Tuesday, October 31, 2017

Technology Audit Manager

Client is currently looking to attract a talented professional to join our Global Internal Audit team as an Technology Audit Manager.

Position Summary
Participate on large-scale engagements of company activities under the supervision of Director – Internal Audit.
Assist in the design and drive the execution of key areas of each audit engagement, while assisting more junior members of the team where appropriate. Serve as a key contact with client management, explaining the audit process and scope, keeping management apprised of audit progress and issues, and effectively delivering audit results to all levels of management. Stay abreast of company business strategies, IT industry technology advances and the risk profile of assigned business areas to ensure relevancy of audit approach.

  • Participate in planning and audit scope development as well as project execution as a critical team member on complex technology-related assessments.
  • Lead the execution of the assessment of specific technical areas of a project, supervising other team members and providing coaching where requested.
  • Provide reports on the effectiveness of the business unit's internal control structure along with recommendations that improve the effectiveness, efficiency and economic value of a control or process.
  • Assess audit findings / gaps including control weaknesses with an appropriate degree of professional skepticism, seeking to fully understand risks to the firm. Assist technology partners with the development of Management Action Plans to mitigate weaknesses, providing thought leadership on the appropriateness of the Plan.
  • Evaluate the adequacy and timeliness of management's response and the corrective action taken on relevant weaknesses noted within audit reports.
  • Provide control consulting services to management to assist in redesign efforts that improve the control environment.
  • Maintain business relationships with appropriate levels of management to ensure that Audit is aware of changes in business activities and objectives, and a necessary Audit response is developed.
  • Assist audit management with macro reporting by providing data relevant to technology audit findings.
  • Promote new ideas and new ways of executing projects and internal infrastructure enhancements.
  • Demonstrate commitment to Client's and Internal Audit's strategic vision, be a self-starter, and promote project ownership and responsibility for actions. Interact with Audit project team members in working towards Departmental goals.
  • Bachelor's or Master's degree in computer science, management information systems, or in STEM (Science, Technology, Engineering, or Math).
  • 5-10 years of deep technical experience in one of more of the following domains: information security, distributed operating systems, databases, network technology, mobile payments, tokenized services, cloud-based and virtualized environments, IBM mainframe, or Hadoop.
  • Experience evaluating system controls associated with complex business applications.
  • Technical certifications or other information security certifications (e.g., CISSP, CEH, CISM) are highly desirable.
  • Work experience in a large financial institution or a matrix organization is highly preferred.
  • Strong time management skills.
  • Excellent written and oral communication skills.
  • Ability to travel domestically and internationally approximately 10 - 25%

Surabhi Mathur | 
TalentBurst, Inc.

Boston | San Francisco | Miami | Milwaukee | Toronto | New Delhi | Bangalore
Work: (281) 710-9227| Email: surabhi.mathur@talentburst.com
Mensano Drive | Frisco, TX 75035 | www.talentburst.com

Cyber Security

Title- Cyber Security 
Location- San Diego,CA
Type-Contract (Onsite)
Client :Qualcomm
Duration : 10 month

Visa Status-Citizen or GC

Job Overview Your role as a member of the security architecture team is to protect Client from compromises such as data breaches, hacking attempts, targeted and insider threats, and other forms of cyberattacks. 

Your primary responsibilities will be designing, analyzing, and validating architectural solutions and implementations, creating secure architectural patterns for both enterprise and cloud environments, and helping to find and highlight opportunities for broad or systemic improvements. You will be a security evangelist, driving company-wide environment hardening initiatives and representing the information security group throughout Client. We are a collaborative team that is always learning, sharing, and researching. You will work with specialists and generalists across information security domains regularly, with a focus on cross-training with our red and blue teams. You must have broad expertise in Information Security or related fields, strong technical writing, analytical, and interpersonal skills, and the ability to learn and grow in a rapidly evolving environment. 

Responsibilities: Partner with IT and business units to conduct security assessments, address findings, and validate adherence to security guidance Evangelize security within Client and drive company-wide environment hardening initiatives Provide security recommendations on existing and new application, system, and network architectures Establish alternative security measures to allow for business continuity while protecting the company's assets Develop and advice on best practices around cloud platforms Track data security findings to closure in a timely manner by partnering with business units, communicating solutions, and verifying remediation Perform risk analysis for corporate functional & technical areas and 3rd party providers relevant to data security Act as a mentor and provide guidance and technical leadership to other staff members 3+ years of experience cyber security experience in the following areas:

Experience and foundational understanding of Networking, Web app, Cryptography fundamentals, OS Hardening, Authentication and Authorization, Basic scripting and automating capabilities 2+ years developing and/or assessing IT architectural designs Common operating systems and business application platforms including an understanding of their enterprise architecture and integration patterns Advanced IAM concepts such as federation, FIDO, and Active Directory internals Experience with major enterprise mergers, acquisitions, and integrations Hands-on experience with major cloud environments (AWS, Azure, etc.) Best-practices and considerations around software containerization platforms such as Docker Understanding of configuration management concepts and solutions Experience with database fundamentals and security best practices Familiarity with security frameworks such as OWASP, NIST CSF, etc. Current programming skills in Python, Powershell, .NET, Java, C, or C++ Offensive skillsets (network/app exploitation, privesc, etc) Required: Bachelor's, Computer Science Preferred: Master's, Computer Science Preference given to candidates with applicable certifications from organizations such as Offensive Computing, SANS, etc.

Harold Glispy
E TalentNetwork
8251 Greensboro Drive Suite 250
(703) 373-7330 Ext.722

Monday, October 30, 2017

Business Analyst

Position Title: Business Analyst
Position Number: 269440
Location: San Ramon, CA
Desired Skill Set:
Business Analyst, Implementation, MS Project, VISIO
Position Description:
Details Tab
Job Title: IT-Business Analysis V
Duration: 12+ Months
Location: San Ramon, CA
Zip Code: 94582

“Only U.S. Citizens and those authorized to work in the U.S. can be considered as W2 candidates.”

The Forensics and Insider Risk Services (FIRST) team provides the following products & services to the Client enterprise: Internal Investigations, eDiscovery, Stolen Equipment Risk Assessments, IRSM Investigations, Data Recoveries, Divestitures, Monitoring.

We are currently searching for 2 Senior IT Business Analysts with insider risk management experience. This position reports to the FIRST PMO/Business Planner and works alongside project manager to deliver top quality IT projects. The position requires a self-starter with solid business analyst abilities and excellent documentation skills. The candidate should have the ability to work from a high to low level of detail and have a strong mix of analytical and technical skills. Working knowledge of data privacy, information protection and technical background highly desired. Additionally, knowledge of Data Forensics and detection/monitoring of events associated with potential insider threats is a plus.

Job Responsibilities:
• Gather business requirements, identify and define business opportunities and lead the development and implementation of IT solutions that meet business needs.
• Manage small projects using CPDEP light rigor.
• Coordinate projects, making detailed plans to accomplish goals and directing the integration of technical activities.
• Facilitate team and client meetings effectively, hold regular status meetings with project team.
• Act as a liaison between business partners, technical analysts, forensic investigators, detection analysts, and third-party vendors.
• Deliver documentation to support internal forensics priorities and projects including capture, respond, and mitigate events.
• Create and maintain standards, processes, protocols and compliance activities.
• Position is part of a team focused on ensuring the security and integrity of Client proprietary information.

Required Skills:
• Understanding and knowledge of IT infrastructure and software application development.
• Proven practice of PPM or CPDEP methodology and/or related PM skills.
• Demonstrated leadership capabilities to influence others without direct supervision. Comfortable facilitating meetings, negotiating with vendors and presenting to groups.
• Strong knowledge of computer software, such as MS Word, MS PowerPoint, MS Project, Visio etc.
• Verbal and written communication skills, problem solving skills, attention to detail and interpersonal skills.
• Strong ability to work independently and manage one''s time.
• Technical Experience - Experience with Infrastructure, Data Forensic and Data Leakage Prevention tools, networks, solution or enterprise architecture and data analysis a plus. Past or current experience in programming and data modeling is also a plus.

• Bachelor degree (Computer Science, Information Security) or equivalent combination of education and related work experience preferred.
• 8-10+ years of experience in business analysis required
• Client experience desired
• The ideal candidate will have experience in Data Forensics or Insider Threat Detection

**Extended background check will need to be completed upon offer extension and acceptance.

Praveen Dixit 
Phone: (636) 812-4000, Ext.: 6653 | Fax: (636) 812-0078
E-mail: pdixit@roseIT.com

Friday, October 27, 2017

Financial Advisor

Financial Advisors:
Deliver personalized investment solutions to help clients work toward long-term financial goals
Discover client’s needs and goals and map a path to meet them.
Construct tailored programs to help protect clients from what can go wrong.
Develop and deepen client relationships
Access to a complete line of protection and financial services products, including Life, Disability, Long-Term Care Products and annuities. Financial advisers appointed with our broker dealer offer 401(k), mutual funds, retirement plans and other variable products.
Matt Uno | Mutual of Omaha
Training and Recruiting Manager
Financial Planner | Investment Adviser Representative
Gold River Division Office
Concord Division Office

Thursday, October 26, 2017

Java Security Engineer

Position: Java Security Engineer
Location: Sunnyvale, CA
Position Type: Full Time Permanent
Compensation: Base Salary + Benefits + Bonus + Relocation Expenses

Job Description:
Technical Skills:
Java, J2EE
SQL Queries
Database knowledge of Oracle and MySQL
Application Servers (Tomcat & JBOSS),
Information Management and Security: ( at least any combination of 3 of the below )
Experience with all aspects of digital security with intimate knowledge of following:
Cryptographic Algorithms
Network and Application Layer Security
Threat Modeling
Risk Analysis
Vulnerability Resolution

Functional Skills:
The individual must be a self starter and able to work in a fast paced, highly dynamic environment.
Direct co-ordination with client

Desirable Functional Skills: Experience in Retail Point of Sale domain, Security
Desirable Technical Skills:
Good communication & team skills.
The role requires critical thinking, creativity, patience, and the ability to generate unique and custom solutions to uncommon problems.

Gaurav Gupta
Next Level Business Services, Inc.

Wednesday, October 25, 2017

Information Security Engineer

Position : Information Security Engineer (EBAYJP00014753)
Location: San Jose, CA.
Duration: Long Term

Description :

Key Responsibilities may include:
• Provide technical inputs, evaluate and recommend new and emerging security products and technologies
• Defines security configurations for threat detection and prevention tools
• Designs automated workflows to streamline security operations
• Monitors and proactively manages supported products and services to assure their performance, availability, security, and capacity.
• Researches, analyzes, and formulates recommendations regarding technologies, products,
and solutions to fulfill requirements within the enterprise.
• Security tool administration and support(Network/Endpoint/Threat Hunting/Investigations)
• Tool deployment and implementation experience on a global scale
• Splunk Admin and Architecture related tasks
• Ability to debug configuration issues on different splunk components
• Understanding of Splunk configurations, dependencies, and forwarder management
• Understands Splunk architecture and components (search head, deployment server, cluster master, indexers, forwarders (HF/UF)
• Strong understanding of enterprise logging using syslog-ng, with a focus on security event logging
• Knowledge of system and network architecture and interrelationships (technical and functional).
• Designs, implements, configures, and manages solutions within the supported Linux technologies, products, and services.
• Research and recommend innovative and automated approaches for operational tasks which leverage available resources and simplify operational overhead.
• Develop, implement, and execute standard procedures for the administration, content management, change management, version/patch management, and lifecycle management of the SIEM/Log Management platforms

Basic Qualifications:

• Minimum 4-6 years of experience in Security Administration
Minimum 2-3 years of experience in Network Administration
• Must be well organized and able to leverage best practices, able to thrive in fast-paced environment, and, most importantly, have the ability to approach problems with an innovative, can-do attitude
• Demonstrates the ability to analyze and resolve issues independently
• Knowledge of project management tasks, experience creating application documentation, and demonstrated ability to train other team members.
• Manage maintenance, enhancements and upgrades for supported security systems using standard project methodology
• Scripting knowledge is a plus (python, shell)
• Bachelors Degree preferred
• Preference for at least one current recognized security professional certification such as CISSP, GIAC
• Experience in working in a highly dynamic large scale enterprise
• Knowledge of security vendors and security product capabilities

Professional Skill Requirements:

• Good organizational, multi-tasking, and time-management skills
• Ability to successfully pass a client background screening if required
• Proven ability to work independently and as a team member
• Good communication (written and oral) and interpersonal skills
• Ability to work with multiple teams in a fast paced environment

Dipak Panchal
Sr.Technical Recruiter (Dew Software Inc.)

|Phone: (A): (510)580-2939, (B): (510)371-8523|
|Fax    : (510)743-4106  | 
|Skype ID : dipakpanchal-dk | 
|E-mail: dipak@dewsoftware.com |
|Web   : www.dewsoftware.com |

Security Architect

Position: Security Architect 
Location: Costa Mesa, CA
Duration: 6 months +
Essential Responsibilities: 
  • Provide application security design leadership for application developers by defining, coordinating, and identifying security requirements, patterns and architectures. 
  • Provide expert technical security guidance and hands on validation of applications during the design, development, and testing of systems. 
  • Provide expertise in designing next generation application level encryption to secure data in transit, at rest and in motion. 
  • Validate application security architectures and controls through static and dynamic security analysis and architecture reviews to ensure adherence with the company security standards and industry best practices. 
  • Understand highly scalable and highly available enterprise class application architectures to apply sound security design within them 
  • Evaluate, recommend and integrate new security technology and tools to meet business needs. 
  • In addition to security-centric roles, contribute to application architecture including prototyping and identification of implementation patterns as needed. 
  • Contribute as a key stakeholder in defining and assessing the organization's security strategy, architecture and practices. 
  • Effectively translates business objectives and risk management strategies into specific security processes enabled by security technologies and services. 
  • Leads project teams in security design, defining security requirements, identifying suitable controls, documenting and implementing technical designs and provides oversight and guidance to others. 
  • Works with the Information Security Manager and others to define metrics and reporting strategies that effectively communicate successes and progress of the security program. 
  • Creates security strategy and roadmaps and provides insight into latest security trends, risks, threats and attack methods. 
  • Develops Cloud Security Strategy and defines the transition to and adoption of secure cloud services. 
  • Acts as 2nd or 3rd line support to assist in troubleshooting and problem resolution as required and called upon from time to time including out of hours support when necessary. 
  • Ensure that an accurate inventory of all systems and infrastructure is maintained and that should be logged by the security information and event management (SIEM) or log management tool. 
  • Validate IT infrastructure and other reference architectures including Cloud security architectures for security best practices, and recommend changes to enhance security and reduce risk where applicable. 
  • Validate security configurations and access to security infrastructure tools. 
  • Validate that security and other critical patches to are configured and deployed. 
  • Liaise with the business continuity team to validate security practices for both disaster recovery planning (DRP) and business continuity management (BCM) testing and  Document data flows of sensitive information within the organization (e.g., PII or PCI) and recommend controls to ensure this data is adequately secured. 
  • Liaise with the internal audit team to review and evaluate the design and operational effectiveness of security related controls. 
  • Create security documentation including requirements definitions, risk assessments, high level and detailed design documents and risk and recommendation documentation. 
  • Lead the efforts to migrate or integrate security services in Cloud SaaS and IaaS services 
  • Host and conduct presentations to the security group, Product development and business users as required. 
  • Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software. \Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment; provide technical and managerial expertise for the administration of security tools. 
  • Maintain a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations. 
  • Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks. 
  • A minimum of seven years in an information security role of which at least 3 must have been in a security design, architecture or consultancy capacity. 
  • A bachelor's degree in information systems or equivalent work experience in Information Security is preferred. Professional certifications such as CISSP, CISM are highly regarded and must have knowledge of security standards and best practice such as ISO 27001 and NIST. 
  • Strong analytical skills to analyze security requirements and relate them to appropriate security controls. 
  • Strong leadership skills and the ability to work effectively with business managers, Engineering and IT operations staff. 
  • Excellent verbal, written communication skills. Must be able to communicate effectively with the IT organization, project and application development teams, management and business personnel. 
  • In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols, industry best practices and strategies. 
  • Builds on and applies existing knowledge. Tries new approaches and broadens the scope of work to learn from work assignments. 
  • Demonstrates flexibility within a variety of changing situations, while working with individuals and groups. Multitasks when required and can work with minimal supervision. 
  • Experience with software development practices and rolling out new software technologies and solutions. 
  • Experience designing and implementing scalable, high performance enterprise applications for mission critical solutions. 
  • Expertise in Agile methods, software development lifecycle management, continuous integration, build and release management and managed environments. 
  • Experience creating and delivering technical collateral including case studies, best practices guides, whitepapers and reference architectures needed for driving adoption. 
  • Strong commitment and understanding of software quality processes appropriate for high-availability, mission-critical systems. 
  • Experience developing secure applications for API, mobile platforms is a plus.

Tuesday, October 24, 2017

eCommerce Analyst

Analyst - Trust and Safety Rules (eCommerce) 
LOCATION: San Bruno, CA or Sunnyvale, CA
DURATION: 6+ Months

Required Qualifications
 •    Bachelor’s degree in Business, Technology or related field and 2 years experience in business, technology or related field, OR 4 years experience in business, technology or related field.
 •    3+ years of experience in managing enforcement of company policies
 •    Extremely organized with excellent attention to detail
 •    Excellent verbal and written service and communication skills
 •    Proficient in MS excel
 •    Knowledge about eCommerce environment is strongly desired
Preferred Qualifications
 •    Prior experience with rule authoring and rule management preferably in a /Risk role
 •    Comfortable working in an agile and growing team
 •    Demonstrated success engaging technology and business cross-functional teams
 •    Proficient in Basic SQL
 •    Strong problem-solving skills
 •    Ability to analyze data and present findings
 •    1 year's experience writing rules for exception reports.
 •    2 years' experience in risk management and fraud prevention.
 •    2 years' experience working in an eCommerce organization.

Taran Singh
Redolent, Inc
Phone:  408-905-0207
Mobile:  669-244-3020
Fax: 866-625-7844
Email: taran@corp.redolentech.com
Website: http://www.redolentech.com

Cyber Security Analyst

Job Title: Cyber Security Analyst 
Company: Insight Global 

- 1 regular shifts: M-F, 6 am – 2:30 pm 
- 1 swing shift: Sat-W, 2 pm – 10:30 pm 
- 2 day shifts: Sat-W, 6 am – 2:30 pm 

Must Haves: 
• Bachelors in Computer Science, or related discipline, or equivalent experience 
• 6yrs in IT 
• Experience in executing digital investigations and performing incident response activities 
• Prior SEIM experience – Security event and information management system, log aggregation and event notification 
• Network packet analysis(PCAP analysis) – Analyzing network packet for malicious / suspicious activity 
• Endpoint forensics – Ability to perform full investigation / forensics of endpoint / end user machine as a result of a security alert. 
• Memory analysis – Ability to analyze physical memory collected from computer using open source or paid application 
• Good analytical skills – ability to analyze and think out of the box when working a security event 
• Good networking knowledge – Good knowledge of TCP / IP protocols, ability to differentiate various layers in networking. 
• Tools - for associate the below tools in their resume will be a huge plus, for career and above I expect to see at least one of these below: 
o IBM QRadar SEIM Encase – Forensics analysis tool 
o ProofPoint IDS / IPS Palo Alto Firewalls 
o Open source security tools such as Suricata, SANS SIFT workstation, Open source forensics tools – Volatility etc. 

• Background in utilizing digital forensic tools including Guidance EnCase, SIFT Workstation,volatility, IEF 
• Certified Information Systems Security Professional (CISSP) certification 
• Wireshark experience and WCNA( a plus) - Open source network packet analysis tool , WCNA – wireshark certificate. 
• Experience with IBM QRadar a plus – IBM QRadar is the SEIM PG&E has deployed and is using. 
• Any GIAC certifications a plus – These are SANS( industry well known security course provider) certs such as GMON, GSEC, GCIH etc. 

Conduct computer forensics, registry and memory analysis to identify malicious activity. Analyzes complex malware/exploits through forensics, observation of network traffic and using other tools and resources to determine if PG&E systems are vulnerable. Leads development of framework for implementing tools and processes to improve quality and timeliness of reports. expert in area of field and applies extensive knowledge of concepts, principles, and practices. Codes complex tasks that integrate systems, produce reports or provide output that can be leveraged by other team members or systems. Performs proficient forensic analysis using security tools and monitoring systems to discover the source of anomalous security events. Assists in performing basic research internally and externally. Performs complex system administration tasks (e.g. customization, cross-tool integration) for security tools. Develops a strategy to implement work in department

Erica Mummert