Saturday, June 1, 2019

Security Engineer

Job Title: Security Analyst/Engineer

Location: Vienna, VA 22027

Duration: 12 Months +



Below mentioned skills what client would like to see in a resume. Request to elaborate/describe more on the same and send the resume.



       4-5 years of experience

         Experience/proficiency in at least one of the following:

              Network Security

              Cloud Security

              Application Security

              Experience working in large environments



Job Description: 



Basic Purpose:

To analyse and evaluate new and existing information security programs and procedures to protect corporate information systems assets from intentional or inadvertent modification, disclosure, or destruction. To design and implement new and enhanced security solutions and procedures to control and manage information assets and meet corporate and regulatory requirements.



Additionally, the Information Security Analyst will:

1.      Identify and analyse potential risks/threats to information security and respond to reported security violations; perform incident analysis to determine causes, possible solutions, and remedial actions

2.      Design and implement new and enhanced security solutions and procedures to control and manage information assets and meet corporate and regulatory requirements

3.      Research and maintain current knowledge regarding information security issues, trends, solutions, and potential implications; participate in identifying, evaluating, testing, and implementing new

         security products, tools, and systems for implementation of the secure infrastructure

4.      Maintain a continuous process improvement work environment, recommending and implementing new/improved systems in accordance with industry standards and best practices

5.      Perform risk assessments and security testing as part of a security team

6.      Assist in creating and enforcing security standards and procedures

7.      Develop communications and training materials regarding security policies, guidelines, and standards to educate staff about the requirements of information security and to improve information

         security awareness

8.      Perform technical management of Data Loss Prevention tools; create and maintain Data Loss Prevention policies; monitor metrics to demonstrate decreased data loss risk



Required Knowledge, Skills and Abilities:

*        Bachelor's Degree in business administration, information systems, or related field

*        Extensive experience in the analysis, design, and/ or implementation of information technology in a secure environment; understanding of SDLC

*        Extensive experience in computer and information security assessment, administration, and management

*        Comprehensive knowledge and understanding of best practices, trends related to information security

*        Comprehensive knowledge of information security regulations and legislation

*        Formal project management experience which involved organization skills, managing strategy, project communications (internal and external to team), and planning and directing the work of participants

*        Strong research, analytical, and problem-solving skills

*        Highly developed verbal and written communication skills, including preparing and presenting results, findings, and alternatives, and influencing management decision-making based on the best available data

*        Experience working directly with Data Loss Prevention tools, including the creation and maintenance of policies that will detect and/or prevent the loss of data

*        Knowledge of NCUA and FFIEC regulations, GLBA, PCI DSS, and other information security requirements and frameworks 

Desired:

*        Advanced college degree in information security, cyber security, information technology, etc.

*        Experience with security systems, assessment tools, and technical security, large systems, and cloud integrations

*        Professional certification(CISSP, CISM, CRISC), or a reasonable expectation to obtain the certification





Surinderjit Singh

Senior Technical Recruiter

Saicon Consultants, Inc.

(913) 257-3377 Ext. 167

Text Now (315) 510-9688

Email: ssingh@saiconinc.biz             

http://www.saicon.com 

Wednesday, May 29, 2019

Security Analyst II

Title: Security Analyst II
Duration: 3 months (Strong possibility for extension)
Location: San Francisco, CA 94114

Job Description
Primary Responsibilities: 

• Participate in planning, scheduling and preliminary analysis for all internal and external audit projects.
• Coordinate audit activities including notification and scheduling for all affected parties of audit timing, scope, objectives, approach and deliverables.
• Work closely with external auditors and internal audit teams on managing and supporting the audits.
• Identify, document, and map technology processes and internal controls of applicable technology infrastructure and operational areas per the scope of the audit project.
• Perform risk assessments of technology infrastructure and operational processes and controls for assigned areas.
• Complete audit testing, inquiry, observation and other analysis required to meet objectives of audit projects.
• Communicate progress and results of audit throughout the audit engagements.
• Develop value added recommendations to deal with issues identified during assigned audits and draft audit reports to formally communicate the results of the audit and related recommendations.
• Monitor implementation of outstanding audit recommendations and validate their implementation.
• Automate manual tasks related to RFIs, Audits and Other compliance programs
• Request and review vendors auditing documentation to insure alignment with Client internal controls and provide assessments and recommendations.

Required Skills & Qualifications: 
• Bachelor’s degree in Information Systems or related field, or equivalent experience
• Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC) strongly preferred. Other certifications add value such as Certified in Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM), Certified Information Security Professional (CISSP), CPA, and/or CIA.
• Minimum 3 years of internal or external audit experience with Big 4 Audit Firms, with exposure to the following compliance frameworks AT101 Type2 SoC1 and SoC2 (SSAE16), ISO2700x, FedRamp, COPPA, ITIL, NIST, PCI DSS
• Understanding of Cloud industry technologies and IaaS, PaaS, SaaS platforms preferred. Ability to quickly acquire and apply knowledge of changing technologies implemented is essential.
• Good understanding of audit process/methodology, and risk management/advisory ability.
• Ability to adapt to a changing environment, meet deadlines and handle multiple projects.
• Experience in using a risk-based audit approach in evaluations of and recommendations for management processes.
• Ability to present audit findings and recommendations in a manner that will be understood and accepted by all responsible parties.
• Possess the tenacity to pursue difficult and sensitive issues to acceptable conclusion
• Excellent communication, interpersonal, time management and issue resolution skills.
• Excellent analytical skills, organizational skills, ingenuity and the ability to work as part of a team


Saideep Thota
Team Lead West Coast Region

Randstad Technologies
P: 646-576-9854
C: 408-818-8682

Monday, May 27, 2019

Security Consultant IT Supervisor II

Job title- Security Consultant IT Supervisor II              
LocationPleasanton, CA
Position- Contract

Our Pleasanton, CA client has a contract position for a Security Consultant IT Supervisor II and I have included the details below.  Could this role be a potential fit for you or anyone you know?
Primary responsibilities include, but are not limited to the following:
·         Support the Chief Information Security Officer (CISO) and Risk Manager in ensuring that policies, practices, and tools to achieve security compliance.
·         Collaborate with Senior Leadership Team members across the organization and provide consultative assistance to other programs related to the Security Plan.
·         Establish and oversee an effective Cyber Security Awareness training program.
·         Evaluate new security technologies to defend against internal and external threats.
·         Participate in short and long range security strategy planning under guidance of the CISO and Risk Manager.
·         Establish a uniform process to mitigate risk and oversee IT Risk Assessments within the established service level agreement (SLA).
·         Track the health of the security policy compliance program and provide executive level reports to stakeholders.
·         Maintain information security specific standards and policies, and ensure the deployment of the desired controls throughout the environment (e.g., Secure Systems Development Lifecycle, etc.).
·         Knowledge transfer to and training of Enterprise Security team members.
Technical knowledge and skills:
·         Five (5) years of information technology experience, including two (2) years of lead/management experience performing a variety of progressively responsible technical and analytical work
·         Minimum of 5+ years of security practices
·         Technical security project management skills
·         Working experience using best practices standards and frameworks: iso 27001/27002, pci: dss v3; glba; hippa/hitech; nist 800-53; cis controls, nist csf, cis ram

Working experience, at a minimum:
·         Hardware: network switches, routers, load balancers, servers, storage systems, end-user systems, mobile devices, or other devices that enable the organization to complete its mission
·         Operating systems: Unix, Linux, windows
·         Network: lan, wan, internet, proxy/filtering, firewall, vpn, dmz
·         Network protocols such as tcp/ip, snmp, smtp, ntp, dns, ldap, nfs, samba, etc.
·         Databases: oracle, sql, mysql
·         Cloud platforms: IAAS, PAAS, SAAS
·         Security concepts such as encryption, hardening, etc.
·         Security GRC
·         Active directory
·         Programming Languages Are a Plus

Professional skills:
·         The Consultant resource(s) shall possess most of the following skills:
·         Strong analytical and critical thinking skills
·         Excellent written and oral communication skills to effectively communicate across all levels of the organization
·         Proven ability to present to a Senior Management Level and Executive audience
·         Working experience of security, policy compliance, and governance frameworks including the NIST-800 series, PCI, ISO 27001/27001, ITIL, and COBIT
·         Expert knowledge in security project management practices
·         Self-motivated/Self-Starter/Proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
·         Working experience in a highly regulated environment and managing information risks and expectations across multiple stakeholder groups
·         Working experience of emergent security risks
·         Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
·         Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
·         Take responsibility for the integrity of the solution
·         Ability to be a strategic thinker
·         Demonstrated ability to influence others
·         Experience in managing multiple projects.
·         5+ Years’ experience in information security.
·         CISA, CISM, OR CISSP CERTIFICATION IS REQUIRED

Zain Roy| Technical Recruiter
408-498-1420

Cloud Security Architect

We are seeking a Mid-Senior Cloud Security Architect in Chicago, IL for a Full time role. Responsibilities include designing and developing security policies, standards and procedures for secure cloud technology solutions.

Qualifications:
8+ years of technical hands on experience designing cloud security solutions
Past experience working with stakeholders presenting solutions
Experience in Risk Management
Prior security solution implementations
Strong experience in one or more cloud technologies - AWS, Azure, Google Cloud. 
Strong communication skills.

***We are unable to sponsor a visa at this time.
Must be US Citizen or Green Card holder 
No 3rd party candidates - No H1B, OPT EAD, or any visa candidates

If you are interested and available, please forward your resume to lisa.beresford@comcentric.com for immediate consideration.

Business Analyst II

Job Title: Business Analyst
Location: Sunnyvale, CA 94085
Job Duration: 6 plus Months
Type Of Hire: Contract
No: of Positions: 5

Primary Skills: Business Analysis, BRD, implementation, Oracle R12 ,Coupa 
Description:
1. Role of a BSA
2. Work with Business, internal IT team and be part of a Coupa ( software ) implementation
3. Ability to write BRD, FD's and help business with testing
4. Communicate with IT leadership and also Biz
Skills:
1. Two end-to-end life cycle implementations in the field of Procurement ( R12) 
2. Experience in Coupa will be add-on
3. Min 4 years of experience in BSA role / min two implementations at a client place 
Education:Bachelor's Degree in Finance or Accounting 

Vijay (VJ)
Recruiter
Saicon Consultants, Inc.
(913) 257-3377 Ext. 131
Address: 9300 W 110th St #650, Overland Park, KS 66210, USA

Cyber Security Controls Assessor

Job Title: Cyber Security Controls Assessor
Location: San Francisco, CA
Duration: 12 Months
 
Responsibilities: 
• Execute and support Third party vendors security and risk assessments, audits, tests, and verification activities.
• Validate controls are operating effectively.
• Work under consultative direction to review test results or interpret evidence.
• Within area(s) of specialty, develop control test procedures, vulnerability-testing code writing capability, and other analytical tools to support Third Party Security and Risk Management activities and services.
• Document results of assessments, audits, tests, and verification activities.
• Create and maintain Third Party Security and Risk group, project, and service-aligned documentation.
• Perform or support review of security control modifications, as required.
• Develop ability to speak and understand security terminology, especially those related to Information Assurance.
• Conduct Security Testing and Generate Risk Scores on all Assessment Findings. Support periodic reporting 
 
Qualifications:
  • Bachelors in Computer Science, or related discipline, or equivalent experience Certified Information Systems Security Professional (CISSP) certification, Certified in Risk and Information Systems Control (CRISC) certification, Certified Information Systems Auditor (CISA) certification.
  • Experience in Information Technology (IT) risk management, or related.
  • 5years Experience in Information Technology (IT)
  • 5years Utility industry experience 

 
Diksha Rajpal | Recruiter
Spectraforce Technologies Inc.
Phone: 919 230 9952  Extn: 4662
Fax: 919-573-9398
Email: diksha.rajpal@spectraforce.com
Visit us : www.spectraforce.com
919 230 9952 Ext 4662
diksha.rajpal@spectraforce.com

Security Engineer

Job Title: Security Engineer 
Location: Charlotte, NC (Onsite)
Duration: 12 Months+ Highly possibility of Extension

POSITION SUMMARY:
The Reg and Audit team serve as support liaison across all 3LOD, between Advocacy and Oversight’s (A&O), Regulatory Support and Advocacy Team (RSA), Cybersecurity, and other business partners to successfully address current, and prepare for  future audits and examinations.  Ensure the effective monitoring of examination activities, and to identify and escalate issues to senior management in real-time. Ability to collaborate and lead all stakeholders to a common understanding while managing expectations.

KEY RESPONSIBILITIES AND DUTIES:
Other key responsibilities include but not limited to:  Serve as a central point of contact with regulators/auditors and the business.  Respond to regulator/auditor requests timely and accurately.  
•Control of management information submissions; including the gathering and packaging of artifacts through coordination and scheduling meetings with key participants/SMEs. 
•Provide assessment and assistance to the business lines’ preparedness for the examination process; includes coaching/training business lines on examination protocol. 
•Coordinate and review examination response as part of quality control process. Must be able to manage issues; provide visibility and escalation, when needed. 
•Monitors the full lifecycle of a regulatory issue /Management Actin Plans (MAPs) identified—from identification to closure to validation. 
•Provides input to strategic decisions that affect the functional area of responsibility. Prepare reports for senior/executive management teams, detailing Issues, MAPs, examinations, audit information that may impact the Cyber’s regulatory compliance.

DESIRED SKILLS:
• Experience using Archer.
• Experience with Audit preparation activities including evidence gathering and submission, ensure successful management action plan (MAP) implementation, management reporting.
• Knowledge of information security frameworks and industry regulations (NIST, ISO, CoBIT, NYDFS, SOX) preferred
• Experience with Information Security frameworks preferred
• Strong interpersonal skills to lead projects with excellent influencing and problem resolution skills
• Effective leadership skills with the ability to create empowered teams including knowledge sharing, documentation, timeliness and proactive planning
 
 

Shubham Tiwary
Associate Technical recruiter
eTeam Inc.
(732) 318-3784
1001 Durham Avenue, Suite 201,South Plainfield, NJ 07080
South Plainfield, NJ, 07080

Security Threat Analyst

Position Summary
Currently located in Concord, CA, this position is in our Security Intelligence and Operations Center and is responsible for monitoring, detecting, and responding to cybersecurity activity across telecommunication and data computing infrastructure.
Response could include but is not limited to: troubleshooting, analysis, diagnosis, communicating with stakeholders, and resolution or coordination of resolution via support groups or business units.
This position is on one of three shifts and requires the ability to think analytically, work collaboratively, and document all work being performed.
 Responsibilities:
• Monitor incoming event queues for potential security incidents; identify and act on anomalous network activity
• Perform initial investigation and triage to senior analysts with proper documentation for potential security incidents
• Perform hunting for malicious activity across the network and digital assets
• Perform detailed investigation and response activities for potential security incidents
• Ability to perform payload analysis of packets
• Ability to detonate malware to assist with threat research
• Recommends implementation of counter-measures or mitigating controls
• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
• Assist in mentoring junior staff in cybersecurity techniques and processes
• Assist in creation and continuous improvement of standard operating procedures used by the SIOC
• Monitor external event sources for security intelligence and actionable incidents
• Must comply with any regulatory requirements 
Qualifications:
**LOCAL CANDIDATES ONLY*
*TOP THREE** The top three things we are looking for are:
1. Prior Security Operation Center (SOC) experience
2. Strong networking skills
3. Event Monitoring / Incident Response
 Minimum Qualifications:
• Bachelor's degree in Computer Science or related field, or equivalent work experience
• 2 years of relevant work experience within security information technology
• Experience in network security monitoring, network packet analysis and / or host forensics.
• Good networking knowledge – TCP/IP protocols, OSI model, Firewalls and other networking devices
• Strong customer service skills and decision-making skills
• Good analytical skills – ability to analyze and think out of the box when working a security event
• Self-motivated, methodical and detail oriented Desired Qualifications
• Utility Industry experience
• Formal IT Security/Network Certifications such as: CompTIA, SANS GIAC, ISC², CCNA
• Prior SIEM experience – Security Information & Event Management system, log aggregation and event notification tool such as IBM QRadar
• Extensive experience in industry well known as well as open source Network and/ or Host forensic tools
• Familiarity with scripting languages such as Python, Perl, PowerShell 

Best,
-- 
Spenser Bradley
Account Manager
 
Randstad Technologies
1545 River Park Drive, Suite 501
Sacramento, CA 95815
T  916 256 3696 
M  916 402 5838
Spenser.Bradley@randstadusa.com

Senior Security Analyst Lead

Position: Sr. Security Analyst Lead
Location: Los Angeles, CA 
Duration: 2 Years
Hours estimated: 3800


Description:
  • Onsite on Metro facility.
  • Work period, generally, 40 hours per week: 8 hours/day
Job Summary:
The Sr. Security Analyst / Lead will work under the direction of the DEO, Enterprise Information Security. Their responsibilities include, but are not limited to:

  • Identify solutions to complex security data protection technologies that enhance business services. Perform comprehensive technology review and provide technical summary of the solutions based on business use cases.
  • Lead data protection policy reviews and provide recommendations utilizing technologies such as Data Leakage Protection and Encryption services and others.
  • Lead projects on the design, implementation, operation and maintenance of security applications and tools based upon the established security architecture.
  • Develop and maintain security requirements, and build on security framework.
  • Lead in the identification data protection services to best fit a business need.
  • Review data protection requirements of business functions and document the available solutions and processes.
  • Monitor security blogs, articles, and reports to remain up to date on the latest security risks, threats, and technology trends.
  • Build communication channels with LA Metro functional service area teams, gathering information how to support their needs and provide enhanced data protection services. Regularly interacts with Senior Managers, and occasionally on matters requiring coordination across department and divisions.
  • Assist with the development, deployment and support of Data Protection solutions.
  • Assist with development and communication of information protection guidelines and requirements.
  • Lead large scale projects for security functions.
  • Provide guidance to junior Security staff and contractors.
  • Performs other job-related duties as assigned.
3.1.2. KNOWLEDGE/EXPERIENCE REQUIREMENTS
Proposed Firm's personnel must possess demonstrable knowledge in the following areas:

  • Must poses decision making capacity and ability to use good judgment.
  • Works on highly complex and unique issues where analysis of situations or data requires an evaluation of intangibles. Exercises independent judgment in methods, techniques and evaluation criteria for obtaining results. Subject-matter expert providing resolution to problems with some oversight.
  • Exercises independent judgement towards solutions and presents to members of Cyber Security leadership.
  • Often provides technical leadership to contractors and team members on special/complex projects and/or key business objectives.
SKILLS QUALIFICATIONS
Proposed Firm's personnel must have the following minimum technical qualifications:
  • Certifications: CISSP (Required), CISA (Preferred)
  • Years of Experience: 5+
  • May vary by specialization but may include solid understanding of project management, application security concepts, data protection, and mobility security integration.
Additionally, they should be a subject-matter expert in the following:
  • Data protection and encryption technologies
  • DLP, and other related data protection technologies
  • Technology research
  • Microsoft Office skills
  • Industry security frameworks
  • Operational experience with various commonly used operating systems and services
  • Network communication basics
3.1.4. PERIOD OF PERFORMANCE: ENGAGEMENT
  • 2 Years
  • Start date immediately upon award of contract.


AnishSharma
E TalentNetwork
http://etalentnetwork.com
8251 Greensboro Drive, Suite 250 Mclean , Virginia - 22102