Saturday, April 4, 2020

Data Privacy and Security

Position Type:                   Data Privacy and Security 
Duration:                           Long Term 
Location:                           Tempe, AZ  

Job Duties/Responsibilities:
15 years of experience with a minimum of 6-7 years of experience in Data Privacy and Security
AWS Cloud implementation background is a Value ADD
Excellent communication skills

Yashpal Thakur
yashpal.t@shimento.net
Shimento Inc.
1700 N Broadway # 300 Walnut Creek, CA 94596
(D) 424-285-5620 (Yashpal.t@shimento.net)
www.Shimento.com

Tuesday, March 31, 2020

Information Security Analyst III

Role: Information Security Analyst III

Location: Sunnyvale, CA

Duration: 12+ Months

Responsibilities:

This information security analyst will understand governance, risk and controls strategy for information security and product security and will be responsible for documenting the security policies, security procedures, product architecture topology diagrams and data flows, security controls definition and implementation details.
This person will also closely work with the security and product engineering staff members to assess the current state and maturity of various controls, find gaps and define roadmap to address those gaps.
The analyst will mainly focus on security-related documentation required for internal and external/audit consumption to obtain industry certifications like PCI-DSS compliance, ISO 27001, SOC2 and SOC3 certifications and other similar regulatory certifications.
This person will also focus on enabling to be an integral member of Cloud Security Alliance (CSA) and submit the self-assessment documents.
The analyst must have deep understanding of technologies, tools and architecture related to Threat and Vulnerability Management, DevSecOps, Customer Facing IAM, Employee facing IAM, infrastructure security, data security and security intelligence involving SIEM tools implementation and SOC functions.
Excellent verbal and written communications are required.
The security analyst should have deep understanding of business context of IaaS PaaS and SaaS cloud offferings and what it takes to secure these product offerings.
The analyst should also be able to translate the security implementation into risk and governance language for consumption by legal, privacy, internal audit and external auditors.
The analyst should also understand NIST and COBIT control framework and should have prior experience of helping an organization go through the certification process for certifications like ISO 27001 SOC2 etc.
Knowledge of and experience in ITSM business processes and the corresponding documentation is required..
CISST, CISSA – certifications.
 

Nitin Gera | 408.503.6915 | nitin.gera@amiseq.com
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Monday, March 30, 2020

Cyber Security Controls Assessor

Job Description:

Role: 
IT - Cyber Security Controls Assessor

Location: San Francisco /Sacramento/ San Ramon/ Concord

Duration: 12+ Months

Qualifications:

Bachelors in Computer Science, or related discipline, or equivalent experience.
Experience in Information Technology (IT) risk management, or related
5 yrs Experience in Information Technology (IT)
5 yrs Utility industry experience 
Certified Information Systems Security Professional (CISSP)
OR
Certified in Risk and Information Systems Control (CRISC)
OR
Certified Information Systems Auditor (CISA) 

Nitin Gera | 408.503.6915 | nitin.gera@amiseq.com
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Network Security Engineer

Job Title: Network Security Engineer
Location: Richardson,TX 
Duration: Contract

Job Description:

Bachelor's Degree in the Information Technology, Information security , or related fields preferred
Minimum 5-7 years in the Information Security field in a client-facing security services advisor, security analyst, security engineer
Must have background, experience, and understanding of networking and network security technologies such as Firewalls, IDS/IPS, Proxies, Content Filtering, Application security, SIEM and Log, monitoring/management, Vulnerability Management, Risk and Compliance
Previous experience in an operations, engineering or other technical role within networking, network security, IT and/or telecommunications field, particularly in a client facing role
Ability to analyze log data, threat data, and threat intelligence information, interpret, and communicate derived meaning to client with recommendations for risk mitigation strategies
Expert level knowledge of Cisco ASA/ Palo Alto
Has significant experience working in large-scale, enterprise strategic initiatives
Illustrates advanced knowledge of internal and perimeter security controls, network architecture, advanced network security platforms
Strong analytical skills, technical writing skills, communication skills, crisis management skills
Network Security certifications (CCNP Security , PCNSE, CEH, Security+, Vendor Certificates) preferred
Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred
Non-Technical:
Possesses solid communications skills, both written and verbal
Demonstrates solid analysis skills
Responsibility of / Expectations from the Role
Expertise of Cisco ASA, Palo Alto or VM NSX
Deploy network security solution across enterprise
Work with various stakeholders in implementation of the technology
Knowledge sharing with network team
Help in reporting

Reena Kumari
Sr. Engineering Recruiter
eTeam Inc.
(732) 338-2745
1001 Durham Avenue, Suite 201,South Plainfield, NJ 07080
South Plainfield, NJ, 07080

Saturday, March 28, 2020

Cyber Threat Analysts

W2 pay rate: $50-$70 hourly
Job # 9969823
Onsite Work Location: St Louis MO  63134 or Franklin Lakes, NJ  07417 following Covid 19
10 month contract

Cyber Threat Analyst
Duties: The  Information Protection Senior Advisor drives Security and Privacy monitoring and alerting solutions across business segments and supports objective and professional analysis and response to security policy violations. The ideal candidate will have excellent analytical skills, a background in cyber security, and intermediate-level technical skills. The candidate will be recognized internally as a subject matter expert who provides expert counsel on complex Information Protection assignments/projects. The role requires the ability to analyze complex information security issues, to recommend solutions to functional leaders and key stakeholders, and the ability to apply the technical solutions.
FUNCTIONAL RESPONSIBILITIES
Apply understanding of threat actor TTPs, threat intelligence, vulnerability data and other relevant threat-related information to the development of threat detection use cases.
This position will be responsible for creating and managing custom monitoring and alerting solutions in Splunk in partnership with various customers and product owners in order to provide business and security value.
Develop and manage custom Tanium signal content
Leverage big data analytic tools to identify anomalous activity
Leverage Kanban methodology in support of an agile framework to develop content in accordance with established SLA's
Utilize Content Governance to ensure all content is documented, inventoried and aligns to naming standards and best practices
Manage the lifecycle of all content, including operations and maintenance routines to ensure contents continued viability and relevance
Perform functional, user-acceptance, and regression testing in support of SDLC practices
Continuously improve processes and operationalize new and innovative detection techniques to drive maturity
Apply thought leadership within Information Protection and across broader projects that impact the extended business environment.

Bachelor's degree in related field with 3 years of experience.
Master's degree in related field with 1 year of experience
5 years relevant experience without Bachelor's Degree.
Ability to write scripts in Python or PowerShell required
Strong pattern recognition and deductive reasoning skills
Strong understanding of malware techniques and host-based forensics
Experience with statistical analysis is a plus
Familiarity with the Cyber Kill Chain, Diamond, VERIS or ATT&CK modeling is a plus.

Skills and Experience:
Required Skills:
FORENSICS
INFORMATION SECURITY
MAINTENANCE
MALWARE
OPERATIONS
Additional Skills:
REGRESSION TESTING
SDLC
SECURITY
CYBER SECURITY
GOVERNANCE
KANBAN
SPLUNK
STATISTICAL ANALYSIS
SUBJECT MATTER EXPERT
THOUGHT LEADERSHIP
USE CASES
PATTERN RECOGNITION
PYTHON

Please send resume for immediate consideration

  Erika Marsek | Technical Recruiter
  Strategic Staffing Solutions
  200 N Broadway Suite 1720, St. Louis, MO  63102
  emarsek@strategicstaff.com
  www.strategicstaff.com

Network Security

Job Title: Network Security
LocationSan Diego, CA
DurationContract
Job Description: Network Security Engineer. (L3)
Technical skill set
  • Must have hands on experience in managing Palo Alto firewalls not limited to managing multi VSYS instance, BGP peering, security policies management
  • Hands on experience in managing threat prevention components of Palo Alto firewall
  • Strong Experience with BGP route reflector and all other routing protocols
  • Troubleshoot network route related issues and recommend best practices that helps to prevent any issues that impacts the network
  • Should have good troubleshooting skills – ability to analyse network packet captures, ability to isolate the cause of an issue, working with various support teams to resolve day today issues
  • Good to have experience with VMWare NSX firewall and Juniper SRX
  • Strong experience with Security (IPSEC / SSL-VPN / NAT)
  • Should have good presentation skills - shall be able to participate in the review meetings and be able put across the points of concern
  • Should have Capability to conduct risk analysis, impact analysis, dependencies on customer/internal teams,
  • Knowledge and experience of working with ITIL Processes
  • Preference would be given to candidate holding PCNSE

Non-Technical Responsibilities
  • Coordinate with other team members for availability of capable resource
  • Ensure quality work - review and validate the technical configuration changes
  • Coordinate with COE resources for resolution of technical issues/problems before escalation to OEM

Technical Responsibilities
  • Configuration and management of all firewalls,
  • Manage security policies and profiles to handle day to day operations
  • Articulate or highlight risks/dependencies
  • Adhering to high-quality standards and best practices, high performance, and scalable, repeatable processes and deliverables in accordance with applicable regulations
  • Analyze, troubleshoot, and investigate network security-related incident based on security platform reporting, network traffic, log files, host-based and automated security alerts

HMG America LLC
Cell: (315) 983-4969
Direct 732-645-2740
manpreet@hmgamerica.com

Security & Risk Analyst

Title: Security & Risk Analyst - II
Duration: 6 Months
Location: Foster City, CA 94404

Will be remote only temporarily due to Coronavirus.

Description:
Skilll sets are more or less in the description…
• Familiarity with vendor security and privacy assessments (we can obviously train on our specific processes)
• Familiar with using ServiceNow tools (The GRC module especially)
• Ability to interact professionally with teams from Security, IT and the business.
• Ability to write and communicate in proper business English (including writing our formal assessment documents)
A lead should have ~5 years of experience.
System requirements – VDI or Citrix would be used for access. Laptops may be provided but this is tbd.
For education, I’d prefer a college degree.
The primary responsibilities will be the delivery of key security and privacy related functions related to performing Privacy Impact Assessments (PIA), vendor security assessments and security policy exception management. 
The IT Security and Privacy analyst is a key member of the Information Security and Privacy team and works closely with other team members, colleagues in IT and our business partners. 
The Security and Privacy Analyst will serve as a subject matter expert on Information Security and Privacy principles; company policies and standards; and regulatory requirements (e.g GDPR, CCPA, etc.) as they pertain to privacy and security incidents. 
The person in this position will be required to understand and communicate the reporting requirements as defined by company policy and interpret and apply the concepts and requirements when processing and managing privacy and security incidents.



Kabirkhan Pathan
Recruitment Executive
Integrated Resources, Inc.
IT|Life Sciences| Healthcare
(Direct) 732-844-8738 (W) 732-549-2030 x 327
Email ID – kabir@irionline.com