Wednesday, May 29, 2019

Security Analyst II

Title: Security Analyst II
Duration: 3 months (Strong possibility for extension)
Location: San Francisco, CA 94114

Job Description
Primary Responsibilities: 

• Participate in planning, scheduling and preliminary analysis for all internal and external audit projects.
• Coordinate audit activities including notification and scheduling for all affected parties of audit timing, scope, objectives, approach and deliverables.
• Work closely with external auditors and internal audit teams on managing and supporting the audits.
• Identify, document, and map technology processes and internal controls of applicable technology infrastructure and operational areas per the scope of the audit project.
• Perform risk assessments of technology infrastructure and operational processes and controls for assigned areas.
• Complete audit testing, inquiry, observation and other analysis required to meet objectives of audit projects.
• Communicate progress and results of audit throughout the audit engagements.
• Develop value added recommendations to deal with issues identified during assigned audits and draft audit reports to formally communicate the results of the audit and related recommendations.
• Monitor implementation of outstanding audit recommendations and validate their implementation.
• Automate manual tasks related to RFIs, Audits and Other compliance programs
• Request and review vendors auditing documentation to insure alignment with Client internal controls and provide assessments and recommendations.

Required Skills & Qualifications: 
• Bachelor’s degree in Information Systems or related field, or equivalent experience
• Certified Information Systems Auditor (CISA) and/or Certified in Risk and Information Systems Control (CRISC) strongly preferred. Other certifications add value such as Certified in Governance of Enterprise IT (CGEIT), Certified Information Security Manager (CISM), Certified Information Security Professional (CISSP), CPA, and/or CIA.
• Minimum 3 years of internal or external audit experience with Big 4 Audit Firms, with exposure to the following compliance frameworks AT101 Type2 SoC1 and SoC2 (SSAE16), ISO2700x, FedRamp, COPPA, ITIL, NIST, PCI DSS
• Understanding of Cloud industry technologies and IaaS, PaaS, SaaS platforms preferred. Ability to quickly acquire and apply knowledge of changing technologies implemented is essential.
• Good understanding of audit process/methodology, and risk management/advisory ability.
• Ability to adapt to a changing environment, meet deadlines and handle multiple projects.
• Experience in using a risk-based audit approach in evaluations of and recommendations for management processes.
• Ability to present audit findings and recommendations in a manner that will be understood and accepted by all responsible parties.
• Possess the tenacity to pursue difficult and sensitive issues to acceptable conclusion
• Excellent communication, interpersonal, time management and issue resolution skills.
• Excellent analytical skills, organizational skills, ingenuity and the ability to work as part of a team

Saideep Thota
Team Lead West Coast Region

Randstad Technologies
P: 646-576-9854
C: 408-818-8682

Monday, May 27, 2019

Security Consultant IT Supervisor II

Job title- Security Consultant IT Supervisor II              
LocationPleasanton, CA
Position- Contract

Our Pleasanton, CA client has a contract position for a Security Consultant IT Supervisor II and I have included the details below.  Could this role be a potential fit for you or anyone you know?
Primary responsibilities include, but are not limited to the following:
·         Support the Chief Information Security Officer (CISO) and Risk Manager in ensuring that policies, practices, and tools to achieve security compliance.
·         Collaborate with Senior Leadership Team members across the organization and provide consultative assistance to other programs related to the Security Plan.
·         Establish and oversee an effective Cyber Security Awareness training program.
·         Evaluate new security technologies to defend against internal and external threats.
·         Participate in short and long range security strategy planning under guidance of the CISO and Risk Manager.
·         Establish a uniform process to mitigate risk and oversee IT Risk Assessments within the established service level agreement (SLA).
·         Track the health of the security policy compliance program and provide executive level reports to stakeholders.
·         Maintain information security specific standards and policies, and ensure the deployment of the desired controls throughout the environment (e.g., Secure Systems Development Lifecycle, etc.).
·         Knowledge transfer to and training of Enterprise Security team members.
Technical knowledge and skills:
·         Five (5) years of information technology experience, including two (2) years of lead/management experience performing a variety of progressively responsible technical and analytical work
·         Minimum of 5+ years of security practices
·         Technical security project management skills
·         Working experience using best practices standards and frameworks: iso 27001/27002, pci: dss v3; glba; hippa/hitech; nist 800-53; cis controls, nist csf, cis ram

Working experience, at a minimum:
·         Hardware: network switches, routers, load balancers, servers, storage systems, end-user systems, mobile devices, or other devices that enable the organization to complete its mission
·         Operating systems: Unix, Linux, windows
·         Network: lan, wan, internet, proxy/filtering, firewall, vpn, dmz
·         Network protocols such as tcp/ip, snmp, smtp, ntp, dns, ldap, nfs, samba, etc.
·         Databases: oracle, sql, mysql
·         Cloud platforms: IAAS, PAAS, SAAS
·         Security concepts such as encryption, hardening, etc.
·         Security GRC
·         Active directory
·         Programming Languages Are a Plus

Professional skills:
·         The Consultant resource(s) shall possess most of the following skills:
·         Strong analytical and critical thinking skills
·         Excellent written and oral communication skills to effectively communicate across all levels of the organization
·         Proven ability to present to a Senior Management Level and Executive audience
·         Working experience of security, policy compliance, and governance frameworks including the NIST-800 series, PCI, ISO 27001/27001, ITIL, and COBIT
·         Expert knowledge in security project management practices
·         Self-motivated/Self-Starter/Proactive, working closely and actively communicating with team members to accomplish time critical tasks and deliverables
·         Working experience in a highly regulated environment and managing information risks and expectations across multiple stakeholder groups
·         Working experience of emergent security risks
·         Convey and explain complex problems and solutions in an understandable language to both technical and non-technical persons
·         Think creatively and critically, analyzing complex problems, weighing multiple solutions, and carefully selecting solutions appropriate to the business needs, project scope, and available resources
·         Take responsibility for the integrity of the solution
·         Ability to be a strategic thinker
·         Demonstrated ability to influence others
·         Experience in managing multiple projects.
·         5+ Years’ experience in information security.

Zain Roy| Technical Recruiter

Cloud Security Architect

We are seeking a Mid-Senior Cloud Security Architect in Chicago, IL for a Full time role. Responsibilities include designing and developing security policies, standards and procedures for secure cloud technology solutions.

8+ years of technical hands on experience designing cloud security solutions
Past experience working with stakeholders presenting solutions
Experience in Risk Management
Prior security solution implementations
Strong experience in one or more cloud technologies - AWS, Azure, Google Cloud. 
Strong communication skills.

***We are unable to sponsor a visa at this time.
Must be US Citizen or Green Card holder 
No 3rd party candidates - No H1B, OPT EAD, or any visa candidates

If you are interested and available, please forward your resume to for immediate consideration.

Business Analyst II

Job Title: Business Analyst
Location: Sunnyvale, CA 94085
Job Duration: 6 plus Months
Type Of Hire: Contract
No: of Positions: 5

Primary Skills: Business Analysis, BRD, implementation, Oracle R12 ,Coupa 
1. Role of a BSA
2. Work with Business, internal IT team and be part of a Coupa ( software ) implementation
3. Ability to write BRD, FD's and help business with testing
4. Communicate with IT leadership and also Biz
1. Two end-to-end life cycle implementations in the field of Procurement ( R12) 
2. Experience in Coupa will be add-on
3. Min 4 years of experience in BSA role / min two implementations at a client place 
Education:Bachelor's Degree in Finance or Accounting 

Vijay (VJ)
Saicon Consultants, Inc.
(913) 257-3377 Ext. 131
Address: 9300 W 110th St #650, Overland Park, KS 66210, USA

Cyber Security Controls Assessor

Job Title: Cyber Security Controls Assessor
Location: San Francisco, CA
Duration: 12 Months
• Execute and support Third party vendors security and risk assessments, audits, tests, and verification activities.
• Validate controls are operating effectively.
• Work under consultative direction to review test results or interpret evidence.
• Within area(s) of specialty, develop control test procedures, vulnerability-testing code writing capability, and other analytical tools to support Third Party Security and Risk Management activities and services.
• Document results of assessments, audits, tests, and verification activities.
• Create and maintain Third Party Security and Risk group, project, and service-aligned documentation.
• Perform or support review of security control modifications, as required.
• Develop ability to speak and understand security terminology, especially those related to Information Assurance.
• Conduct Security Testing and Generate Risk Scores on all Assessment Findings. Support periodic reporting 
  • Bachelors in Computer Science, or related discipline, or equivalent experience Certified Information Systems Security Professional (CISSP) certification, Certified in Risk and Information Systems Control (CRISC) certification, Certified Information Systems Auditor (CISA) certification.
  • Experience in Information Technology (IT) risk management, or related.
  • 5years Experience in Information Technology (IT)
  • 5years Utility industry experience 

Diksha Rajpal | Recruiter
Spectraforce Technologies Inc.
Phone: 919 230 9952  Extn: 4662
Fax: 919-573-9398
Visit us :
919 230 9952 Ext 4662

Security Engineer

Job Title: Security Engineer 
Location: Charlotte, NC (Onsite)
Duration: 12 Months+ Highly possibility of Extension

The Reg and Audit team serve as support liaison across all 3LOD, between Advocacy and Oversight’s (A&O), Regulatory Support and Advocacy Team (RSA), Cybersecurity, and other business partners to successfully address current, and prepare for  future audits and examinations.  Ensure the effective monitoring of examination activities, and to identify and escalate issues to senior management in real-time. Ability to collaborate and lead all stakeholders to a common understanding while managing expectations.

Other key responsibilities include but not limited to:  Serve as a central point of contact with regulators/auditors and the business.  Respond to regulator/auditor requests timely and accurately.  
•Control of management information submissions; including the gathering and packaging of artifacts through coordination and scheduling meetings with key participants/SMEs. 
•Provide assessment and assistance to the business lines’ preparedness for the examination process; includes coaching/training business lines on examination protocol. 
•Coordinate and review examination response as part of quality control process. Must be able to manage issues; provide visibility and escalation, when needed. 
•Monitors the full lifecycle of a regulatory issue /Management Actin Plans (MAPs) identified—from identification to closure to validation. 
•Provides input to strategic decisions that affect the functional area of responsibility. Prepare reports for senior/executive management teams, detailing Issues, MAPs, examinations, audit information that may impact the Cyber’s regulatory compliance.

• Experience using Archer.
• Experience with Audit preparation activities including evidence gathering and submission, ensure successful management action plan (MAP) implementation, management reporting.
• Knowledge of information security frameworks and industry regulations (NIST, ISO, CoBIT, NYDFS, SOX) preferred
• Experience with Information Security frameworks preferred
• Strong interpersonal skills to lead projects with excellent influencing and problem resolution skills
• Effective leadership skills with the ability to create empowered teams including knowledge sharing, documentation, timeliness and proactive planning

Shubham Tiwary
Associate Technical recruiter
eTeam Inc.
(732) 318-3784
1001 Durham Avenue, Suite 201,South Plainfield, NJ 07080
South Plainfield, NJ, 07080

Security Threat Analyst

Position Summary
Currently located in Concord, CA, this position is in our Security Intelligence and Operations Center and is responsible for monitoring, detecting, and responding to cybersecurity activity across telecommunication and data computing infrastructure.
Response could include but is not limited to: troubleshooting, analysis, diagnosis, communicating with stakeholders, and resolution or coordination of resolution via support groups or business units.
This position is on one of three shifts and requires the ability to think analytically, work collaboratively, and document all work being performed.
• Monitor incoming event queues for potential security incidents; identify and act on anomalous network activity
• Perform initial investigation and triage to senior analysts with proper documentation for potential security incidents
• Perform hunting for malicious activity across the network and digital assets
• Perform detailed investigation and response activities for potential security incidents
• Ability to perform payload analysis of packets
• Ability to detonate malware to assist with threat research
• Recommends implementation of counter-measures or mitigating controls
• Ensures all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment
• Collaborates with technical and threat intelligence analysts to provide indications and warnings, and contributes to predictive analysis of malicious activity
• Assist in mentoring junior staff in cybersecurity techniques and processes
• Assist in creation and continuous improvement of standard operating procedures used by the SIOC
• Monitor external event sources for security intelligence and actionable incidents
• Must comply with any regulatory requirements 
*TOP THREE** The top three things we are looking for are:
1. Prior Security Operation Center (SOC) experience
2. Strong networking skills
3. Event Monitoring / Incident Response
 Minimum Qualifications:
• Bachelor's degree in Computer Science or related field, or equivalent work experience
• 2 years of relevant work experience within security information technology
• Experience in network security monitoring, network packet analysis and / or host forensics.
• Good networking knowledge – TCP/IP protocols, OSI model, Firewalls and other networking devices
• Strong customer service skills and decision-making skills
• Good analytical skills – ability to analyze and think out of the box when working a security event
• Self-motivated, methodical and detail oriented Desired Qualifications
• Utility Industry experience
• Formal IT Security/Network Certifications such as: CompTIA, SANS GIAC, ISC², CCNA
• Prior SIEM experience – Security Information & Event Management system, log aggregation and event notification tool such as IBM QRadar
• Extensive experience in industry well known as well as open source Network and/ or Host forensic tools
• Familiarity with scripting languages such as Python, Perl, PowerShell 

Spenser Bradley
Account Manager
Randstad Technologies
1545 River Park Drive, Suite 501
Sacramento, CA 95815
T  916 256 3696 
M  916 402 5838

Senior Security Analyst Lead

Position: Sr. Security Analyst Lead
Location: Los Angeles, CA 
Duration: 2 Years
Hours estimated: 3800

  • Onsite on Metro facility.
  • Work period, generally, 40 hours per week: 8 hours/day
Job Summary:
The Sr. Security Analyst / Lead will work under the direction of the DEO, Enterprise Information Security. Their responsibilities include, but are not limited to:

  • Identify solutions to complex security data protection technologies that enhance business services. Perform comprehensive technology review and provide technical summary of the solutions based on business use cases.
  • Lead data protection policy reviews and provide recommendations utilizing technologies such as Data Leakage Protection and Encryption services and others.
  • Lead projects on the design, implementation, operation and maintenance of security applications and tools based upon the established security architecture.
  • Develop and maintain security requirements, and build on security framework.
  • Lead in the identification data protection services to best fit a business need.
  • Review data protection requirements of business functions and document the available solutions and processes.
  • Monitor security blogs, articles, and reports to remain up to date on the latest security risks, threats, and technology trends.
  • Build communication channels with LA Metro functional service area teams, gathering information how to support their needs and provide enhanced data protection services. Regularly interacts with Senior Managers, and occasionally on matters requiring coordination across department and divisions.
  • Assist with the development, deployment and support of Data Protection solutions.
  • Assist with development and communication of information protection guidelines and requirements.
  • Lead large scale projects for security functions.
  • Provide guidance to junior Security staff and contractors.
  • Performs other job-related duties as assigned.
Proposed Firm's personnel must possess demonstrable knowledge in the following areas:

  • Must poses decision making capacity and ability to use good judgment.
  • Works on highly complex and unique issues where analysis of situations or data requires an evaluation of intangibles. Exercises independent judgment in methods, techniques and evaluation criteria for obtaining results. Subject-matter expert providing resolution to problems with some oversight.
  • Exercises independent judgement towards solutions and presents to members of Cyber Security leadership.
  • Often provides technical leadership to contractors and team members on special/complex projects and/or key business objectives.
Proposed Firm's personnel must have the following minimum technical qualifications:
  • Certifications: CISSP (Required), CISA (Preferred)
  • Years of Experience: 5+
  • May vary by specialization but may include solid understanding of project management, application security concepts, data protection, and mobility security integration.
Additionally, they should be a subject-matter expert in the following:
  • Data protection and encryption technologies
  • DLP, and other related data protection technologies
  • Technology research
  • Microsoft Office skills
  • Industry security frameworks
  • Operational experience with various commonly used operating systems and services
  • Network communication basics
  • 2 Years
  • Start date immediately upon award of contract.

E TalentNetwork
8251 Greensboro Drive, Suite 250 Mclean , Virginia - 22102

Information Security Analyst

Role : L2 level Threat Detection Analyst/Information Security Analyst
Location: - Stamford, CT
Duration: 6+Months
•          Responsible for taking action on events, alerts, and incidents escalated from the Level 1 Analyst.
•          Act as a lead for Email threats to understand why the targeting occurs.
•          Triage malware alerts, their priority and the need for escalation.
•          Monitoring for emerging threat patterns and vulnerabilities.
•          Troubleshoot basic script errors and security tool misconfigurations.
•          Coordinates with information technology stakeholders.
•          Communicates with management on incident updates.
•          Able to run down an event or alert from start to finish without higher level supervision.
•          Minimum IT Diploma Holder or equivalent and 3 to 5 years of Experience with Incident Management for Security incidents.
•          Ability to work in rotating shifts and also be on-call outside of shift hours on a regular and recurring basis.
•          Possess personal and professional integrity. Individuals will be required to submit to a background examination.
•          Good oral and written communication skills.
•          Ability to take initiative and ownership of incidents from reporting to resolution.
•          Ability to understand business impact.
•          Previous experience leading teams and providing guidance to fellow employees.
Desired Characteristics:    
•          Experienced in performing basic and medium level forensic analysis on Microsoft Windows and Unix systems.
•          Identify and evaluate malware related compromise artifacts.
•          Possess comprehensive understanding of and substantive experience in the areas of network systems engineering, computing systems and software applications.
•          Demonstrate prior experience using network analysis tools, scripting languages, software vulnerabilities, exploits and malware.
•          Experience of working in a high volume and result-oriented operational environment.
•          Ability to assume leadership role on ad-hoc basis for managing Level 1 Analysts.
•          Ability to mitigate command and control attempts by recommending defensive technology configurations.
Desired Certifications:
•          SANS GIAC Certified Incident Handler (GCIH)
•          SANS GIAC Certified Intrusion Analyst (GCIA)
•          EC2 Certified Ethical Hacker (CEH)

Rizwan Ansari
Sr. Technical Recruiter
(201) 340-8700 Ext.407 | (201) 479-1096
Address: 317 George St. Suite 220, New Brunswick, NJ, 08901

Thursday, May 23, 2019

PEGA Developer

Position: PEGA Developer
Location:  Irving, TX
Contract for 1+ Years

Job Description:

5 plus years of experience implementing (hands on) PRPC application including case management implementation.
Experience in Pega UI development
Pega CSSA certification.
Pega 7 experience preferred .
8 plus years of diverse experience in IT is preferred
Has expert knowledge of the PRPC architecture, security model, and service interfaces.
Has expert PRPC knowledge based on in-depth experience and successful projects.
Designs and codes from specifications, analyzes, evaluates, tests, debugs, documents, and implements moderately complex software applications
Under general direction, devises or modifies procedures to solve complex problems considering computer equipment capacity and limitations, operating time, and form of desired results
Competent to work at the highest technical level of all phases of applications programming activities
Monitor program execution for expected performance
Agile/Scrum concepts
Modifies, installs, and prepares technical documentation for system software applications
This email and any files transmitted with it are confidential and or privileged information internal to our organization and intended solely for the use of the individual(s) or entity or entities to whom they are addressed. This message contains confidential information and is intended only for the recipients. If you have received this email in error please notify the sender by replying to this email and then delete this message and any attachments. If you are not the named addressee you may not disseminate, distribute or copy this e-mail. If you are the intended recipient you are notified that unauthorized disclosure, copy, storage, or distribution of this information is strictly prohibited.