Wednesday, October 9, 2019

Security Analyst

Primary responsibilities include, but are not limited to the following:
  1. Review and provide recommendations to develop and improve State Fund’s security processes including performing gap analyses and driving assessments.
  2. Participate and/or drive implementation of security environment enhancements.
  3. Knowledge transfer to and training of State Fund employees including documented training materials.
  4. Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices.
  5. Attend meetings/Represent ESEC as a Senior Lead for all security matters.
  6. Act as Lead/Co-Lead/Backup on assigned ESEC projects
  7. Other duties as assigned such as: update of existing security policies and develop new ones, evaluation of security risk assessments, etc.


TECHNICAL KNOWLEDGE AND SKILLS:

  • MINIMUM OF 5+ YEARS OF SECURITY PRACTICES (HANDS ON).
  • TECHNICAL SECURITY PROJECT MANAGEMENT SKILLS
  • WORKING EXPERIENCE USING BEST PRACTICES STANDARDS AND FRAMEWORKS: ISO 27001/27002, PCI:DSS V3; GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF, CIS RAM

WORKING EXPERIENCE, AT A MINIMUM:
o             HARDWARE: NETWORK SWITCHES, ROUTERS, LOAD BALANCERS, SERVERS, STORAGE SYSTEMS, END-USER SYSTEMS, MOBILE DEVICES, OR OTHER DEVICES THAT ENABLE THE ORGANIZATION TO COMPLETE ITS MISSION
o             OPERATING SYSTEMS: UNIX, LINUX, WINDOWS
o             NETWORK: LAN, WAN, INTERNET, PROXY/FILTERING, FIREWALL, VPN, DMZ
o             NETWORK PROTOCOLS SUCH AS TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, ETC.
o             DATABASES: ORACLE, SQL, MYSQL
o             CLOUD PLATFORMS: IAAS, PAAS, SAAS
o             SECURITY CONCEPTS SUCH AS ENCRYPTION, HARDENING, ETC.
o             SECURITY GRC
o             ACTIVE DIRECTORY
o             PROGRAMMING LANGUAGES ARE A PLUS

PROFESSIONAL SKILLS:
The Consultant resource(s) shall possess most of the following skills:
  • Strong analytical and critical thinking skills.
  • Ability to analyze information and formulate solutions to problems.
  • Provide more in-depth analysis with a high-level view of goals and end deliverables.
  • Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
  • Plan and manage all aspects of the support function.
  • Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
  • Expert knowledge in project management practices and ability to document processes and procedures as needed.
  • Self-motivated/Self-Starter/Proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
  • Ask questions and share information gained with other support team members, recording and documenting this knowledge
  • Elicit and gather user requirements and/or problem description information, and record this information accurately
  • Listen carefully and act upon user requirements
  • Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
  • Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
  • Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
  • Take responsibility for the integrity of the solution
  • Convey and explain complex problems and solutions in an understandable language to both technical and non-technical personnel.
  • Present solutions (technical and non-technical) to management and decision makers
  • Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
  • Experience in managing multiple projects.
  • 5+ Years’ experience in information security.
  • CISSP. Other highly desirable security certifications may be substituted for CISSP (for e.g., CISA, CISM, etc.)


Jennifer Ramos
VP Recruiting
Conde Group, Inc. Consulting and Staffing Services
"Bringing the best to your Workforce"
Managed Cyber Security Services (MCSS)
Phone 925-292-5408
Fax 858-724-6688

Saturday, October 5, 2019

Security & Risk Analyst - III

Title: Security & Risk Analyst - III
Location: Foster City, CA 94404
Duration: 1 year

Description:
·         Need an experienced SIEM engineer who is experienced with creating and tuning content in HPE ArcSight
·         Experience with security solutions for file share monitoring, certificate and SSH key management tools and enterprise key management tools is preferred.
·         Manages an area of the IT Security and Risk Management Program that impacts multiple departments internal and external to IT, sets goals and objectives, tracks and communicates status, acts as spokesperson to business partners and colleagues on program subject area.
·         Identifies security processes and standards across IT that would benefit from improvement.
·         Proposes new standards, tools, policies and procedures to improve security, compliance and risk management activities in client. Benchmarks innovative solutions as a method of monitoring progression to ensure value is being created and is consistent with organizational goals, objectives and standards.
·         Leads the security design of projects that entail large risk and widespread implications to the business.
·         Reports status on activities, issues, projects, etc. to senior IT management, including the effectiveness and efficiency of security activities. Works with IT, Quality Assurance, and business colleagues to ensure audit readiness, and to prepare for internal and external audits. Reviews security documents and project artifacts for complex situations. Assesses and manages compliance risks across the organization, escalating to senior management as necessary.


Nick S
Sr Technical Recruiter
Integrated Resources, Inc.
IT Life Sciences Healthcare
Direct desk line: 650-399-0884 (W) 732-549-2030 x 355

Friday, October 4, 2019

Front End UI Developer

Position: FrontEnd UI Developer
Location: SFO, CA
Duration: 6-12+ Month Contract
Interview: Phone and Skype

Job Description:
  • Should be able to develop HTMLs compatible with all web browsers for tablet, mobile and desktop
  • Integrate HTML files in marketing automation or email broadcast system.
  • Work with clients to set up the technical aspects of their requirements
  • Experience working with CSS3 and HTML5 within a JS framework.
  • Experience with abstraction and code reuse of CSS/SCSS/SASS/LESS or similar technologies
  • Proficient in HTML5, CSS, JS, jQuery, media queries, nodeJS, AJAX, bootstrap framework. **React would be a plus**
  • High proficiency with any CMS will be added advantage.
  • Proficiency with responsive web design techniques and the use of frameworks.
  • Email HTML development experience
  • Web/Graphic design experience
  • Exceptional communication skills
  • Must be able to work independently as well as part of a team
Amit Dabas
IDC Technologies, Inc.
Milpitas, CA 95035, USA
Phone: 408-418-5778 ext. 3038

Tuesday, October 1, 2019

Technology Analyst

Job Title Technology Analyst | Open System | PERL
Work Location & Reporting Address San Francisco CA 94107
Contract duration 6 – 12 Months
Does this position require Visa independent candidates only? No

Job Details:
Must Have Skills
Perl Script
Java
Agile work experience

Nice to have skills
Teamsite 16.4

Detailed Job Description
This position is for the Developer role in the Astra project.
Client is looking for candidates with strong experience in Perl scripting
Skill required are Perl, Java and with knowledge of Teamsite or any other Content Management system
Will be working on development of Email personalization area using CMS.

Minimum years of experience 4+

Certifications Needed :No

Top 3 responsibilities you would expect the Subcon to shoulder and execute
Design and development of application
Effective client interaction
Communication with offshore
 
Should you be interested, please send me a copy of your resume in word format along with the following details ASAP.
 
Full Name:
Current Location:
Hourly rate on C2C/W2:
Work Authorization:
Earliest Available date to start:
Date and times available to interview:
Two Professional References:(Preferably Supervisory references):

Deepak Jaiswal
408-614-0667

Monday, September 30, 2019

Incident Response & Threat Hunting

Role: Lead – Incident Response & Threat Hunting
 
Location: Wilmington, DE
Position: Full Time
Job Description:
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence
Lead 24x7 SOC teams providing operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources.
Ensure timely reporting of metrics, security control gaps, and vulnerabilities to leadership by providing quantitative insight into security posture
Hands on Experience in providing Level 3 incident Response & Threat Hunting
 Manual Log analysis of various security devices - Server, FW, IPS/IDS etc.
Threat modeling & hunting using security tools.
SIEM Tool (IBM QRadar)- Administration & Support
Use Case Development/Enhancement
Content Development, Co-relation Rule creation / modification / review
Oversee program to prepare organization for active threat and vulnerability defense and remediation, and security incident management
Lead the development of Cyber crisis management playbooks, run books and plans to ensure effective response during a significant event.
Lead will evolve the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting
Change agent with ability to drive accountability & outcomes across a diverse threat landscape
Strong Technical escalation management experience.
Ensure delivery compliance to SOW &  service level adherence
Interface with customer  & delivery team
Regular customer connect &  escalation management
Technical delivery parameter compliance tracking & reporting
Implementation Standardize service delivery  framework across multiple accounts
Essential Technology Skills
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence
Must Have
8-10 years in IT related roles and 5-8 years of experience in at least two security operations disciplines within an enterprise scale environment (such as tier 3/4 incident management, cyber threat analyst, cyber intelligence analyst, cyber investigation, Threat Hunting)
Experience with SOC incident response and management including 24x7x365 continuous monitoring, detection and analysis of potential intrusions in real-time
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, iOS, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks.

Ganesh Yadav
408-898-2687

QA Automation Engineer

Role: Lead – Incident Response & Threat Hunting
 
Location: Wilmington, DE
Position: Full Time
Job Description:
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence
Lead 24x7 SOC teams providing operational and strategic planning, including fostering innovation, planning projects, and organizing and negotiating the allocation of resources.
Ensure timely reporting of metrics, security control gaps, and vulnerabilities to leadership by providing quantitative insight into security posture
Hands on Experience in providing Level 3 incident Response & Threat Hunting
 Manual Log analysis of various security devices - Server, FW, IPS/IDS etc.
Threat modeling & hunting using security tools.
SIEM Tool (IBM QRadar)- Administration & Support
Use Case Development/Enhancement
Content Development, Co-relation Rule creation / modification / review
Oversee program to prepare organization for active threat and vulnerability defense and remediation, and security incident management
Lead the development of Cyber crisis management playbooks, run books and plans to ensure effective response during a significant event.
Lead will evolve the incident response program that aligns with the enterprise incident management framework and includes incident detection, analysis, containment, eradication, recovery and forensic artifacts required for additional investigations.
Hands-on experience finding and responding to advance persistent cyber-attacks (APT) in a global network setting
Change agent with ability to drive accountability & outcomes across a diverse threat landscape
Strong Technical escalation management experience.
Ensure delivery compliance to SOW &  service level adherence
Interface with customer  & delivery team
Regular customer connect &  escalation management
Technical delivery parameter compliance tracking & reporting
Implementation Standardize service delivery  framework across multiple accounts
Essential Technology Skills
Security Operations Center (SOC)
SIEM – IBM QRadar
SOAR Platform – Service Now, Demisto
Security Incident Management
Secure Eye – Intsights – Threat Intelligence

Must Have
8-10 years in IT related roles and 5-8 years of experience in at least two security operations disciplines within an enterprise scale environment (such as tier 3/4 incident management, cyber threat analyst, cyber intelligence analyst, cyber investigation, Threat Hunting)
Experience with SOC incident response and management including 24x7x365 continuous monitoring, detection and analysis of potential intrusions in real-time
Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits
Experience with attacks and mitigation methods, with experience working in two or more of the following: Network protocols and secure network design; Operating system internals and hardening (e.g. Windows, Linux, iOS, Android); Web application and browser security; Security assessments and penetration testing; Authentication and access control; Applied cryptography and security protocols; Security monitoring and intrusion detection, Incident response and forensics; Development of security tools, automation or frameworks.

Regards ....
Ganesh Yadav
408-898-2687

Information Security Business Analyst

Information Security Business Analyst
San Francisco, CA
Immediate interview
Job Description –
a) 8+ years of business systems analysis experience, business systems design experience, or a combination of both
b) 5+ years of Information Security experience
c) Deep understanding of information security protocols, vulnerability remediation and overall data security requirements
d) Results driven individual who is self-starter, critical thinker, problem solver and detail oriented
e) Create quality documentation to convey both business and technical requirements, including experience creating requirements traceability matrix
f) Experience in financial projects
d) Ability to clearly articulate how technical solutions map to business requirements
g) Ability to understand current state and map to future state technologies and architecture
h) Generate interview questions as they relate to requirements gathering
i) Ability to translate business and technical requirements into use cases for Agile development
j) Understanding of BI and Analytics tools and appropriate use cases
k) Experience gathering non-functional requirements



Friday, September 27, 2019

Job Title: Senior SIEM (QRadar) Engineer (SSE)

Job Title: Senior SIEM (QRadar) Engineer (SSE)
Location: Las Vegas,NV 
Duration: CONTRACT 
Note:- Need visa copy and passport number for submission
 
 
A Senior Security Engineer (not just analyst) role that brings deep expertise and experience in Security Information & Event Management (SIEM), specifically IBM QRadar, to be able to engage at a technical, hands-on level with various SIEM optimization initiatives. This person will have advanced subject matter expertise in the build, configuration, day to day administration, maintenance and tuning activities, along with in depth knowledge of the various capabilities, integrations and applications available within on prem, cloud and MSSP managed QRadar instances. They will also have a demonstrated deep understanding of security fundamentals and associated SIEM options, in order to advise at all levels of the security engagement including architecture, design, and configuration review.

Desired critical QRADAR service areas of experience:

· Management of hosts (architecture) and licenses

· Log source setup, integration, validation and optimization

· Use case, rules and detection signature creation, tuning, development and extension

· Integrate and optimize Intelligence feeds and workflow 

· Create, update, run and distribute reports

· Create custom parsers (DSM editing), offenses, alerts, response correlations, automation and workflows

· Build and tune correlation rules to eliminate false positives and identify possible false negative instances

· Platform upgrade, patching and migration experience

· Creation of detection mapping against the MITRE Telecommunication&CK framework to identify and close gaps

 Essential Duties & Responsibilities:

· Provide technical leadership, solution design, and hands-on development support of security controls for infrastructure and software deployments

· Develop Threat Models and Perform Security Health Checks of the hybrid on prem multi cloud environments

· Develop and deliver training content and playbook content for SOC I analysts

· API and application integration
 

 
Vivek Rana
Associate Technical Recruiter
eTeam Inc.
(732) 210-9149
1001 Durham Avenue, Suite 201,South Plainfield, NJ 07080
South Plainfield, NJ, 07080

Test Architect

Position: Test Architect
Location: Bolingbrook, IL
Job Description:
  • Expertise to create test strategy test plan, test cases, unit tests for a project/program
  • Assist in the review of test plans and automated cases for other team members
  • Experience with programming skills like Java, React JS, Html, CSS, Scripting languages like JS, python etc.
  • Experience testing in JSON, CSS, HTML5, React JS and Angular.js frameworks
  • Understanding of web technologies including web services, RESTful APIs, web servers etc.
  • Experience in test automation with Selenium, Protractor, Jasmine for React JS apps
  • Enhance and extend test automation frameworks,
  • Extensive experience in white box and black box testing
  • To providing test architecture quality engineering on enterprise software products and systems.
  • Knowledge of Ecommerce industry practices with a focus on test integration on DevOps and Prod environments
  • Experience leading test case design to provide efficient optimal coverage
  • Experience with deployment tool chain (GCP, Docker, Kubernetes)
  • Experience with Continuous Integration systems such as Jenkins or Bamboo and good knowledge on CI/CD pipeline
  • Experience in writing scripts for testing RESTful services
  • Experience in framework architecture and design
  • Ability to lead technical projects and code at the same time
  • Experience with Agile / SCRUM methodology for product development
  • Proven ability and desire to deliver projects on time with high quality.
  • Excellent verbal and written communication skills
  • Experience working in SaaS environment




Sourav Jha
408-746-1812
IDC Technologies Inc.

IT Security

IT Security
Culver City, CA
12+ Months
Telephonic + Face 2 Face

Job description:
  • Lead or manager experience
  • Strong infrastructure logs and security experience
  • ISO experience
  • CISM or CISP
  • Patch Management
  • Penetration Testing
  • Privileged Account Management
  • Windows system administration and Active Directory



Vijay Saraswat
IDC Technologies, Inc
Work: 408-827-9854

Mailto: vijay.saraswat@idctechnologies.com
 

Sr. Application Security Engineer

Sr. Application Security Engineer-(937597N)
Job Responsibilities 
  1. Maintain the day to day operations, configuration and scaling of the SAST, DAST, CLM & Mobile Automated assessments
  2. Assist with the development and maintenance of automations as part of the enterprise DevSecOps model to ensure assessments are being performed regularly and data results are available for consumption by stakeholders
  3. Be subject matter expert on common web application security findings such as the OWASP top 10 and provide remediation recommendations
  4. Assist with false positive reports from developers for findings from the static or dynamic assessment platforms and develop false positive reduction strategies and guidance
  5. Support triage and validation of security vulnerabilities detected in production and/or reported via responsible disclosure processes
  6. Maintain and compose operational process documentation regarding program execution.
  7. Interface with other CIS organizations such as Governance, Risk, Business Information Security and Threat Intelligence to report on program status and coordinate risk identification
What We're Looking For:
To make it clear, we're not looking for just anyone. We're looking for someone special, someone who
has in-depth experience and clearly demonstrates these skills:
  1. Bachelor's degree in Computer Science, Information Technology, Cyber Security, or related discipline or equivalent experience
  2. 5+ years of IT professional experience, with previous information security experience
  3. Direct experience maintaining enterprise level static & web application assessment platforms such as Microfocus Fortify & WebInspect, Veracode, WhiteHat, AppSpider, etc
  4. Intermediate to advanced knowledge of secure code development practices and OWASP Top 10 web application security issues
  5. Expertise in interpreted languages (Python, Javascript) and compiled languages (Java, .Net) with full-stack development experience and strong knowledge of software development lifecycles
  6. Previous experience deploying and maintaining configuration as code systems, services, containers and applications in AWS, Azure and/or GCP
  7. Experience with data analytics with the ability to provide qualitative analysis and recommendations
  8. Strong verbal and written communication skills
  9. Strong attention to detail, data accuracy, and data analysis
  10. Self-motivated and operates with a high sense of urgency and a high level of integrity
Previous experience working in large scale environments with diverse technologies

Required

  • .NET
  • DATA ANALYSIS
  • DATA ANALYTICS
  • GCP
  • INFORMATION SECURITY

Additional

  • JAVA
  • JAVASCRIPT
  • MICROFOCUS
  • PYTHON
  • QUALITATIVE ANALYSIS
  • SECURITY
  • SOFTWARE DEVELOPMENT
  • CODING
  • CYBER SECURITY
  • DOCUMENTATION
  • ENGINEER
  • GOVERNANCE
  • MAINTENANCE
  • MARKETING ANALYSIS
  • MICRO FOCUS
  • OPERATIONS
  • PROCESS DOCUMENTATION
  • QUANTITATIVE
  • REMEDIATION
  • STRUCTURED SOFTWARE
  • SUBJECT MATTER EXPERT


Jessica Hughes | Centizen, Inc. | 503-922-0469

Senior Java Developer

Senior Java Developer
Charlotte , NC
fulltime


Skills Required:

Relevant Experience
(in Yrs)-6+ Yrs
• Technical/Functional Skills -Good and Hands on experience in designing and developing applications using Java EE platforms.
• Good Object oriented analysis and design using common design patterns.
• Experience in production support of critical business applications utilizing Java, J2EE.
• Knowledge on frameworks (Struts/Spring/JSF), Web Services, Apache Tomcat, IBM Websphere Application Server, SiteMinder, jUnit testing.
• Good communication, interpersonal skills backed by sound analytical, technical and leadership skills.
• Experience in monitoring tools – Dynatrace, Nimsoft and SolarWinds
• Results oriented, focused on meeting deliverable timelines & Eagerness to learn new technologies.
Experience Required-6+ Yrs
• Roles & Responsibilities-Involving in trouble shooting application server, web server logs and analyzing them using Log Analyzer in case of any critical issue and providing thread dumps to the application teams.
• Configuring SPLUNK to monitor the logs, collect metrics for reporting.
• Assist Development team for onboarding new consumer
• Guiding Application monitoring team to make the application monitored both on infrastructure level and application performance level
• Generic Managerial Skills-Develop and maintain positive working relationships with team members and other stakeholders, including business partners and all levels of IT leadership.
• Provide mentoring to fellow administrators.


Nitish Yadav
Work: 408-418-5778  EXT 3058
Mailto: Nitish@idctechnologies.com

Wednesday, September 25, 2019

Application Security Engineer

Position: Application Security Engineer
Location: Santa Clara, CA
Duration: Long Term

Responsibilities:
• Act as liaison between Security and software development teams
• Assist development teams implementing secure SDLC practices
• Threat model web applications and work with development team throughout the SDLC
• Perform web application vulnerability assessments and penetration tests
• Provide security and compliance requirements for software development projects
Required Qualifications:
• BS in Computer science or equivalent experience
• Experience in web application security testing (assessment/penetration testing)
• Familiarity with OWASP guidelines
• Knowledge of agile and secure SDLC
Additional Preferred Qualifications:
• One or more Certifications (CISSP, GWEB, GPEN, GWAPT, OSWE, OSCE, OSCP)
• Software development or scripting experience (Python, Shell, Java, json, Scrum, Jira, etc)
• Familiarity with network and web application protocols (Http, Https, TCP/IP, SAML 2.0, OAuth 2.0, Rest APIs, etc)
• Knowledge or experience implementing SDLC frameworks like OpenSAMM or BSIMM
• Database knowledge


Priyanka Sharma
Technical Recruiter

Shimento Inc.
1700 N Broadway # 300 Walnut Creek, CA 94596
(O) 510-402-2460 (Mail) priyanka.s@shimento.net