, Vulnerability Management 

Location: Menlo Park, CA 
Duration: 12 Months 

Triage incoming software, systems, and infrastructure vulnerabilities on a daily basis.
Research and reproduce vulnerabilities and the ideal way to mitigate them. 
Proactively update service and system owners of potential vulnerabilities and work with them on resolution. 
Configure internal tooling to automate repetitive manual process 
Create security tasks from different programs and work with security engineers and engineering teams to classify and fix security bugs. 
Capture metrics and use data to measure impact and drive internal improvements. 

Minimum Qualifications 
B.S. in Computer Science or equivalent experience. 
Basic understanding of information security principles. 
Experience with infrastructure technologies, system administration, vulnerability management and/or network security. 
Demonstrates strong analytical and problem-solving skills, detail oriented & organized approach, excellent communication, developed interpersonal skills. 
Ability to manage competing priorities and simultaneous projects in a fast paced environment. 
Preferred Qualifications 
Experience in a tech field and understanding of web application architectures 
Experience with security tools such as vulnerability scanners (Nessus, Qualys, Nexpose) 
Experience working in a web/tech company is highly desirable. 
Experience with query languages and data visualization tools (i.e. tableau) 


Faizan Shaikh 
HireTalent 
135 West 26th Street, Suite 7B 
New York, NY 10001 
(720) 463-7001 
Faizan@hiretalent.com 
www.hiretalent.com

Friday, December 8, 2017

Technical Security Engineer

Job Title: Technical Security Engineer II
Job Location: Sunnyvale, CA
Job Duration: 6+ Months Contract


Minimum Qualifications:
Bachelor's degree with a minimum of 3 years of information security work experience.
A strong interest in the field of information security.
Strong scripting, system administration or software engineering background (e.g. Python, Ruby, Javascript, Perl, or Java).
Fluent in a variety of web application protocols, operating systems and networking technologies.
Strong Understanding of common network vulnerabilities, OS vulnerabilities (Linux, Windows and OSX), patching and attack patterns.
Strong analytical, problem solving and engineering skills.
Good written and verbal communication skills.
Solid organizational skills and strong customer service skills.
Experience with parsing / analysis of large data sets (e.g. vulnerability scan results).
Desired Qualifications:
Certified Information Systems Security Professional (CISSP).
Expertise with OWASP/NIST security concepts and common application security risks, such as XSS, XSRF, SQL Injection, Cookie Manipulation among others.
Familiarity with Enterprise Vulnerability Management tools such as Rapid 7 Nexpose, Nessus and Qualys.
Familiarity with Amazon Web Services (AWS) security



 Naveen Sharma | 
TalentBurst, Inc.

Boston | Dallas | San Francisco | Miami | Milwaukee | Toronto | New Delhi
Work: (508) 628-7574| Fax: (508) 319-3065 | Email: naveen.sharma@talentburst.com
679 Worcester Road | Natick, MA 01760 | www.talentburst.com

Thursday, December 7, 2017

Security Analyst

Job Title: Security Analyst at Sunnyvale,CA 
Company: staffing firm 

My name is Shubham, I am in Talent Acquisition at AgileTalentInc. One of the leading Human Capital Staffing Solutions firms in the country. 

Here is the Detail Job Description: 


Job Title: Security Analyst 
Job ID: 7902702 
Location: Sunnyvale, CA 
Duration: 6 months+ 
Client: Yahoo 
Pay Rate: $30/hour to $40/hour 

Note:- Only Candidates who can work on W2 

Minimum Qualifications: 
• Bachelor’s degree with a minimum of 3 years of information security work experience. 
• A strong interest in the field of information security. 
• Strong scripting, system administration or software engineering background (e.g. Python, Ruby, Javascript, Perl, or Java). 
• Fluent in a variety of web application protocols, operating systems and networking technologies. 
• Strong Understanding of common network vulnerabilities, OS vulnerabilities (Linux, Windows and OSX), patching and attack patterns. 
• Strong analytical, problem solving and engineering skills. 
• Good written and verbal communication skills. 
• Solid organizational skills and strong customer service skills. 
• Experience with parsing / analysis of large data sets (e.g. vulnerability scan results). 
Desired Qualifications: 
• Certified Information Systems Security Professional (CISSP). 
• Expertise with OWASP/NIST security concepts and common application security risks, such as XSS, XSRF, SQL Injection, Cookie Manipulation among others. 
• Familiarity with Enterprise Vulnerability Management tools such as Rapid 7 Nexpose, Nessus and Qualys. 
• Familiarity with Amazon Web Services (AWS) security

Technical Security Engineer II

Job Title: Technical Security Engineer II
Duration: 6-12 months+
Location: Sunnyvale, CA

Job Description:


Responsibilities:
The Technical Security Analyst position is within Oath's IT Security group whose mission is to deliver information security solutions and services to protect Oath information assets, computing infrastructure, applications and data. The Analyst will work within the compliance and vulnerability management team helping to identify and mitigate risks against Oath. The ideal candidate will have great interest in information security, has hands-on security engineering experience and be able to come up with creative and unique solutions to security- related problems.
The Analyst will perform technical security engineering activities including the following:
Perform vulnerability scans, analysis, validation and remediation activities.
Perform network and application penetration testing.
Classify and prioritize the risk of new vulnerabilities according to the specifics of Oath environment's risk level, mitigating factors, and assessment of the impacts of internal and external threats.
Engineer application, system and network security solutions to meet security requirements for varied operating environments.
Research and assess new threats, vulnerability security trends and security alerts, recommend remedial action.
Work with customers to oversee remediation of identified security issues.
Perform technical and non-technical compliance activities.
Provide security subject matter expertise to Oath product teams including developers and system administrators.
Perform security validation for configuration settings on different systems.

Minimum Qualifications:
Bachelor’s degree with a minimum of 3 years of information security work experience.
A strong interest in the field of information security.
Strong scripting, system administration or software engineering background (e.g. Python, Ruby, Javascript, Perl, or Java).
Fluent in a variety of web application protocols, operating systems and networking technologies.
Strong Understanding of common network vulnerabilities, OS vulnerabilities (Linux, Windows and OSX), patching and attack patterns.
Strong analytical, problem solving and engineering skills.
Good written and verbal communication skills.
Solid organizational skills and strong customer service skills.
Experience with parsing / analysis of large data sets (e.g. vulnerability scan results).

Desired Qualifications:
Certified Information Systems Security Professional (CISSP).
Expertise with OWASP/NIST security concepts and common application security risks, such as XSS, XSRF, SQL Injection, Cookie Manipulation among others.
Familiarity with Enterprise Vulnerability Management tools such as Rapid 7 Nexpose, Nessus and Qualys.
Familiarity with Amazon Web Services (AWS) security


Piyush Rai
Technical Recruiter
(201) 340-8700 Ext.442 | (201) 479-2153
piyush.rai@net2source.com
Address: One Evertrust Plaza, Suite # 305, Jersey City, NJ - 07302. USA
Website: www.net2source.com

Security and Privacy Compliance Engineer

Title: Security and Privacy Compliance Engineer
Client: Human Services
Location: Honolulu, Hawaii
Duration: Fulltime
 
Education: Bachelor’s degree from an accredited four (4) year college or university in computer science, information systems, or other related field of information technology.
Specialized training or equivalent work experience can substitute for the education requirement.
Information security related certification(s) such as CISSP, CISA, CISM desired, but not required.
 
REQUIRED CERTIFICATES.
 
Information security-related certification (e.g., incident handling, security essentials, information systems auditing, etc.) desired but not required.
 
Job Description:
Security operations and Centers for Medicare & Medicaid Services (CMS) security standards; Information security principles, methodologies and practices as they relate to the following information security activities:  access control, application security, business continuity and disaster recovery planning, cryptography, risk management, legal and regulatory constraints, compliance, investigations (eDiscovery), operations security, security architecture and design, telecommunications and network security; good understanding of information security aspects of large, complex IT systems and applications; MARS-E, MITA, NIST Special Publications 800 Series (preferred); and public sector or human services business domain (preferred).
 
Job Description:
  • Perform security-related activities to include responding to security incidents, assessing and reviewing security controls, and reporting findings to management.
  • Perform activities that comply with enterprise standards and requirements, and achievement of operational goals and objectives.
  • Works with other individuals within the Privacy and Security Compliance Office, DHS divisions and offices to adhere and comply with documented security policies, procedures, standards, and guidelines.
  • Conducts operational security activities and assess security controls. Works closely with consultants and DHS staff to resolve problems/barriers encountered during assessments.
  • Ensures risks and issues are identified and are properly analyzed, discussed and mitigated, and when necessary are escalated to the appropriate decision-making body.
  • Works with system designers, engineers, users, architects to resolve any problems related to security incidents and security operations.
  • Assists in the development of workable solutions regarding staff utilization, facilities and procedural matters.
  • Participates in a variety of activities with Office of Enterprise Technology Services (ETS) to understand and contribute to the State’s overall management of security incidents and DHS security operations
  • Contributes to project status reports to the DHS teams, Operations Committee and Executive Steering Committee. Identifies areas of risk and recommends action items that should be implemented to mitigate risks.
  • Utilizes appropriate departmental staff as well as outside resources to seek the proper knowledge, skills and abilities required to carry out the objectives/activities of assigned projects and tasks.
  • Maintains active and open communications with security team and consultants/contractors as needed ensuring effective coordination and integration of projects.  Provides teams with constructive feedback as it pertains to project security.
  • Tracks industry trends and maintain knowledge of new technologies to better serve the enterprise’s security operations and incident response needs.
  • Attends team meetings and collaborate with management.
  • Review and ensure the quality of security artifacts; obtain and analyze facts, identify risks and potential mitigation strategies; resolve conflicts fairly and consistently; exercise judgment and make logical and objective decisions; work independently and in a team; gain the confidence and cooperation of others; juggle multiple/conflicting priorities; and communicate effectively both orally and in writing.

Shivam Mahajan
E TalentNetwork
http://etalentnetwork.com
8251 Greensboro Drive, Suite 250
McleanVA
shivamm@etalentnetwork.com
(703) 373-7330 Ext.319

Wednesday, December 6, 2017

Cyber Security Controls Assessor

Job Title: IT - Cyber Security Controls Assessor – Expert in San Francisco, CA// 12 months 
Company: Mindlance 

Job Title: IT - Cyber Security Controls Assessor – Expert 
Location: San Francisco, CA 94105 
Duration: 12 months 


Qualifications: 
Education Minimum: B.S. degree in Computer Science, Information Systems or other related field, or equivalent year work experience. Education Desired: M.S. or M.B.A. degree in business administration, computer science, or equivalent preferred.
Experience Minimum: Minimum of 6 years of combined IT, critical infrastructure, intelligence, and/or cyber/information security work experience. Utility industry experience strongly preferred. 
Experience Desired: Cyber security best practices and standards (e.g. NIST, ISO, etc.) 
• IT security products and technology. 
• Cyber/information security management policies, procedures, regulations and governance processes, Information Systems/Network Security, System Security Analysis, Information Assurance Compliance. 
• Risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems. Computer networking concepts and protocols, and network security methodologies Knowledge, Skills, Abilities and (Technical) Competencies: Demonstrated problem analysis and decision-making skills. 
• Ability to communicate and convey complex IT/OT technical security related concepts to business and technology teams. 
• Ability to influence and work with and across all levels within the business. 
• Excellent written and verbal communication skills required. Ability to perform complex tasks using established policies, procedures and guidelines as reference 

Responsibilities: 
• Leads technology assessments to understand capabilities of required systems or networks. 
• Identifies and recommend cyber capabilities strategies for technology development based on stakeholder requirements. 
• Drives security reviews and identifies gaps in security architecture and design and recommend necessary security controls to be integrated within the development lifecycle. 
• Develops and recommends security controls, identify key security objectives to maximize software and system security while minimizing disruption to plans and schedules. 
• Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation. 
• Owns and documents the implementation of the security controls and creates auditable evidence of security measures. 
• Actively recommends engineering solution in collaboration with Cybersecurity Engineers and Cybersecurity Architects and product owners to remediate inherent cyber security risks. 
• Leads the collection and analysis of benchmarks and metrics for the department to drive continuous improvement. 
• Actively engages with the IT methodology team to recommend and deploy process improvements to ensure that security requirements are incorporated in all technology projects. Provides peer review and support for organizational deliverables.

Feel free to call me at 732-243-0263

Tuesday, December 5, 2017

Information Security Analyst

Information Security Analyst position with a client in Emeryville

We are looking for an analytical thinker who understands information security frameworks or objectives and can think outside the box seek clarity for the implementation possibilities. An ideal person for this role understands how to evaluate solutions for information security protections. 

DIANA FEROZ
 Talent Rep
   O: 925.394.2103   
  dferoz@kforce.com
  www.kforce.com

Monday, December 4, 2017

Security Analyst

Job Title: Security Analyst
Location: Menlo Park, CA
Duration: 12+ Months of Contract  

Minimum Qualifications
B.S. in Computer Science or equivalent experience.
Basic understanding of information security principles.
Experience with infrastructure technologies, system administration, vulnerability management and/or network security.
Demonstrates strong analytical and problem-solving skills, detail oriented & organized approach, excellent communication, developed interpersonal skills.
Ability to manage competing priorities and simultaneous projects in a fast paced environment.
Preferred Qualifications
Experience in a tech field and understanding of web application architectures
Experience with security tools such as vulnerability scanners (Nessus, Qualys, Nexpose)
Experience working in a web/tech company is highly desirable.
Experience with query languages and data visualization tools (i.e. tableau)

 Naveen Sharma | TalentBurst, Inc.

Boston | Dallas | San Francisco | Miami | Milwaukee | Toronto | New Delhi
Work: (508) 628-7574| Fax: (508) 319-3065 | Email: naveen.sharma@talentburst.com
679 Worcester Road | Natick, MA 01760 | www.talentburst.com