Wednesday, August 8, 2018

Sr. Security Analyst

Position: Sr. Security Analyst
Location: Pleasanton, CA
Duration: 6+ Months
Job ID: CR107
 
Job Description
The tasks for the Security Consultant include, but are not limited to, the following:
·         Act as a Lead Consultant/Subject Matter Expert/domain champion
·         Work on development of Information Security plan (ISP) and performing gap analyses
·         Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.
·         Assist with audit remediation validation for compliance to security policies/standards
·         Assist in the evaluation of security risk assessments and gap analysis
·         Assist in updating/developing policies, training materials, website, procedures, controls, etc.
·         Assist in creating policy compliance procedures including compliance measurement reports/dashboard
·         Assist with audit remediation validation for compliance to security policies/standards
·         Assist with the implementation of the various security tools
·         Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters
·         Act as Lead/Co-Lead/Backup on assigned Enterprise Security projects
 
Technical knowledge and skills:
·         Hardware: network switches, routers, load balancers, servers, storage systems
·         Operating Systems: UNIX, Linux, Windows
·         Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
·         Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP,  NFS, Samba, etc
·         Active Directory
·         Vulnerability Assessments
·         Secure Software Development Lifecycle
·         Penetration Testing
·         Security
·         Mainframe DB2
·         Oracle databases
·         Best Practices Standards: ISO 27001/27002, PCI: DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.       
·         Excellent communication, technical writing, and customer service skills
·         Critical thinking skills
·         Must Possess Current CISA and CISSP Certifications
 
Professional skills: 
The Consultant resource(s) shall possess most of the following skills:
·         Strong analytical and critical thinking skills with the ability to analyze information and identify and formulate solutions to problems.
·         Provide more in-depth analysis with a high-level view of goals and end deliverables.
·         Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
·         Plan and manage all aspects of the support function.
·         Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
·         Strong knowledge in project management practices and ability to document processes and procedures as needed.
·         Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
·         Communicate effectively with users at all levels, from analyst up to senior management, verbally and in writing.
·         Self-motivated, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
·         Ask questions and share information gained with other support team members, recording and documenting this knowledge
·         Elicit and gather user requirements and/or problem description information, and record this information accurately
·         Listen carefully and act upon user requirements
·         Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
·         Present technical solutions to management and decision makers
·         Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
·         Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
·         Take responsibility for the integrity of the solution
·         5-15+ years’ experience in information security, audit, and security/audit compliance.
·         CISSP required.  Other highly desirable security certifications may be substituted for CISSP (for e.g., CISM, CISA, etc.) 
·         Extensive experiencing conducting ISO 27k gap assessment preferred but not required 
·         Should have extensive experience in leading it security/compliance/audit projects.

Satya
Caspex
48531 Warm Springs Blvd, Suite 405A, Fremont, CA 94539.
PH: 510-709-3806
Email: satyag@caspex.com
Web: www.caspex.com

Tuesday, August 7, 2018

Security Engineer

Job position: Security Engineer
Client: Walmart 
Location: Sunnyvale, CA 
Duration: 6 Months

Primary Skills: 3+ years experience in Security Engineering is required 
Description: 
Vudu is looking for a seasoned candidate with 3+ years of experience working in a Security Engineering role.
A successful candidate will have past experience and knowledge to come in and be a self-starter and take what we currently do from Information Security perspective and take it to the next level, by improving, redesigning and automating current processes.
Experience with security technologies and compliance (ISO, PCI) in an eCommerce environment is also preferred.

Qualifications:-
3+ years experience in Security Engineering is required
- Experience and practice with risk management as well as compliance management (ISO and PCI)
- Proven Hands on experience and knowledge with security technologies;
- Firewalls - Intrusion Prevention Systems (IPS)
- Web Application Firewalls (WAF)
- Vulnerability Scanning Tools
- Creating and maintaining documentation as required (including Visio diagrams)
- Strong understanding of network layers and segmentation
- A desire to work collaboratively in a small, cross functional team and willingness to learn new technologies
- A strong sense of accountability and self-motivation
- Strong communications and presentation ability for both technical and non-technical audiences
- eCommerce Production support experience (preferred)- This is for our VUDU team in Sunnyvale.
- We do not want just a resume, this person must have the required experience and skills desired.
Please ensure they will be able to provide practical examples.  
Click here to Apply

Ram Singh - IT Recruiter
Saicon Consultants, Inc.             
(913) 257-3377 x 180 (Work)
(913) 273-0058 (Fax)

Monday, August 6, 2018

Back End Java Developer

Position Title: Back End Java Developer
Location: San Jose, CA 95131
Duration: 6-12 Months Contract 
 
Skills:
Core Java
REST
Good understanding of Data Structure & Algorithms
Agile Methodologies
REST API
Computer Science background is highly preferred.
 
Job Description:
Passionate about solving complex and interesting problems? Want to be part of high impact team?

Identity Platform team is at the forefront of changing the fabric of modern authentication by delivering a modern, secure, extensible authentication platform which allows Client users to securely authenticate to any application, using any authentication method and on any device. One of the core values of our team is to quickly iterate and deliver new features.

We are looking for an experienced software developer to help build and maintain highly scalable, robust and secure identity platform. Our team is fast and innovative, following agile methodologies. If you are self-driven, passionate, a team-player and have effective communication skills, this role will fascinate you!

Responsibilities:
Write clean and solid code that scales over millions of customers
Develop elegant restful solutions to complex identity problems
Code using Java
Effectively drive cross-team solutions all the way to development, working closely with product management, QA and documentation.

Skills required
4+ years of strong software development experience
Experience working with a system at scale
BS or MS in Computer Science or equivalent work experience
Nice to haves: Agile Methodologies, Java, REST, authentication protocols such as OAuth

 

Jay Agale |  Technical Recruiter - Resource Management Group
Intelliswift Software Inc. 
39600 Balentine Dr., Suite 200 Newark, CA 94560
www.intelliswift.com  | Phone: 510-370-4479 | Text : 510-370-4576 | Fax: 510 373 2486

Friday, August 3, 2018

Information Security Officer

Job Title: Information Security Officer
Job ID: 1912200928

Location: Santa Clara,CA 
Duration: 6-12 months temp to perm for high performers.

Candidates MUST be US CITIZENS. Confirm at the top of the resume.
Location: 100% onsite in Santa Clara, CA. Put candidate location at the top of the resume. They highly prefer LOCAL candidates that don't have to relocate due to the high cost of living and the sticker shock - they tend to not work out. But, they will consider candidates who are willing to relocate on their own dime IF they do their due diligence in researching the area and cost of living.

Interviews: There will be 2 or 3 rounds of interviews.

  • 1st will be over the phone with the hiring manager.
  • 2nd will be over the phone with the Client Account Executive
  • 3rd will be Face to Face (or Skype video for non-locals) with the AE and an End-Client representative.
Key qualifications managers will look for in resumes: 
1. CISSP
2. Experience collecting, analyzing, and implementing security best techniques (NIST) on systems and networks
3. Experience proposing and keeping security policies updated
4. Understanding of cybersecurity risks and incident response standards
5. Background in SIEM - it's key to this position.

Position Overview:

  • Work with one of client's prized clients in the heart of Silicon Valley by ensuring security for critical infrastructure.
  • We are looking for a talented hands-on security professional that has deep technical knowledge also likes contributing to the strategic direction.
  • In this role you will get to work with the full array of security solutions as well as support the security provisions throughout the environment's infrastructure – networks, servers, desktops and applications.
  • You will also contribute toward strategic planning based on risk assessments and analysis.
Qualifications:
  • Bachelor degree or higher in CS, CIS, MIS or equivalent
  • Security Certification(s), such as CISSP, CISM, CGEIT, GSEC, CEH, MCSE:Security, and CCNP-Security certification
  • 5-10 years hands-on security administration or engineering experience
  • Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
Skills:
  • Client engagement soft skills are required
  • The ability to present and explain security and risk information for business executives to understand
  • The ability to lead people of various levels and technical expertise
  • The ability to prioritize and persuade in order to move the security program forward amongst competing initiatives
  • Experienced with security solutions (e.g. firewall, VPN, SIEM, IPS, URL filtering, Endpoint protection, MFA, NAC)
  • Strong understanding of NIST 800-53 & CSF, risk assessment and incident response standards
  • Strong understanding of Microsoft Active Directory, GPOs, Windows DACL/SACL, and Linux
  • Strong understanding of protocols, such as IPsec, ESP, GRE, SSL/TLS, 802.1x, RADIUS/TACACS, HSRP, GSLB and WCCP
  • Ability to perform and analyze packet captures
  • Ability to analyze suspicious emails, URLs, and files to ascertain if they are malicious
  • Knowledge of hacking techniques, vulnerability disclosures, and security analysis techniques
  • Knowledge of malware families, botnets, threats by sector, attack campaigns and attack methods
  • Scripting language such as PowerShell or PERL
  • Familiarity with incident tracking, change management and project tracking systems like ServiceNow and Jira.
Responsibilities:
  • Ownership of day to day security events, perform incident response using NIST SP 800-61 standards, and determine root causes
  • Create and lead security initiatives that reduce risk as well as automate detection and protection mechanisms
  • Identify needs and implement comprehensive security controls using multi-layered security and defense in depth
  • Collaborate with all operations teams to ensure security controls and configurations are implemented and incorporated in their ongoing operations
  • Server security through vulnerability management, system patching and secure configuration
  • Network security through segmentation and firewall zoning and ACL policies, as well as secure configurations in firewalls, routers, switches, VPNs and load balancers
  • Endpoint security management to prevent malware and insider threats
  • Email security through Spam filtering and use of SPF & DMARC
  • Application security based on OWASP Top 10
  • Monitor SIEM, IPS, event logs and reports for indicators of attack and indicators of compromise
  • Proactive client involvement in solving client challenges and business opportunities
  • Contribute quarterly security advisories for the Security Awareness Program
  • Keep security plans and documentation updated, such as the disaster recovery plans and security policies
  • Continuously mature the GRC program
  • Governance: Collaborate with client stakeholders and steering committees to ensure plans and identified solutions meet business needs and expectations.
  • Risk: Working with stakeholders to perform risk management and ongoing assessments, and then selecting mitigating and corrective controls based on Pareto analysis
  • Risk: Reviewing SOWs and RFP responses to assess risks
  • Risk: Collect, analyze, and validate open source intelligence
Compliance:
  • Ensure regulatory compliance with PCI-DSS, CJIS, and California Consumer Privacy Act of 2018 (AB-375)
  • Communicate with team on a regular basis to provide timely and informative reports and related analysis and recommendations to maintain and improve service delivery
  • Provide up-to-date information to clients in response to specific inquiries and meet all commitments ahead of due dates
  • Monthly presentations to executives on current state of risks, status of security controls, and remediation timelines
  • Monthly reports on security operations that provide current states of security controls

Tarun singla
eTeam Inc
tsingla@eteaminc.com
(848) 999-1125
1001 Durham Avenue, Suite 201,South Plainfield, NJ 07080
South Plainfield, NJ, 07080

Tuesday, July 31, 2018

Network Engineer

VMWare/Network Engineer
DIRECT CLIENT: Network Engineer Job
GENERAL INFORMATION:
CLIENTUPDATE: Given certifications are mandatory - CISSP and/or any GIACcertifications.
Rate:$50-$60/hr
Location:San Jose, CA
StartDate:  ASAP
Duration:  06-12 Months+ extensions
Priority:Very High
Interviews:Telephonic and/or skype
Jobtype: Contract
Pay-terms:C2C/1099/W2
Visa:Open
Level:Senior
Directsubmission to implementation partner with no hidden layers.
JOB DESCRIPTION:
1.            Must be able to workin a collaborative team environment. Ability to multi-task and workcooperatively with a diverse range of people. Must have strong interpersonalskills.
2.            Must be proficient innetwork architecture and design, network security, network monitoring.
3.            Ability to joinincident response bridges and provide in-depth analysis and solutions in ashort amount of time.
4.            Knowledge andexperience in the enterprise grade LAN/WAN architecture and infrastructure,design, development, monitoring, implementation, administration, and managementof network(s).
5.            Skills in strategicthinking, research, and planning to include: creativity/innovation,designtheory, advanced systems theory, risk management, disaster recovery &business continuity, integrating solutions, leveraging strategic resources,strategic partnering, conflict management, advanced change management.
6.            Strategic technicalskills to include, developing discipline specific expertise in others,enterprise-level policies, and advanced technology research and design skills.
7.            Industry relatedskills to include, in-depth knowledge of the global IT industry and trends,advanced knowledge of IT security regulations, and advanced knowledge ofcurrent and emerging IT industry issues and trends.
PREFERRED EDUCATION AND EXPERIENCE:
1.            Degree in informationtechnology field.
NEEDED LICENSES AND CERTIFICATIONS:
2.            CISSP, any GIACcertification.
PREFERRED SPECIAL KNOWLEDGE, ABILITIES, AND SKILLS:
1.            Knowledge wouldpreferably also include VMWare’s NSX software defined networking solution,systems engineering, applications and systems software.
2.            Scripting orprogramming capabilities in Python or any other languages would be preferred.
3.            Working knowledge ofinterior and exterior routing and switching protocols, domain name system(DNS), dynamic host configuration protocol (DHCP), proxy functions, securityprotocols, time protocols, tag and label switching, real-time protocols forvoice and/or wide area network (WAN) communication protocols. Knowledge ofvirtualization and storage area network (SAN) solutions in network, security,and computing. Knowledge of network system analysis and design techniques forvoice (wireless and wired), video, and data.
RESPONSIBILITIES:
1.            Represent the Divisionof IT during product engineering, field, customer and analyst meetings,workshops or training sessions. Serves on industry, system-wide committees andindustry reference groups. Service as a technical resource for other technicalteams or organizations. Serve on enterprise level committees to developtechnical standards and direction. Serve a chair or senior member of aninformation resource team/s responsible for setting technical standards andstrategic direction.
2.            Ensures compliancewith applicable federal and state regulations and laws, System policies,regulations and rules.


3.            Lead and coordinate short and long-term analysis on network and network security systems and services. Coordinate the development of project plans, problem resolutions and service road maps and make recommendations. Establish quantity and quality standards, procedures and guidelines for design, development, testing,implementation and maintenance of enterprise solutions. Contribute to the planning of the overall organizational IT strategy. Recommend information architecture standards and methodologies.

Send responses tokevin@sancrosoftusa.com

Friday, July 27, 2018

Information Security Risk Analyst

Position Details:
Client:             Facebook
Job Title:         Information Security Risk Analyst
Job Location:  Menlo Park, CA
Job Duration:  6 months (Extension or Conversion possible)

Job Requirement:
  • Independently perform risk based security reviews of first and third parties at Facebook including internal systems, cloud providers, *aaS providers, outsourced vendors, etc.
  • Articulate security findings to internal and external stakeholders including third-party vendors.
  • Provide defensible Recommendations on technical, physical and administrative control implementations based on assessment findings while balancing the cost versus benefits.
  • Negotiate acceptance of remediation plans and timelines based on criticality of each finding.
  • Participate in the development and oversight of corrective actions relating to security issues.
  • Compile and report out security risk and operational metrics.
  • Participate in cross-functional, team, and status review meetings.
  • Recommend process improvement and strategic initiatives as related to security assessment.

Skills: 
  • Must have prior experience with first or third-party security assessment.
  • In-depth knowledge of security assessment lifecycle.
  • Knowledge of evaluating systems architectural designs, data-flow diagrams and technical security implementations, particularly for systems hosted on the cloud platforms, for security deficiencies.
  • Ability to identify and assess security risks and recommend mitigating controls.
  • Knowledge of security technologies, devices and countermeasures as well as the the threats they are designed to counter.
  • Good understanding of the various hacking techniques and the defensive countermeasures.
  • Good understanding of the threat landscape as related to vendors.
  • Good understanding of the cloud technology (IaaS, PaaS, SaaS) and the current IT trends in the industry.
  • Experience with developing security reporting and recommendations that are meaningful, defensible and actionable for a variety of audiences.
  • Knowledge and understanding of security controls across all security domains such as access management, encryptions, vulnerability management, authentication and authorization, network security (IPS/IDS/DLP/Gen-2 firewalls/2FA, etc.), physical security, etc.

Education:      
Bachelor's Degree and/or advanced degree with a concentration in one of the followings: Computer Science, Management Information Systems, or Cyber Security

Ritvik Chaturvedi
Technical Recruiter
T: (408) 601-2182   

Cyber Security Threat Analyst

Job Title: Senior IT- Cyber Security Threat Analyst/Specialist : 18-01605
Location: Concord, CA
Tenure: 7+ Months
Tax Term: W2 Only

Responsibilities:
  • Be cross functional in the Cybersecurity space, specializing on software/supply chain/vendor vulnerabilities and exploitability; as well as the identification of IOCs and TTPs for introduction into a Threat Intelligence Platform for pro-active blocking and monitoring.
  • Ability to analyze network traffic using a SIEM.
  • Using intelligence tools, apply attribution to IOCs or actor behaviors.
  • Utilize security tools and resources to determine if Client’s systems are vulnerable.
  • Produce reports or provide output that can be leveraged by other team members or systems for a Security Software Review Board or Intelligence analysis and actor attribution.
  • Performs proficient forensic analysis using security tools and monitoring systems to Client the source of anomalous security events.
Qualifications :
  • Associate Degree or higher in Cyber-security, Networks and Security, Network Development, Computer Science, or related discipline; or equivalent experience Technical Certification(s) from: SANS, Cybrary, ISC2, CompTIA or other relevant certification bodies.
  • Experience in Cyber-security or relevant IT related positions: 4yrs or more.



Moiz Saify| Technical Recruiter | o. 408.816.2442 | moiz.saify@akraya.com | Find me on LinkedIn

Akraya, Inc. | 2901 Tasman Drive, Suite 106 | Santa Clara CA 95054

Thursday, July 26, 2018

Project Manager / Business Analyst

Job Code : RCI-VZW-13753
Job Title: Project Manager / Business Analyst
Location: Westlake, TX 76262
Duration: 9 Months
Job Description: 
Acts as project manager/team leader in support of large, complex, and multi functional computerized system(s); assists in preparation of the computer services budget; monitors assigned budget(s) for designated data processing/applications systems as assigned
  • Oversees, coordinates, and participates in organizational, operational, and procedural analyses to determine information input, work processes, and desired output for potential and/or up dated computerization for a large number of users in support of a multi departmental or county wide applications;
  • Organize and lead small groups to resolve complex business problems - Work with business customers to understand requirements and develop specifications for large-sized projects - Identifies data sources, constructs data decomposition diagrams, provides data flow diagrams and documents the process
  • Ability to handle multiple assignments Superior written and oral communication skills Able to matrix manage, have strong project work and project planning experience.
Anish Patel
Rangam Consultants Inc.
Somerset, NJ 08873
Phone: 908-704-8843 - Ext: 208
Fax: 908-253-6550
Email: Anish.Patel@rangam.com

Wednesday, July 25, 2018

Application Security Engineer

6+ month contract opportunity for an Application Security Engineer with a Global Financial Firm in Westlake, TX
 
**NO THIRD PARTIES OR C2C - W2 ONLY**
**MUST BE ABLE TO INTERVIEW IN PERSON**


RESPONSIBILITIES
• Web Application Security – OWASP Top 10 for example
• Be prepared to meet with and work with the business
• Responsible for running applications through Veracode software while in the software development lifecycle to prevent any security defects previous to production.
• Maintain and create secure development practices and programs for Client's application development teams
• Find defects to improve quality by mitigating flaws and positive / negative testing
• Work closely with Secure Software Development Lifecycle team
• Act as an ambassador for the secure development lifecycle within Client
• SAST tool experience
• Web development and web technologies like HTTP, HTML, CSS, and JSPs.
• Web Application Architecture (Client/Server model and Model View Controller design pattern, familiar with Tomcat etc.)

REQUIRED QUALIFICATIONS
• Bachelor's degree in Computer Science, related discipline, or equivalent experience
• 4-7+ years of Information Security experience
• 2+ years of Application Security experience required
• Experience with Veracode or other relevant technologies (Client Fortify or Checkmarx) is required
• Security Certifications highly preferred (Tia Security+, CISM, CEH)

DESIRED QUALIFICATIONS
• CISSP, CSSLP
• Understanding of the basic concepts of programming (object-oriented, functional patterns, etc.)
• Familiarity with the OWASP Top 10
• Proficient at the secure software development lifecycle and DevSecOps
• Intermediate to expert knowledge of HTML and JavaScript
• Understanding of SAST concepts
• Development experience is only a plus (mostly Java, C#.NET, PHP, .Net, C/C++, Python, Ruby, SQL, etc.)

SOFT SKILLS
• Effective communication with team members and customers
• Detail oriented problem solving
• Passion for the advancement of web security
• Demonstrate good customer service, written and oral communication
• Quickly learn new languages, frameworks, and security controls through self-study
• Intermediate to expert knowledge of one or more of the following languages: Java, C#.NET, PHP, .Net, C/C++, Python, Ruby, SQL, etc.


Chris Liendo
Axelon Services Corporation
44 Wall Street 18th Floor
New York, NY 10005
(212) 488-5344
chris.liendo@axelon.com

Sr. Security Analyst

Position: Sr. Security Analyst
Location: Pleasanton, CA
Duration: 6+ Months
Job ID: CR107
 
Job Description
The tasks for the Security Consultant include, but are not limited to, the following:
·         Act as a Lead Consultant/Subject Matter Expert/domain champion
·         Work on development of Information Security plan (ISP) and performing gap analyses
·         Assist in updating/developing ISP, policies, training materials, website, procedures, controls, etc.
·         Assist with audit remediation validation for compliance to security policies/standards
·         Assist in the evaluation of security risk assessments and gap analysis
·         Assist in updating/developing policies, training materials, website, procedures, controls, etc.
·         Assist in creating policy compliance procedures including compliance measurement reports/dashboard
·         Assist with audit remediation validation for compliance to security policies/standards
·         Assist with the implementation of the various security tools
·         Attend meetings/Represent Enterprise Security as a Senior Lead for all security matters
·         Act as Lead/Co-Lead/Backup on assigned Enterprise Security projects
 
Technical knowledge and skills:
·         Hardware: network switches, routers, load balancers, servers, storage systems
·         Operating Systems: UNIX, Linux, Windows
·         Network: LAN, WAN, Internet, Proxy/Filtering, Firewall, VPN, DMZ
·         Network Protocols such as TCP/IP, SNMP, SMTP, NTP, DNS, LDAP,  NFS, Samba, etc
·         Active Directory
·         Vulnerability Assessments
·         Secure Software Development Lifecycle
·         Penetration Testing
·         Security
·         Mainframe DB2
·         Oracle databases
·         Best Practices Standards: ISO 27001/27002, PCI: DSS v3; GLBA; HIPPA/HITECH; NIST 800-53; California State Administrative Manual.       
·         Excellent communication, technical writing, and customer service skills
·         Critical thinking skills
·         Must Possess Current CISA and CISSP Certifications
 
Professional skills: 
The Consultant resource(s) shall possess most of the following skills:
·         Strong analytical and critical thinking skills with the ability to analyze information and identify and formulate solutions to problems.
·         Provide more in-depth analysis with a high-level view of goals and end deliverables.
·         Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
·         Plan and manage all aspects of the support function.
·         Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
·         Strong knowledge in project management practices and ability to document processes and procedures as needed.
·         Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
·         Communicate effectively with users at all levels, from analyst up to senior management, verbally and in writing.
·         Self-motivated, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
·         Ask questions and share information gained with other support team members, recording and documenting this knowledge
·         Elicit and gather user requirements and/or problem description information, and record this information accurately
·         Listen carefully and act upon user requirements
·         Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
·         Present technical solutions to management and decision makers
·         Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
·         Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
·         Take responsibility for the integrity of the solution
·         5-15+ years’ experience in information security, audit, and security/audit compliance.
·         CISSP required.  Other highly desirable security certifications may be substituted for CISSP (for e.g., CISM, CISA, etc.) 
·         Extensive experiencing conducting ISO 27k gap assessment preferred but not required 
·         Should have extensive experience in leading it security/compliance/audit projects.

Satya
Caspex
48531 Warm Springs Blvd, Suite 405A, Fremont, CA 94539.
PH: 510-709-3806
Email: satyag@caspex.com
Web: www.caspex.com