Saturday, February 17, 2018

Security (GAIC Certified) Engineer

Job title: Security (GAIC Certified) Engineer
Location: San francisco, CA
Duration: 6 Months C2H
 
Security Engineer Details-
The goal is to get as close to the “overall” mark as possible. Looking for a strong Security Engineer, GAIC certification preferred.
Please Google what the certifications are for, that will assist your search. (GIAC, CISSP)
Search string ideas- Intrusion detection (IDS), solutions, packet analysis,
 
Technical Skills:
Strong experience with various network security devices, features and technologies like firewalls (Cisco/JNPR/Palo Alto), Intrusion Detection/Prevention systems (Cisco, Bro), Network Access control solutions, Web filtering solutions (Bluecoat), Network packet brokers (Gigamon), network traffic visibility solutions (Gigamon), FireEye etc.
Professional level experience with Cisco routing/switching and security implementations
Professional level experience with Juniper routing/switching
Advanced level knowledge of various VPN technologies
Advanced level knowledge of network security protocols, technologies, standards and tools         
Advanced level knowledge of various authentication protocols and solutions
Ability to competently develop System Designs, Network Diagrams, Migration Plans, and Test Plans
 
Soft skills:
Must possess ability to work independently.
Must possess excellent communication skills in order to communicate effectively with leadership as well as business and other IT stakeholders.
Good understanding of change control process in mission critical environments.
 
Certifications:
Certified Information Systems Security Professional (CISSP) - Preferred
GIAC Security Essentials (GSEC) - Preferred
GIAC Network Forensic Analyst (GNFA) – Prefer


Rodney Marsh | Staffing Manager
Panzer Solutions LLC
50 Washington Street,
9th Floor, SONO Corporate Center
Norwalk CT 06854
Direct: 203-442-9743
Office: 203-652-1444 ; Ext: 120
Fax: 203-286-1457
Email: 

Thursday, February 15, 2018

Hiring Event

Kelly Services is here to help!
Join us next week at our Huge Hiring Event in Irving, TX.

When:  Thursday, 2/22/2018 from 9am-3pm 
Where:  7301 N. St. Hwy 161, Ste. 170
Irving, TX  75039
 
We’re looking for experienced and motivated Electrical Assemblers and Machine Operators in the Addison, Farmers Branch and Lewisville area!!
If you are seeking a great opportunity with a company that values your time and hard work, this is the opportunity for you!!
We’re looking for all shifts, and pay rates range from $10.75 to $17 (depending on experience and/or shift).

Wednesday, February 14, 2018

Security Architect

Job Title: Security Architect in Santa Clara, CA
Company: Mortgage Client

Job Title: Security Architect
Location:- Santa Clara, CA

• Bachelors degree in a technical related field and minimum 8 years of recent relevant experience
• A minimum of 5 years of proven broad in-depth technical knowledge of Security concepts, principles and process is required.
• A minimum of 5 years of experience in and a strong understanding of infrastructure, application and security appliance functionality using strong security practices
• Hold the (ISC)2 CISSP professional certification, or be able achieve this certification within 3 months of employment. In addition, at least one of the following Professional certification(s) required ISACA CISM, ISACA CISA, CCIE, (ISC)2 concentration certification (i.e., ISSAP, ISSMP, or ISSEP), or SNIA SCSE, with a preference for ISACA CISA.
• Possess the relationship skills, cultural awareness, and organizational prowess required to work effectively in a large, highly-matrixed organization. Capable of delivering results through a position of influence, not authority.
• Adept at communicating complex concepts to diverse audiences with varying skills sets.
• Written and oral Communication skills are critical. Must be able to communicate with the technology providers as well as with business leaders. An ability to understand the technical details and communicate the essentials at a high level is essential.
• Ensures that Product Security offerings meet the requirements of all USA and International regulatory requirements or contractual requirements;
Preferred Skills / Qualifications:
• Experience interaction with geographically disbursed and international resources.
• Advanced technical capabilities in a wide array of platforms and systems (e.g., VMware, Windows, Cisco UCS, UNIX, SQL, etc.).
• In-depth knowledge (experience preferred) of product development, especially software development, source code control, release process, defect reporting and tracking, documentation, and support.
• In-depth experience with IT audit/assessment/examination; SAS 70/SSAE practices; ITIL; ISO-standards; NIST, CobiT and Industry standard application development methodologies
• Demonstrated experience teaming with business and IT stakeholders teaming on projects to deliver world class results
• In-depth internal control knowledge of core IT technologies and processes (e.g., network systems, operating systems databases, change control tools and processes, computer system operations, application and system development, help desk and monitoring, information security, data backup/retention/recovery, IT vendor management, asset management, disaster recovery, etc.)
• Knowledge of Information Storage Systems highly desired, but not required

Omkar Rawal


Tuesday, February 13, 2018

Sr Information Security Engineer

Position Title: Sr Information Security Engineer
Location: San Jose, CA
Duration: 12+ Months
 
Minimum Qualifications
looking for a candidate who will assist with the design, implementation, security and ongoing support of the cyber security tools and processes within their Global Information Security Team.
This position will work directly with teams inside and outside of GIS as part of our overarching data security strategy for corporate and marketplaces Threat Management and Response, Data Science, and GRC initiatives.
The ideal candidate will have a passion for cybersecurity, system monitoring and analysis, and developing/automating creative solutions. As a Security Engineer, you will be expected to be skilled at identifying security gaps in infrastructure and process, effectively execute projects/initiatives to address them, demonstrate excellent judgment, prioritization and communication of technical security risks, and act as a security liaison supporting business units.
 
Key Responsibilities may include: 
 
• Provide technical inputs, evaluate and recommend new and emerging security products and technologies
• Defines security configurations for threat detection and prevention tools
• Designs automated workflows to streamline security operations
• Monitors and proactively manages supported products and services to assure their performance, availability, security, and capacity.
• Researches, analyzes, and formulates recommendations regarding technologies, products, and solutions to fulfill requirements within the enterprise.
• Security tool administration and support(Network/Endpoint/Threat Hunting/Investigations)
• Tool deployment and implementation experience on a global scale
• Understanding of Splunk configurations, dependencies, and forwarder management
• Strong understanding of enterprise logging using syslog-ng, with a focus on security event logging
• Knowledge of system and network architecture and interrelationships (technical and functional).
• Designs, implements, configures, and manages solutions within the supported Linux technologies, products, and services.
• Research and recommend innovative and automated approaches for operational tasks which leverage available resources and simplify operational overhead.
• Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms
 
Job Requirements
 
• Basic Qualifications:
• Minimum 8-10 years of experience in Security Administration
• Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude
• Demonstrates the ability to analyze and resolve issues independently
• Knowledge of project management tasks, experience creating application documentation, and demonstrated ability to train other team members.
• Manage maintenance, enhancements and upgrades for supported security systems using standard project methodology
• Scripting knowledge is a plus (python, shell)
• Bachelors Degree preferred
• Preference for at least one current recognized security professional certification such as CISSP, GIAC
• Experience in working in a highly dynamic large scale enterprise
• Knowledge of security vendors and security product capabilities
 
• Professional Skill Requirements:
 
• Good organizational, multi-tasking, and time-management skills
• Ability to successfully pass a client background screening if required
• Proven ability to work independently and as a team member
• Good communication (written and oral) and interpersonal skills
• Ability to work with multiple teams in a fast paced environment
 

Sourav Kumar | Sr Technical Recruiter- Resource Management Group
Intelliswift Software Inc 
39600 Balentine Dr., Suite 200 Newark, CA 94560
www.intelliswift.com   |    Phone: 510-370-4447  | Fax: 510-578-7710

Security Analyst

Job description:
The tasks for the Security Analyst include, but are not limited to, the following:
  1. Act as a Lead Consultant/Subject Matter Expert/domain champion
  2. Work on development of Information Security plan (ISP) and performing gap analyses
  3. Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.
  4. Assist with audit remediation validation for compliance to security policies/standards
  5. Assist in the evaluation of security risk assessments and gap analysis
  6. Knowledge transfer to and training of State Fund employees
  7. Assist in updating/developing policies, training materials, website, procedures, controls, etc.
  8. Assist in creating policy compliance procedures including compliance measurement reports/dashboard
  9. Assist with audit remediation validation for compliance to security policies/standards
  10. Assist with the implementation of the various security tools
  11. Knowledge transfer to and training of State Fund employees
  12. Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters
  13. Act as Lead/Co-Lead/Backup on assigned Enterprise Security project
  14. Knowledge transfer to and training of State Fund employees  

Technical Knowledge and Skills:
  • Hardware: network switches, routers, load balancers, servers, storage systems
  • Operating Systems: UNIX, Linux, Windows
  • Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
  • Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP,  NFS, Samba, etc
  • Active Directory
  • Vulnerability Assessments
  • Penetration Testing
  • Security
  • Mainframe DB2
  • Oracle databases
  • Best Practices Standards: ISO 27001/27002, PCI:DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.
  • Excellent communication, technical writing, and customer service skills
Professional Skills:
  • 5-15+ Years’ experience in information security, Audit, and Security/Audit Compliance.
  • CISSP Required.  Other highly desirable security certifications may be substituted for CISSP (for e.g., CISM, CISA, etc.)
  • Extensive experiencing conducting ISO 27k gap assessment preferred but not required
  • Should have extensive experience in leading IT security/compliance/audit projects.

Monday, February 12, 2018

Senior Software Engineer

Senior Software Engineer,  Back-End (ArcSight SIEM experience MUST)
Sunnyvale, CA
Long term contract (12 months+)
 
Key Responsibilities 
 
•             Help design and develop the next generation of ArcSight SIEM platform.
•             Work with Java and other related technologies to design, develop and integrate new features into existing high-performance applications.
•             Contribute to architecture, tools, standards and practices.
•             Produce high quality, efficient design and implementation on time.
•             Participate in maintaining code ownership areas.
•             Collaborate effectively with cross-functional teams to deliver quality product.
•             Demonstrate effective leadership, mentoring and communication skills.
 
Qualifications
 
•             5+ years Java server-side development experience.
•             Solid foundation in Computer Science such as data structures, computational algorithms and concurrency.
•             Strong familiarity with OO design and development methodologies.
•             Fluency in Java; experience in designing and developing Java-based server-side applications.
•             Understanding of RDBMS, hands-on JDBC experience.
•             Comfortable working in both Windows and Linux environments.
•             Experience in building high-performance scalable systems is a plus.
•             Prior experience with distributed / real-time systems preferred.
•             Experience with agile development practices is a plus.
•             Ability to operate effectively and independently or as a team member in a dynamic, fluid environment.
•             Ability and willingness to learn new technologies and tools quickly.
•             Effective communication skills.
•             BS in Computer Science, Mathematics or Statistics; MS preferred
 
Chayan Mukherjee
(201) 450-9555 |
Chayan@net2source.com
Address: One Evertrust Plaza, Suite # 305, Jersey City, NJ - 07302. USA
Website: www.net2source.com

Threat Analyst

Job Title: Urgent Job opportunity as IT Cyber Security Threat Analyst/Specialist at Concord, CA 
Company: Mindlance Inc. 

Title: IT Cyber Security Threat Analyst/Specialist 
Location: Concord, CA 
Duration: 6+ Months assignment (Can be extended) 

Responsibilities: 

Expect to see at least one of these below: 
1. IBM QRadar SEIM Encase – Forensics analysis tool ProofPoint IDS / IPS Palo Alto Firewalls. Open source security tools such as Suricata, SANS SIFT workstation. Open source forensics tools – Volatility etc. 
2. Prior SEIM experience – Security event and information management system, log aggregation and event notification 
3. Network packet analysis (PCAP analysis) – Analyzing network packet for malicious / suspicious activity 
4. Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert. 

Some Other Skills: 
1. Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application 
2. Good analytical skills – ability to analyze and think out of the box when working a security event 
3. Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking. 

Preferred: 
1. Wireshark experience and WCNA (a plus) - Open source network packet analysis tool, WCNA – wireshark certificate. 
2. Any GIAC certifications (a plus) – These are SANS (industry well known security course provider) certs such as GMON, GSEC, GCIH etc. Tools (for associate the below tools in their resume will be a huge plus, for career and above. 
3. Experience with IBM QRadar (a plus) – IBM QRadar is the SEIM PG&E has deployed and is using.

Swati
swatip2@mindlance.com
732.898-1945

Thursday, February 8, 2018

Information Security Engineer

InfoSecurity Engineer
San Jose, CA/Long Term Contract

Minimum 8-10 years of experience in Security Administration, Minimum 3 years of experience in implementing and managing Splunk in a large scale environment, Splunk certifications is a plus, Preference for at least one current recognized security professional certification such as CISSP, GIAC, Experience in working in a highly dynamic large scale enterprise, Following will be pluses: Symantec Vontu, Tripwire for file integrity monitoring, Imperva for database monitoring, netwitness/Cyphort for fraud and malware monitoring Splunk


Need local resumes

Kapil

Tuesday, February 6, 2018

IT Security Engineer

IT Security Engineer IV
Palo Alto, CA
Long Term Contract

Required Skills:
·         10 yrs total of Splunk Administration, Infrastructure Design, Linux, and Data Analytics.

IT Security Engineer is responsible for:
·         Splunk Enterprise and Splunk Enterprise Security infrastructures
·         Intrusion Monitoring (IDS/HIDS)
·         Incident First Response
·         Firewall and Content Filter Rule Review and Analysis
·         Antivirus Policy
·         Threat Analysis
·         Providing support and assistance during internal and external audits
·         Training and evangelizing information security to Executive leaders, Engineers and Users. Prior Technical Security Experience
·         Knowledge of all aspects of information security with in understanding of firewalls, IDS, HIDS, Content Filtering, Network hardening, Packet Inspection, and SEIM tools.
·         General knowledge of Cloud Computing environments and security issues related to those environments.
·         Working effectively in a team environment. Strong written and verbal communications.
·         Ability to prioritize projects and deliverables. Desired skills/experience/certification: Scripting skills (One or more Java, Perl, Ruby, Python).
·         Security certifications: GCIH, GIAC. System Security (OS Hardening, etc.) Vulnerability Management.

Peter
Senior Recruiter
Spire Systems, www.Spireinc.com
Direct : 650-445-0108

Sr. Application Security Engineer

Sr. Application Security Engineer
Location:           San Mateo, CA or San Francisco, CA
Salary:              $150-200+K + Stock Options
Telecommuting: 1 day/week

The recognized SaaS industry leader in its market is looking for a Sr. Application Security Engineer. The company has been in business for 11 years, earns $100+ million in revenue/year, has 1000+ global clients (such as Dell, Box.com, General Motors) and has 800+ employees. The company has been named to as the leader in the industry by Forrester Research, has been valued at $1+ Billion and won Glass Door’s 2018 Best Places to Work.

The Application/Software Security Engineer will join a growing Security team that has overall security responsibility for securing mission critical extremely high-volume SaaS products running on AWS. The Application Security Engineer will be primarily responsible for securing SaaS web applications in 2 areas:
1.     Static Application Security Testing (SAST): Research, select, design, implement and manage SAST Tools to analyze source code and/or compiled versions of code to help find security flaws. (i.e. OWASP SonarQube, Orizon, Lapse, O2, OWASP Web, etc.)
2.     Dynamic Application Security Testing (DAST): Research, select, design, implement and manage DAST Web Application Vulnerability Scanning and Automated tools to scan SaaS web applications for security vulnerabilities such as Cross-site scripting, SQL Injection, Command Injection, Path Traversal and insecure server configuration (IBM AppScan, Burp Suite, Rapid 7 Nexpose, QualysGuard, Retina, OWASP Zed Attack, etc.)
3.     Run Time Application Self Protection (RASP) Application testing: Utilize tCell to protect web apps deployed in AWS.

The Application Security Engineer will be responsible for designing and implementing security policies, processes, procedures and security audits/review processes as it relates to the software development lifecycle of existing and new SaaS products and features by the current Java development teams.

The Application Security Engineer will report directly to the Director of Security

The company offers matching 401K, full benefits (PPO & HMO) including medical, dental and vision, HAS/FSA, 15 PTO days, 10 paid Holidays, Short and Long-Term Disability, Life Insurance, Employee Assistance Program, Public Transportation and Transit subsidies, Student Loan Discounts, fitness reimbursement program, healthy snacks, UrbanSitter, Extended Maternity leave, casual dress, paid parking (or public transportation subsidization) and flexible work hours that all start upon employment.


REQUIREMENTS:
·         Must have experience securing the SDLC in a Cloud environment (preferably AWS)
·         Must have experience with 1 or more of the following:
o    SAST: Static Application Security Testing Tools
o    DAST: Dynamic Application Security Testing Tools
o    RASP: Run Time Application Self Protection Tools
·         Must have experience writing automated testing tools utilizing Python, Ruby, GoLang etc. (preferably that integrates with AWS
·         Any experience with AWS API and CLI to automate tasks is a plus
·         Any experience with IAST (interactive application security testing) is a plus
·         Any experience with the following AWS Security Services are a plus: AWS Cloud HSM, AWS Config, AWS IAM, Amazon Guard Duty, Amazon Inspector, AWS Key Management Service, Amazon Macie, AWS Shield, AWS Security Groups, Cloud Directory and any other necessary AWS Security Services

Al Karaptian
Phone:  310.937.3388

Monday, February 5, 2018

Information Security Analyst

Job Title: Information security analyst
Company: Xoriant Corporation.

Please send me your updated resume and contact details at Aditya.mujumdar@xoriant.com or call me at 408-550-1269.

Job Description:
Skills - Information Security Analyst
Location - Santa Clara, CA
Duration - 6 -12 months

Develops and executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
Researches attempted or successful efforts to compromise systems security and designs countermeasures.
Maintains hardware, software and network firewalls and encryption protocols.
Administers security policies to control physical and virtual access to systems.
Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information and systems.
Survey Tip: May be internal or external, client-focused, working in conjunction with Professional Services and outsourcing functions. May include company-wide, web-enabled solutions. Individuals whose primary focus is on developing, testing, debugging and deploying code or processing routines that support security protocols for an established system or systems should be matched to the appropriate Programmer or Programmer/Analyst family in the Information Technology/MIS functional area.

Aditya Mujumdar

Senior Security Engineer

Job Title: Senior Security Engineer (1308-1) 
Company: Integrated Resources Inc. 

Position: Senior Security Engineer (1308-1) 
Location: REMOTE 
Duration: 3+ months (Possibility of extension OR conversion) 

Description: 
Summary 
Applies current computer science technologies to the design, development, evaluation, and integration of computer systems and networks to maintain system security. Works with commercial computer product vendors in the design and evaluation of state-of the- art secure operating systems, networks, and database products. Provides security engineering and integration services to internal customers. Involved in a wide range of security issues including architectures, electronic data traffic, and network access. 

Knowledge, Skills & Abilities 
• Conduct host and network based forensics, log analysis, and malware triage in support of incident response investigations 
• Perform digital hunting to detect threats that may already have a foothold inside the network 
• Utilize cutting edge technology and processes to conduct large-scale investigations and examine endpoint and network-based sources of evidence 
• Recognize and quantify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations 
• Create scripts, tools, or methodologies to enhance Molina's incident investigation processes 
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences 
• Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel 
• Work with security and IT operations to implement remediation plans in response to incidents 
Job Qualifications 

Required Education 
• BS or equivalent degree in Computer Science or related technical discipline, related certifications or experience 

Required Experience 
• Minimum of 2 – 5 years of comparable experience; minimum 8 years of experience if no degree 
• Windows disk and memory forensics 
• Unix or Linux disk and memory forensics 
• Network Security Monitoring (NSM), network traffic analysis, and log analysis 
• Static and dynamic malware analysis 
• Applied knowledge in at least one scripting or development language (i.e., Python) 
• Extensive understanding of enterprise security controls in Active Directory / Windows environments 
• Experience with hands-on penetration testing against Windows, wireless, Unix, or web application targets 
• Experience in training, presenting and leading junior staff 

Preferred Experience 
• 5-7 years of experience 
• Experience with programming/scripting languages 
• Background in operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services) 
• Background performing incident response and digital forensics 
• Experience in configuration or management of feeds into event aggregation and correlation systems (e.g., Security Analytics, Splunk, ArcSight) 
• Experience with improvement of analyst effectiveness by optimizing signature quality in collaboration with other analysts and developers 
• Background in systems administration for Windows and/or *nix based environments 
• Familiarity with host based security tools (e.g., EnCase, Forensic Toolkit, ECAT, Volatility, Memory Forensics) 


Preferred License, Certification, Association 
• GIAC GCIH, GCIA, GCFA, GCFE, GREM

Vicky Sontakki