Wednesday, January 31, 2018

IT Security Engineer

IT Security Engineer IV
Palo Alto, CA
Long Term Contract
Onsite (F2F) Interview Must

Required Skills:
·         10 yrs total of Splunk Administration, Infrastructure Design, Linux, and Data Analytics.

IT Security Engineer is responsible for:
·         Splunk Enterprise and Splunk Enterprise Security infrastructures
·         Intrusion Monitoring (IDS/HIDS)
·         Incident First Response
·         Firewall and Content Filter Rule Review and Analysis
·         Antivirus Policy
·         Threat Analysis
·         Providing support and assistance during internal and external audits
·         Training and evangelizing information security to Executive leaders, Engineers and Users. Prior Technical Security Experience
·         Knowledge of all aspects of information security with in understanding of firewalls, IDS, HIDS, Content Filtering, Network hardening, Packet Inspection, and SEIM tools.
·         General knowledge of Cloud Computing environments and security issues related to those environments.
·         Working effectively in a team environment. Strong written and verbal communications.
·         Ability to prioritize projects and deliverables. Desired skills/experience/certification: Scripting skills (One or more Java, Perl, Ruby, Python).
·         Security certifications: GCIH, GIAC. System Security (OS Hardening, etc.) Vulnerability Management.

Peter
Senior Recruiter,
Spire Systems, www.Spireinc.com
Direct : 650-445-0108

Senior Security Engineer

Job Title: Senior Security Engineer (1308-1) 
Company: Integrated Resources Inc. 

Position: Senior Security Engineer (1308-1) 
Location: REMOTE 
Duration: 3+ months (Possibility of extension OR conversion) 

Description: 
Summary 
Applies current computer science technologies to the design, development, evaluation, and integration of computer systems and networks to maintain system security. Works with commercial computer product vendors in the design and evaluation of state-of the- art secure operating systems, networks, and database products. Provides security engineering and integration services to internal customers. Involved in a wide range of security issues including architectures, electronic data traffic, and network access. 

Knowledge, Skills & Abilities 
• Conduct host and network based forensics, log analysis, and malware triage in support of incident response investigations 
• Perform digital hunting to detect threats that may already have a foothold inside the network 
• Utilize cutting edge technology and processes to conduct large-scale investigations and examine endpoint and network-based sources of evidence 
• Recognize and quantify attacker tools, tactics, and procedures in indicators of compromise (IOCs) that can be applied to current and future investigations 
• Create scripts, tools, or methodologies to enhance Molina's incident investigation processes 
• Develop comprehensive and accurate reports and presentations for both technical and executive audiences 
• Effectively communicate investigative findings and strategy to client stakeholders including technical staff, executive leadership, and legal counsel 
• Work with security and IT operations to implement remediation plans in response to incidents 
Job Qualifications 

Required Education 
• BS or equivalent degree in Computer Science or related technical discipline, related certifications or experience 

Required Experience 
• Minimum of 2 – 5 years of comparable experience; minimum 8 years of experience if no degree 
• Windows disk and memory forensics 
• Unix or Linux disk and memory forensics 
• Network Security Monitoring (NSM), network traffic analysis, and log analysis 
• Static and dynamic malware analysis 
• Applied knowledge in at least one scripting or development language (i.e., Python) 
• Extensive understanding of enterprise security controls in Active Directory / Windows environments 
• Experience with hands-on penetration testing against Windows, wireless, Unix, or web application targets 
• Experience in training, presenting and leading junior staff 

Preferred Experience 
• 5-7 years of experience 
• Experience with programming/scripting languages 
• Background in operational information security disciplines (e.g. incident response, security infrastructure management or monitoring services) 
• Background performing incident response and digital forensics 
• Experience in configuration or management of feeds into event aggregation and correlation systems (e.g., Security Analytics, Splunk, ArcSight) 
• Experience with improvement of analyst effectiveness by optimizing signature quality in collaboration with other analysts and developers 
• Background in systems administration for Windows and/or *nix based environments 
• Familiarity with host based security tools (e.g., EnCase, Forensic Toolkit, ECAT, Volatility, Memory Forensics) 


Preferred License, Certification, Association 
• GIAC GCIH, GCIA, GCFA, GCFE, GREM

Vicky Sontakki

Tuesday, January 30, 2018

Cyber Security Engineer

Position: Cyber Security Engineer
Location100 S. Ashley Dr. Ste 600, Tampa FL 33602
Duration: Fulltime with Benefits 

Position Summary:
The Cybersecurity Engineer demonstrates technical cybersecurity subject matter expertise in performing excellent service delivery for our customers.

Job Responsibilities:
·         Lead teams to perform cybersecurity assessments, full internal & external vulnerability assessments on entire IT infrastructure and devices, across multiple locations
·         Develop and/or review technical documentation such as assessment reports and white papers
·         Demonstrate subject matter expert (SME) for security tools, applications and processes, including SIEM, vulnerability scanning, and penetration testing tools
·         Create, maintain and deliver project schedules and budgets
·         Define and manage work for consultants and contractors
·         Identify, manage and maintain KPI and other metrics for core processes
·         Review and assess current supported tools, apps and processes to determine gaps for meeting the needs of the stakeholders
·         Create process documents for operations, maintenance and integrating output from these tools into daily security operations
·         Help cultivate and maintain our culture of continuous learning and education to stay at the forefront of cybersecurity knowledge to the benefit of our customers

Key Skills & Experience:
·         Bachelor’s degree in Computer Science, IT, or related field is required; or else relevant combination of education and experience
·         Minimum 7 years of experience in IT-related field and minimum 3 years of experience in cybersecurity operations
·         CISSP, GCIH, CCNE, CEH, and/or similar industry certifications preferred
·         Demonstrated knowledge of cybersecurity industry trends, and emerging technologies
·         Experience in Windows and/or Linux systems administration
·         Strong knowledge of security technologies in areas such as firewalls, networking, IDS/IPS and encryption
·         Experience in scripting languages (e.g., Python, PowerShell, VBScript, Unix Shell (bash/ksh), etc.)
·         Experience with SIEM monitoring and reporting processes – security compliance monitoring, security event monitoring, vulnerability assessments, etc.
·         Highly effective written and verbal communication skills
·         Excellent interpersonal and organizational skills, as well as peer relationship skills
·         Possesses strong individual work ethic and team participation
·         Ability to quickly assimilate new technologies and concepts


Urvashi Raval
Staffing & Recruiting Professional
Direct Number: 703.634.4830 
urvashir@usmsystems.com
https://www.linkedin.com/in/urvashi-raval-22422b55/

Monday, January 29, 2018

Security Engineer

Position: Host Security Engineer
Location: Dublin, CA
Duration: Fulltime Permanent Position
 
Job Number: 17005318
 
GENERAL PURPOSE:
 
Responsible for evaluation, selection and implementation of solutions to address current and future business needs. Internal business consultant in the support of the company’s IT capabilities and services. Highly visible role with IT executives and directly interface with the business community.
 
ESSENTIAL FUNCTIONS:
  • Manage project delivery resources of security architects, engineers, analysts and operators, and prioritize project and operational work efforts.
  • Coordinate project delivery efforts with other teams such as security operations, network operations/architecture, governance & risk, technology engineering. Communicate project and operational metrics. Ensure that new designs meet those standards. Interprets information security and compliance requirements and develops plans to align company security infrastructure to those requirements
  • Coordinate strategic and tactical plans, projects, service transition and contracts.
  • Serve as project delivery issue escalation and communication point for security delivery challenges.
  • Assist with management of a multi-million dollar budget (capital and expense). Maintain relationships with vendors
QUALIFICATIONS AND SPECIAL SKILLS REQUIRED:
  • Minimum of 5 years of progressive IT experience
  • Minimum 3 years in supervisory position of security related staff/projects
  • Demonstrated project management experience
  • Demonstrated ability to manage staff remotely, across multiple time zones
  • Demonstrated ability to anticipate and handle critical situation, negotiating solutions, resolving conflicts, and driving projects to completion
  • Demonstrated ability to execute basic financial analysis, such as ROI
  • Technically competent; able to supervise internal programmers, analysts, consultants and external vendor resources
  • Undergraduate degree in information systems, computer science, or a related technical discipline
  • Bachelor's degree from an accredited college or university
  • Professional Characteristics/Motivators:
  • Outstanding verbal and written communication skills; outstanding listening skills
  • Able to articulate issues, build consensus around recommendations, and define next steps
  • Team oriented, yet able to work independently
  • Customer focused
  • Highly organized and detail oriented
PREFERRED QUALIFICATIONS:
  • Good understanding and knowledge of End-point/Host security concepts, processes and general trends in the industry
  • Experience with delivery of specific technologies to secure endpoint systems i.e., anti-malware, advanced threat detection, security incident & event management(SIEM), behavior analytics, mobile device management(MDM) security
  • Experience architecting. designing, building Host infrastructure; leading or participating in their day-to-day project delivery activities;
  • Conceptual and practical understanding of IT Infrastructure designs, technologies, products, and services. This should include knowledge of networking protocols, operating systems, databases, encryption, and other technologies.
  • Graduate degree
  • Some travel may be required
PHYSICAL REQUIREMENTS/ADA:
  • Requirements: Consistent timeliness and regular attendance. Job requires ability to work in an office environment, primarily on a computer. The job also requires sitting, standing, walking, talking on the telephone, attending in-person meetings, typing, and working with paper/files, etc.
  • Occasional Requirements: Job occasionally requires bending, kneeling, reaching, and lifting up to 10 pounds.
  • May also require occasional driving and/or traveling overnight for business functions or site visits.
  • Vision requirements: Ability to see information in print and/or electronically.
SUPERVISORY RESPONSIBILITIES:
  • Engineer I, II, or III
 
Ramesh G
IT Recruiter
Direct # (510)-936-8653
48531 Warm Springs Blvd, Suite 405, Fremont, CA 94539
Email: Rameshg@caspex.com
Website: www.caspex.com

Saturday, January 27, 2018

Product Security Architect

Job Title: Product Security Architect 
Company: Xoriant 

Job Title: Product Security Architect – Senior/Principal Technical Individual Contributor 

Information Technology Security Architect 

Job Overview: 

Evaluate Security features/capabilities for products, evaluate competitiveness of current Security Offerings (i.e. product / services), assess the security posture of products, guide product-based security certifications, and implement product security strategy elements. Create and maintain business plans for the life-cycle of the security offerings. 

The Product Security Architect provides guidance on the future / current direction for design, implementation and lifecycle of Information Technology Security offerings (Hardware, Software and Services). Work closely with HitachiVantara security strategy and planning personnel (e.g., CISO). 

Serves as a security expert for sales teams, customers and professional organizations in various technologies and platforms that effect infrastructure (such as applications, solutions, virtualization, cloud, storage, networks, data centers, computing devices, messaging, monitoring systems, etc.) as well as specific areas (cyber security and information assurance; data privacy, compliance, and legal; protection of information assets and systems from current and emerging threats). 

The Product Security Architect contributes to the development and maintenance of information security strategy and architecture at the corporate level; and may provide support across other product / service offerings, ensuring the implementation and operation of the appropriate security controls across the product/service offerings are commensurate with systems and information risk and are aligned with IT security policies and standards. 

Job Functions: 

1. Evaluate product security (i.e. products, services, and solutions) based upon criteria defined by Security Industry Standards Organizations, USA and EMEA Government Security Organizations, Customer Requirements and Vertical Market Best Practices – 30% 
2. Develop and/or Coordinate the development and delivery of security training for the development community – 20% 
3. Coordinate the security aspects of the launch of new products and product upgrades with all impacted groups within the company – 20% 
4. Assist TechOps with managing the scheduling / prioritization of hardware products for security characteristics and compliance – 20% 
5. Perform other duties as assigned by Director of Product Security – 10% 

Interprets information security policies, standards, and other requirements as they relate to product and service offerings and assists or oversees the implementation of product security requirements. 

Acts as a liaison for the internal or external parties requesting guidance, information and input on future/current Security offerings 

Acts as a technical consultant on information security items for solution development, service delivery and customer sales activity. 

Establishes and maintains strong working relationships with groups involved with information security matters such as the Hardware Development, Software Development, Services Development, Legal Department, Internal Audit Department, Physical Security Department, Information Technology Department, Information Security Council, HR and all outsourced IT organizations. 

Primary Qualifications: 

Bachelors degree in a technical related field and minimum 8 years of recent relevant experience 

A minimum of 5 years of proven broad in-depth technical knowledge of Security concepts, principles and process is required. 

A minimum of 5 years of experience in and a strong understanding of infrastructure, application and security appliance functionality using strong security practices 

Hold the (ISC)2 CISSP professional certification, or be able achieve this certification within 3 months of employment. In addition, at least one of the following Professional certification(s) required ISACA CISM, ISACA CISA, CCIE, (ISC)2 concentration certification (i.e., ISSAP, ISSMP, or ISSEP), or SNIA SCSE, with a preference for ISACA CISA. 

Possess the relationship skills, cultural awareness, and organizational prowess required to work effectively in a large, highly-matrixed organization. Capable of delivering results through a position of influence, not authority. 

Adept at communicating complex concepts to diverse audiences with varying skills sets. 

Written and oral Communication skills are critical. Must be able to communicate with the technology providers as well as with business leaders. An ability to understand the technical details and communicate the essentials at a high level is essential. 

Ensures that Product Security offerings meet the requirements of all USA and International regulatory requirements or contractual requirements; 


Narendra Kunware
Sr. Recruitment Executive

Friday, January 26, 2018

Information Security Analyst (Remote)

Location:  Work-from-Home
Length:  6+ month Assignment  
Pay:  Low to Mid $30s/hour W2
 
  • Experience supporting and troubleshooting agent based security technology within a large scale deployment.
  • Excellent verbal, written, and interpersonal communication skills
  • Strong analytical skills with high attention to detail and accuracy
  • Ability to think creatively to find innovative solutions to complex analytical questions
  • Excellent Microsoft Office (Word, Excel, Outlook, PowerPoint, Access, and Project) skills
  • Knowledge of the SDLC Lifecycle
  • Knowledge and work experience with Operational and/or Change Management process and tools such as Remedy, Pac2K, etc.
  • Fluent in scripting or querying languages utilizing SQL such as basic searches and joining tables
  • Familiarization with the following database platforms:  MS SQL
  • Demonstrate the ability to provide written and verbal communications to management to address real time operational and product issues as they arise.
  • Exceptional organizational skills, ability to manage multiple priorities in a fast-paced dynamic environment.
  • Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
  • Exemplary people skills are a must.


Andrew Norris, Sr. Professional Recruiter
Apex Systems
anorris@apexsystemsinc.com | www.apexsystems.com

Thursday, January 25, 2018

Threat Intelligence Analyst

We are currently seeking a Cyber Threat Intelligence Analyst to join our Information Security Operations team within the Information Technology Services (ITS) department here at the University of Southern California. The Cyber Threat Intelligence (CTI) Analyst identifies, prioritizes and tracks cyber threat intelligence requirements, probes for signs of compromise, and provides initial analyses. Develops models to determine incident-type activities, organizes and contextualizes intel, and communicates the nature, impact and mitigations for applicable security vulnerabilities. Other responsibilities will include parsing large technical data sets, integrating output of technical research, and sharing and escalating severe findings to the team and management.
The ideal candidate must possess three years of experience in Information Security. He/she should also possess experience with security assessment tools such as NMAP, Nessus, Metasploit, and/or Netcat. Experience with log management or security information management tools as well as strong analytical and problem solving skills are also required for this role.
Information Technology Services (ITS) is committed to providing information technology (IT) services and support to the university. ITS provides essential, university-wide services such as:
·         Enterprise information systems
·         University wired and wireless networks
·         Educational Technology
·         Research Computing
·         IT Security

Location:- Los Angeles, California

Qualifications:
·         Must have a Bachelor’s degree or combined education/experience as substitute for minimum education
·         Minimum of 3 years of experience in Information Security
·         Experience with log management or security information management tools
·         Experience with security assessment tools such as NMAP, Nessus, Metasploit, and/or Netcat
·         Demonstrated knowledge of security intelligence threats and threat actors
·         Advanced knowledge and experience with packet capture and analysis
·         Strong analytical and problem solving skills
·         Ability to make information security risk determinations based on threat intelligence analysis
·         Excellent verbal and written communication skills
·         Typically possesses 1 year of direct experience integrating CTI within a Security Operations Center
·         Typically possesses CEH certification
·         Typically possesses one or more of the following: Intrusion Detection In-Depth – SEC503 (optional GCIA certification), Hacker Guard: Security Baseline Training – SEC464, Security Essentials – SEC501 (optional GCED certification) and Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification).

Job Accountabilities:
·         Identifies, prioritizes and tracks cyber threat intelligence requirements utilizing both technical and actor information across domains (crime, espionage, hacktivism); formulate and prioritize intelligence requirements according to established risk management framework
·         Hunts for indicators of compromise using various toolsets, and provides initial analysis of security intelligence feeds relative to network traffic analysis, intrusion detection, offensive security, data science and predictive analytics
·         Develops models for identifying incident-type activity, of malware or bad actors, using statistical/advanced analytic tools; shares indicators of compromise (IOC) models with trusted parties for validation and collaboration; synthesizes and places intelligence information into context; communicates the nature, impact and mitigations for applicable security vulnerabilities
·         Sifts through large technical data sets, and identifies intelligence collection requirements that can be met through automated and human collection methodologies
·         Integrates output of technical research, e.g., network forensics and reverse engineering, into intelligence products; communicates and escalates severe intelligence findings to team members and management
·         Collects, assesses and analyzes intelligence reports from multiple sources and disciplines; reviews incident logs/records mining for intrusion patterns; manages documentation and tracking of relevant threats 
·         Collaborates with other cyber intelligence analysts to ensure individual and team goals are met; maintain understanding of unit, department, and university regulations, policies, and procedures
·         Maintains awareness and knowledge of current changes within legal, regulatory, and technology environments which may affect operations. Ensures senior management and staff are informed of any changes and updates in a timely manner. Establishes and maintains appropriate network of professional contacts. Maintains membership in appropriate professional organizations and publications. Attends meetings, seminars and conferences and maintains continuity of any required or desirable certifications, if applicable
·         Performs other duties as assigned or requested. The university reserves the right to add or change duties at any time.

Preferred Qualifications
·         Bachelor’s Degree
·         1 year of direct experience integrating CTI within a Security Operations Center
·         CEH certification
·         One or more of the following: Intrusion Detection In-Depth – SEC503 (optional GCIA certification), Hacker Guard: Security Baseline Training – SEC464, Security Essentials – SEC501 (optional GCED certification) and Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification).


Abhishek Shrivastava
Resource Management Executive
(614)553-8532 abhishek.shrivastava@tgtus.com
Trinity Global Tech Inc.
www.tgtus.com