Wednesday, October 9, 2019

Security Analyst

Primary responsibilities include, but are not limited to the following:
  1. Review and provide recommendations to develop and improve State Fund’s security processes including performing gap analyses and driving assessments.
  2. Participate and/or drive implementation of security environment enhancements.
  3. Knowledge transfer to and training of State Fund employees including documented training materials.
  4. Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices.
  5. Attend meetings/Represent ESEC as a Senior Lead for all security matters.
  6. Act as Lead/Co-Lead/Backup on assigned ESEC projects
  7. Other duties as assigned such as: update of existing security policies and develop new ones, evaluation of security risk assessments, etc.


TECHNICAL KNOWLEDGE AND SKILLS:

  • MINIMUM OF 5+ YEARS OF SECURITY PRACTICES (HANDS ON).
  • TECHNICAL SECURITY PROJECT MANAGEMENT SKILLS
  • WORKING EXPERIENCE USING BEST PRACTICES STANDARDS AND FRAMEWORKS: ISO 27001/27002, PCI:DSS V3; GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF, CIS RAM

WORKING EXPERIENCE, AT A MINIMUM:
o             HARDWARE: NETWORK SWITCHES, ROUTERS, LOAD BALANCERS, SERVERS, STORAGE SYSTEMS, END-USER SYSTEMS, MOBILE DEVICES, OR OTHER DEVICES THAT ENABLE THE ORGANIZATION TO COMPLETE ITS MISSION
o             OPERATING SYSTEMS: UNIX, LINUX, WINDOWS
o             NETWORK: LAN, WAN, INTERNET, PROXY/FILTERING, FIREWALL, VPN, DMZ
o             NETWORK PROTOCOLS SUCH AS TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, ETC.
o             DATABASES: ORACLE, SQL, MYSQL
o             CLOUD PLATFORMS: IAAS, PAAS, SAAS
o             SECURITY CONCEPTS SUCH AS ENCRYPTION, HARDENING, ETC.
o             SECURITY GRC
o             ACTIVE DIRECTORY
o             PROGRAMMING LANGUAGES ARE A PLUS

PROFESSIONAL SKILLS:
The Consultant resource(s) shall possess most of the following skills:
  • Strong analytical and critical thinking skills.
  • Ability to analyze information and formulate solutions to problems.
  • Provide more in-depth analysis with a high-level view of goals and end deliverables.
  • Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
  • Plan and manage all aspects of the support function.
  • Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
  • Expert knowledge in project management practices and ability to document processes and procedures as needed.
  • Self-motivated/Self-Starter/Proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
  • Ask questions and share information gained with other support team members, recording and documenting this knowledge
  • Elicit and gather user requirements and/or problem description information, and record this information accurately
  • Listen carefully and act upon user requirements
  • Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
  • Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
  • Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
  • Take responsibility for the integrity of the solution
  • Convey and explain complex problems and solutions in an understandable language to both technical and non-technical personnel.
  • Present solutions (technical and non-technical) to management and decision makers
  • Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
  • Experience in managing multiple projects.
  • 5+ Years’ experience in information security.
  • CISSP. Other highly desirable security certifications may be substituted for CISSP (for e.g., CISA, CISM, etc.)


Jennifer Ramos
VP Recruiting
Conde Group, Inc. Consulting and Staffing Services
"Bringing the best to your Workforce"
Managed Cyber Security Services (MCSS)
Phone 925-292-5408
Fax 858-724-6688

Saturday, October 5, 2019

Security & Risk Analyst - III

Title: Security & Risk Analyst - III
Location: Foster City, CA 94404
Duration: 1 year

Description:
·         Need an experienced SIEM engineer who is experienced with creating and tuning content in HPE ArcSight
·         Experience with security solutions for file share monitoring, certificate and SSH key management tools and enterprise key management tools is preferred.
·         Manages an area of the IT Security and Risk Management Program that impacts multiple departments internal and external to IT, sets goals and objectives, tracks and communicates status, acts as spokesperson to business partners and colleagues on program subject area.
·         Identifies security processes and standards across IT that would benefit from improvement.
·         Proposes new standards, tools, policies and procedures to improve security, compliance and risk management activities in client. Benchmarks innovative solutions as a method of monitoring progression to ensure value is being created and is consistent with organizational goals, objectives and standards.
·         Leads the security design of projects that entail large risk and widespread implications to the business.
·         Reports status on activities, issues, projects, etc. to senior IT management, including the effectiveness and efficiency of security activities. Works with IT, Quality Assurance, and business colleagues to ensure audit readiness, and to prepare for internal and external audits. Reviews security documents and project artifacts for complex situations. Assesses and manages compliance risks across the organization, escalating to senior management as necessary.


Nick S
Sr Technical Recruiter
Integrated Resources, Inc.
IT Life Sciences Healthcare
Direct desk line: 650-399-0884 (W) 732-549-2030 x 355

Friday, October 4, 2019

Front End UI Developer

Position: FrontEnd UI Developer
Location: SFO, CA
Duration: 6-12+ Month Contract
Interview: Phone and Skype

Job Description:
  • Should be able to develop HTMLs compatible with all web browsers for tablet, mobile and desktop
  • Integrate HTML files in marketing automation or email broadcast system.
  • Work with clients to set up the technical aspects of their requirements
  • Experience working with CSS3 and HTML5 within a JS framework.
  • Experience with abstraction and code reuse of CSS/SCSS/SASS/LESS or similar technologies
  • Proficient in HTML5, CSS, JS, jQuery, media queries, nodeJS, AJAX, bootstrap framework. **React would be a plus**
  • High proficiency with any CMS will be added advantage.
  • Proficiency with responsive web design techniques and the use of frameworks.
  • Email HTML development experience
  • Web/Graphic design experience
  • Exceptional communication skills
  • Must be able to work independently as well as part of a team
Amit Dabas
IDC Technologies, Inc.
Milpitas, CA 95035, USA
Phone: 408-418-5778 ext. 3038

Tuesday, October 1, 2019

Technology Analyst

Job Title Technology Analyst | Open System | PERL
Work Location & Reporting Address San Francisco CA 94107
Contract duration 6 – 12 Months
Does this position require Visa independent candidates only? No

Job Details:
Must Have Skills
Perl Script
Java
Agile work experience

Nice to have skills
Teamsite 16.4

Detailed Job Description
This position is for the Developer role in the Astra project.
Client is looking for candidates with strong experience in Perl scripting
Skill required are Perl, Java and with knowledge of Teamsite or any other Content Management system
Will be working on development of Email personalization area using CMS.

Minimum years of experience 4+

Certifications Needed :No

Top 3 responsibilities you would expect the Subcon to shoulder and execute
Design and development of application
Effective client interaction
Communication with offshore
 
Should you be interested, please send me a copy of your resume in word format along with the following details ASAP.
 
Full Name:
Current Location:
Hourly rate on C2C/W2:
Work Authorization:
Earliest Available date to start:
Date and times available to interview:
Two Professional References:(Preferably Supervisory references):

Deepak Jaiswal
408-614-0667

Monday, September 30, 2019

Incident Response & Threat Hunting

Role: Lead – Incident Response & Threat Hunting
 
Location: Wilmington, DE
Position: Full Time
Job Description:
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence
Lead 24x7 SOC teams providing operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources.
Ensure timely reporting of metrics, security control gaps, and vulnerabilities to leadership by providing quantitative insight into security posture
Hands on Experience in providing Level 3 incident Response & Threat Hunting
 Manual Log analysis of various security devices - Server, FW, IPS/IDS etc.
Threat modeling & hunting using security tools.
SIEM Tool (IBM QRadar)- Administration & Support
Use Case Development/Enhancement
Content Development, Co-relation Rule creation / modification / review
Oversee program to prepare organization for active threat and vulnerability defense and remediation, and security incident management
Lead the development of Cyber crisis management playbooks, run books and plans to ensure effective response during a significant event.
Lead will evolve the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting
Change agent with ability to drive accountability & outcomes across a diverse threat landscape
Strong Technical escalation management experience.
Ensure delivery compliance to SOW &  service level adherence
Interface with customer  & delivery team
Regular customer connect &  escalation management
Technical delivery parameter compliance tracking & reporting
Implementation Standardize service delivery  framework across multiple accounts
Essential Technology Skills
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence
Must Have
8-10 years in IT related roles and 5-8 years of experience in at least two security operations disciplines within an enterprise scale environment (such as tier 3/4 incident management, cyber threat analyst, cyber intelligence analyst, cyber investigation, Threat Hunting)
Experience with SOC incident response and management including 24x7x365 continuous monitoring, detection and analysis of potential intrusions in real-time
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, iOS, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks.

Ganesh Yadav
408-898-2687

QA Automation Engineer

Role: Lead – Incident Response & Threat Hunting
 
Location: Wilmington, DE
Position: Full Time
Job Description:
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence
Lead 24x7 SOC teams providing operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources.
Ensure timely reporting of metrics, security control gaps, and vulnerabilities to leadership by providing quantitative insight into security posture
Hands on Experience in providing Level 3 incident Response & Threat Hunting
 Manual Log analysis of various security devices - Server, FW, IPS/IDS etc.
Threat modeling & hunting using security tools.
SIEM Tool (IBM QRadar)- Administration & Support
Use Case Development/Enhancement
Content Development, Co-relation Rule creation / modification / review
Oversee program to prepare organization for active threat and vulnerability defense and remediation, and security incident management
Lead the development of Cyber crisis management playbooks, run books and plans to ensure effective response during a significant event.
Lead will evolve the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting
Change agent with ability to drive accountability & outcomes across a diverse threat landscape
Strong Technical escalation management experience.
Ensure delivery compliance to SOW &  service level adherence
Interface with customer  & delivery team
Regular customer connect &  escalation management
Technical delivery parameter compliance tracking & reporting
Implementation Standardize service delivery  framework across multiple accounts
Essential Technology Skills
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence

Must Have
8-10 years in IT related roles and 5-8 years of experience in at least two security operations disciplines within an enterprise scale environment (such as tier 3/4 incident management, cyber threat analyst, cyber intelligence analyst, cyber investigation, Threat Hunting)
Experience with SOC incident response and management including 24x7x365 continuous monitoring, detection and analysis of potential intrusions in real-time
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, iOS, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks.

Regards ....
Ganesh Yadav
408-898-2687

Information Security Business Analyst

Information Security Business Analyst
San Francisco, CA
Immediate interview
Job Description –
a) 8+ years of business systems analysis experience, business systems design experience, or a combination of both
b) 5+ years of Information Security experience
c) Deep understanding of information security protocols, vulnerability remediation and overall data security requirements
d) Results driven individual who is self-starter, critical thinker, problem solver and detail oriented
e) Create quality documentation to convey both business and technical requirements, including experience creating requirements traceability matrix
f) Experience in financial projects
d) Ability to clearly articulate how technical solutions map to business requirements
g) Ability to understand current state and map to future state technologies and architecture
h) Generate interview questions as they relate to requirements gathering
i) Ability to translate business and technical requirements into use cases for Agile development
j) Understanding of BI and Analytics tools and appropriate use cases
k) Experience gathering non-functional requirements