Monday, April 29, 2019

Cyber Security Technology Business Risk Advisor/Analyst

Job Title: Cyber Security Technology Business Risk Advisor/Analyst
Location: San Francisco/ Sacramento, CA
Duration: 8+ Months
Qualifications:
 
Top 3 Skills:
  1. CISSP Certification (or CCSP – Cloud)
  2. Previous experience with cybersecurity project consulting / risk assessments
  3. Experience / Knowledge of cybersecurity best practices and standards (i.e., NIST, ISO)
 
Required:
  • B.S. degree in Computer Science, Information Systems or other related field, or equivalent year work experience Minimum of 6 years of experience in IT, critical infrastructure, intelligence, and/or cybersecurity information security
  • Knowledge of Cybersecurity best practices and standards (e.g. NIST, ISO, etc.)
  • Demonstrated problem analysis and decision-making skills
  • Excellent written and verbal communication skills required
  • Ability to travel up to 10%
 
Desired:
  • Master’s Degree in Computer Science or job-related discipline or equivalent experience
  • Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
  • Experience in software development and client engagement with either Java/Spring or C#.Net or Python
  • Understanding of computer networking concepts and protocols, and network security methodologies
  • Ability to communicate and convey complex IT/OT technical security related concepts to business and technology teams Ability to influence and work with and across all levels within the business
  • Utility Experience
  • CISSP certification, or ability to obtain via self-study within one year of date of hire, other relevant IT/Cloud or security certifications.
 
Responsibilities:
  • Leads security reviews for company-wide project engagement; identifies gaps in security designs and guides the business to implement necessary security controls
  • Translates complex technical requirements to non-technical stakeholders
  • Develops cloud-based security controls using knowledge of cloud service and deployment models, container technologies, associated tools and best practices
  • Actively recommends engineering solutions in collaboration with Cybersecurity Architects and product owners to remediate inherent cyber security risks
  • Leads technology assessments to understand capabilities of required systems or networks
  • Identifies and recommends cyber strategies for technology development based on stakeholder requirements
  • Provides peer review and support for organizational deliverables



Rishab Sharma |Technical Recruiter| Spectraforce Technologies, Inc.
Email: rishab.sharma@spectraforce.com | 919-230-9952/800-204-6186 Ext: 5055
Connect with me on Linkedin
Visit us - www.spectraforce.com
 
919-230-9952 Ext 5055
rishab.sharma@spectraforce.com

Security Analyst, Sr.

Position Details
Title : Security Analyst, Sr.
Location : Pleasanton, CA
ID :  9141436
Client : GAP

Job Description
  • Security Administrator, eDiscovery & ForensicsThe Security Administrator reports t is a member of a larger Security Engineering and Operations (SecOps) organization that designs, deploys and operates security tools.
  • The Engineer will also be architecting solutions and services, maintaining existing applications and infrastructure, migrating existing solutions to the cloud, and deploying security in depth across *** Inc.

Job Requirement
  • Daily maintenance and administration of all software and hardware used by the eDF team(EnCase eDiscovery, Office 365Administration, Symantec Endpoint Protection, Symantec Data Loss Prevention, Carbon Black).
  • Familiarity with network activity analysis using various logging solutions and aggregators including PAN, and Splunk.
  • Advise and implement architecture, management, and access control for solutions supporting the eDiscovery and Forensics, and Legal teams. Windows server management Linux server management Identity Access Management Understanding of encryption keys and how they are used for authentication Understanding of computer hardware and low level systems (Operating Systems) with the ability to define requirements for servers and networks that support our eDiscovery solutions.
  • Experience with cloud solutions such as Azure and AWS.
  • Experience with Microsoft Exchange and 0365.○Exchange Admin Center○EOP/ATP○Blacklisting/Whitelisting Exchange Transport Rules○DMARC/DKIM/SPFREQUIRED QUALIFICATIONS:
  • Strong knowledge of Microsoft Windows administration (including Windows Server 2016, IIS, Active Directory, Group Policy management).●Strong knowledge of Microsoft Exchange and 0365 environments.
  • Proficient in at least one scripting language (e.g. Python, Ruby, etc.).
  • Strong knowledge of and experience with PowerShell.
  • Familiar with cloud environments (Azure, AWS, Oracle, etc.).Experience Requirements:
  • 3+ years of experience building secure systems, networks and infrastructure. Knowledge & Skill Requirements:
  • Strong Microsoft Windows administration skills.
  • Proven understanding of cloud solutions including “lift and shift” and security solutions.
  • Knowledge of data management (architecture, movement, and mapping) a plus.
  • Strong written and verbal communication skills to influence others.



Ahmed Lakhani
Senior Technical Recruiter
Office: 510–338-9780
ahmed.lakhani@adroitresources.com

Security Operations Lead

Position                  :  Security Operations Lead
Location                 :  Melville , NY
Duration                :  Contract
Need passport number in case of h1b and ead-gc
Job Description:-
This position is assigned to the Security and Compliance Operations Team. The primary purpose of this position is to help in auditing, secure architecture and compliance of Resideo products, platforms, Infrastructure etc. Understand all the security services like SOC, VM, Security Audits, IAM, Risk Management, BCP & DR, etc. and be an advisory for improvements in each of this area.
Key Tasks and Responsibilities:

• Articulating, designing and documenting solutions for security services like SOC, Audit, IAM, VM, Risk Management, BCP and DR, DLP etc.
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; supporting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
• Perform security audits on regular basis, ensure compliance for all products, regular VM operations in place, proper BCPs held for projects, operational DR in place, etc.
• Perform and support internal & external audits against multiple standards / requirements to ensure compliance (NIST, HIPAA, PCI, etc.)
• Exercise implementation and/ or audit of security controls, standards (CIS Controls, ISO 27001)
• Support and maintain enterprise security policies and procedures
• Assist in the coordination and completion of information security operations documentation
• Work with Product Security and Enterprise Security management to develop strategies and plans to enforce security requirements and address identified risks
• Provide direct support to the business and Product teams for security related issues and gaps.
• Maintain an awareness of security and control issues in emerging technologies
• Report to management concerning residual risk, vulnerabilities and other security exposures; including misuse of information assets and noncompliance
• Liaison with different teams for validation/approval of proposed solution
• Oversee technological upgrades/improvements and propose tools/automation in all services
• Applying security in DevOps cycle to bring in security in early phases of development
• Manage and configure DR and data backup systems
• Working knowledge of systems security of operating systems, network, firewalls, antivirus and patch management
• Apply domain expertise and innovative ideas to architect/design solutions, evaluate multiple options to meet product requirements
• Multi-vendor product (HW and SW) awareness and their practical applications
• Other tasks and responsibilities as assigned
Required Skills
• Typically has 7 or more years of security architecture and audit experience
• Excellent knowledge in security procedures and protocols
• Outstanding organizational and leadership skills
• Ability to work independently, under general guidance
• Ability to lead project deliverables through to completion
• Professional oral and written communication skills
• Relevant software or application skills to complete job successfully
• Problem solving and troubleshooting skills with the ability to exercise mature judgment
• CISA, CISSP, CISM certifications preferred


Anuj Chauhan
Technical Recruiter
Amiga Informatics Inc.

Direct No +1-516-531-2115/ Contact No +1-516-531-9060 Ext. 144

Application Security Engineer

Position:- Application Security Engineer
Location:- Alpharetta, GA
Duration:- Long Term/Full Time
Interview:- Skype, Web EX

[Open for all visa, EAD fine with PPN Only]

Responsibilities:-

  • Participate in end-to-end Security Engineering activities of the project, program or engagement.
  • Architect and Design security controls and policies to be implemented organization/application wide.
  • Revise existent security policies and procedures as well as propose new ways to get better data protection
  • Perform security auditing of design, configuration, application code, and necessary functionality to ensure verifiable security compliance throughout the System Development Life Cycle (SDLC).
  • Capable of evaluating & improving security posture throughout the SDLC.
  • Expertise in Secure Dev Ops implementation.
  • Review project work to assess compliance with policy, evaluate architecture usage, and identify needed improvements to the architecture and guidelines.
  • Conduct security requirements engineering, and protection needs elicitation in order to document customer security concerns and issues.
  • Assist security test planning and implementation based on perceived security needs of the system and the security solution provided.
  • Knowledge of Manual and Tool based Static/Dynamic Audits and Manual Penetration testing for large enterprise applications.
  • Compile reports on security metrics, project status, and compliance.
  • Act as Security Liaison to the project and coordinate with internal security engineering, evidence management and security risk / vulnerability analysis roles.

Requirement:
  • 8 – 12 years of relevant experience in Application Security Domain.
  • Expertise in Secure Architecture, Secure Design and Code reviews.
  • Experience with AGILE, DevSec Ops implementation.
  • Knowledge of Manual penetration testing and Tool based Static/Dynamic Audits.
  • Web, mobile, API, and MicroServices design patterns and architectures.
  • Attack & defensive patterns within those design patterns and architectures.
  • Expertise in various Secure Code Analysis tools like HP Fortify SSC and SCA, Checkmarx; Vulnerability scanners like HP WebInspect and Web proxies like Burp Suite, Fiddler.
  • OWASP Top Ten, CWE, SANS.. etc.
  • AWS, Cloud security.
  • Regulatory regimes like PCI, GDPR, HIPAA, etc.
  • CISSP, OSCP, CEH Certified. (Desirable).
  • Engineering graduate preferably in computers.


Mohd.  Suhail
Technical Recruiter
Amiga Informatics
USA ||Canada ||Hong Kong ||India ||Dubai
USA Direct No  +1-516-430-6831| Amiga Board No +1-516-531-9060 Ext. 111

Security Analyst

Position Title :Security Analyst
Location : SFO ,CA
Client : SCIF
Duration: 6-12 Months 

Detailed Job Description :
CISSP, CISA, or CISM is required

DELIVERABLES:
Primary responsibilities include, but are not limited to the following:
1.            Review and provide recommendations to develop and improve State Fund’s security processes including performing gap analyses and driving assessments.
2.            Participate and/or drive implementation of security environment enhancements.
3.            Knowledge transfer to and training of State Fund employees including documented training materials.
4.            Advise the CISO and ESEC Team on matters involving organizational, strategic, tactical, and security best practices.
5.            Attend meetings/Represent ESEC as a Senior Lead for all security matters.
6.            Act as Lead/Co-Lead/Backup on assigned ESEC projects
7.            Other duties as assigned such as: update of existing security policies and develop new ones, evaluation of security risk assessments, etc.

TECHNICAL KNOWLEDGE AND SKILLS:

•             MINIMUM OF 5+ YEARS OF SECURITY PRACTICES (HANDS ON).
•             TECHNICAL SECURITY PROJECT MANAGEMENT SKILLS
•             WORKING EXPERIENCE USING BEST PRACTICES STANDARDS AND FRAMEWORKS: ISO 27001/27002, PCI:DSS V3; GLBA; HIPPA/HITECH; NIST 800-53; CIS CONTROLS, NIST CSF, CIS RAM
•             WORKING EXPERIENCE, AT A MINIMUM:
o             HARDWARE: NETWORK SWITCHES, ROUTERS, LOAD BALANCERS, SERVERS, STORAGE SYSTEMS, END-USER SYSTEMS, MOBILE DEVICES, OR OTHER DEVICES THAT ENABLE THE ORGANIZATION TO COMPLETE ITS MISSION
o             OPERATING SYSTEMS: UNIX, LINUX, WINDOWS
o             NETWORK: LAN, WAN, INTERNET, PROXY/FILTERING, FIREWALL, VPN, DMZ
o             NETWORK PROTOCOLS SUCH AS TCP/IP, SNMP, SMTP, NTP, DNS, LDAP, NFS, SAMBA, ETC.
o             DATABASES: ORACLE, SQL, MYSQL
o             CLOUD PLATFORMS: IAAS, PAAS, SAAS
o             SECURITY CONCEPTS SUCH AS ENCRYPTION, HARDENING, ETC.
o             SECURITY GRC
o             ACTIVE DIRECTORY
o             PROGRAMMING LANGUAGES ARE A PLUS


PROFESSIONAL SKILLS:
The Consultant resource(s) shall possess most of the following skills:
•             Strong analytical and critical thinking skills.
•             Ability to analyze information and formulate solutions to problems.
•             Provide more in-depth analysis with a high-level view of goals and end deliverables.
•             Remain proactive and complete work within a reasonable time frame under the supervision of a manager or team lead.
•             Plan and manage all aspects of the support function.
•             Extensive knowledge of and proven experience with Information Technology systems, and methods of developing, testing and moving solutions to implementation.
•             Expert knowledge in project management practices and ability to document processes and procedures as needed.
•             Self-motivated/Self-Starter/Proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
•             Ask questions and share information gained with other support team members, recording and documenting this knowledge
•             Elicit and gather user requirements and/or problem description information, and record this information accurately
•             Listen carefully and act upon user requirements
•             Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
•             Follow the lead of others on assigned projects as well as take the lead when deemed appropriate
•             Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
•             Take responsibility for the integrity of the solution
•             Convey and explain complex problems and solutions in an understandable language to both technical and non-technical personnel.
•             Present solutions (technical and non-technical) to management and decision makers
•             Work collaboratively with other support team members and independently on assigned tasks and deliverables with minimum supervision
•             Experience in managing multiple projects.
•             5+ Years’ experience in information security.
•             CISSP.  Other highly desirable security certifications may be substituted for CISSP (for e.g., CISA, CISM, etc.)



Thanks & Regards
Preeti Parmar 
IT Recruitment Consultant 
 Email: preeti.bala@infostride.com
 Office: +1-415-360-1700 Ext. 264

Tuesday, April 23, 2019

Network Engineer

Network Engineer
Fort Worth, TX

Job Description:

        Strong Palo Alto firewall experience
        Should have experience with dealing bulk rule set changes
        Experience in routing/switching
        Proxy experience
        Knowledge on scripting is advantageous (Python) to make changes on Palo Alto with big changes
        Perform network streams migration from one segment to another
        Automate the migration workflow
        Troubleshoot the Palo Alto network firewall issues during migration
        Provide High level troubleshooting and issue resolution.
        Monitors networks and network security systems; tracks, manages, and alerts appropriate parties of vulnerabilities, attacks and other security issues.
        Recommends and implements policies and procedures to ensure adherence to security standards.
        Provides assistance to system users relative to network security matters.
        Performs other job related duties or special projects as assigned
        Demonstrated success in managing, analyzing and solving complex network technical issues.
        Technical knowledge of security configurations, log analysis, intrusion detection and mitigation.
        Solid understanding of network security practices, systems, and standards.
        CCNA Security certification desired

sai.kumar@experis.com

Tuesday, April 16, 2019

Information Security Analyst

Title: Information Security Analyst
Location: Southfield, MI/Lake Forest, IL
Duration: 6-12 Months


Education / Experience:

  • Bachelor’s degree in Computer Science, Information Security and Risk Management, Information Systems, Engineering, Business or related major or commensurate experience Minimum 1-3 years working level experience securing IT systems.
  • Experience in a large-scale global IT enterprise environment.
  • Experience with administration and management of Windows, Linux, UNIX, and mobile operating systems.
  • Experience with the following tools is a big plus:
    • Vulnerability Management, DLP, Firewall Management, Advanced Threat Detection
    • Scripting experience in more than one of the following (Perl, Python, R, bash, PowerShell)
  • Certifications:
    • CISSP
    • GIAC Certifications (GCIH,GCWN/GCUX,GISSP, etc.)
    • Cisco / Microsoft / Red Hat Certificates
    • CEH
    • Knowledge of ISO 2700x, COBIT, 6 Sigma, ITIL a plus.

Skills:

  • Must have experience with SIEM and Event Logging solutions.
  • Must have experience with executing Information Security Incident Response activities.
  • Must be willing and able to quickly learn new technologies and maintain up-to-date knowledge of current security trends and events.
  • Hands on experience in security systems, intrusion detection systems, anti-virus software, authentication systems, log management, endpoint protection, and content filtering.
  • Experience with network technologies and with system, security, and network monitoring tools.
  • Thorough understanding of the latest security principles, techniques, and protocols.
  • Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols.
  • Problem solving skills and ability to work under pressure.
  • Basic project management.
  • Good verbal and written communication skills.
  • Basic financial analysis.
  • Basic network command familiarity.

Amit  Rohila
408-722-9416