Saturday, April 4, 2020

Data Privacy and Security

Position Type:                   Data Privacy and Security 
Duration:                           Long Term 
Location:                           Tempe, AZ  

Job Duties/Responsibilities:
15 years of experience with a minimum of 6-7 years of experience in Data Privacy and Security
AWS Cloud implementation background is a Value ADD
Excellent communication skills

Yashpal Thakur
yashpal.t@shimento.net
Shimento Inc.
1700 N Broadway # 300 Walnut Creek, CA 94596
(D) 424-285-5620 (Yashpal.t@shimento.net)
www.Shimento.com

Tuesday, March 31, 2020

Information Security Analyst III

Role: Information Security Analyst III

Location: Sunnyvale, CA

Duration: 12+ Months

Responsibilities:

This information security analyst will understand governance, risk and controls strategy for information security and product security and will be responsible for documenting the security policies, security procedures, product architecture topology diagrams and data flows, security controls definition and implementation details.
This person will also closely work with the security and product engineering staff members to assess the current state and maturity of various controls, find gaps and define roadmap to address those gaps.
The analyst will mainly focus on security-related documentation required for internal and external/audit consumption to obtain industry certifications like PCI-DSS compliance, ISO 27001, SOC2 and SOC3 certifications and other similar regulatory certifications.
This person will also focus on enabling to be an integral member of Cloud Security Alliance (CSA) and submit the self-assessment documents.
The analyst must have deep understanding of technologies, tools and architecture related to Threat and Vulnerability Management, DevSecOps, Customer Facing IAM, Employee facing IAM, infrastructure security, data security and security intelligence involving SIEM tools implementation and SOC functions.
Excellent verbal and written communications are required.
The security analyst should have deep understanding of business context of IaaS PaaS and SaaS cloud offferings and what it takes to secure these product offerings.
The analyst should also be able to translate the security implementation into risk and governance language for consumption by legal, privacy, internal audit and external auditors.
The analyst should also understand NIST and COBIT control framework and should have prior experience of helping an organization go through the certification process for certifications like ISO 27001 SOC2 etc.
Knowledge of and experience in ITSM business processes and the corresponding documentation is required..
CISST, CISSA – certifications.
 

Nitin Gera | 408.503.6915 | nitin.gera@amiseq.com
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Monday, March 30, 2020

Cyber Security Controls Assessor

Job Description:

Role: 
IT - Cyber Security Controls Assessor

Location: San Francisco /Sacramento/ San Ramon/ Concord

Duration: 12+ Months

Qualifications:

Bachelors in Computer Science, or related discipline, or equivalent experience.
Experience in Information Technology (IT) risk management, or related
5 yrs Experience in Information Technology (IT)
5 yrs Utility industry experience 
Certified Information Systems Security Professional (CISSP)
OR
Certified in Risk and Information Systems Control (CRISC)
OR
Certified Information Systems Auditor (CISA) 

Nitin Gera | 408.503.6915 | nitin.gera@amiseq.com
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Network Security Engineer

Job Title: Network Security Engineer
Location: Richardson,TX 
Duration: Contract

Job Description:

Bachelor's Degree in the Information Technology, Information security , or related fields preferred
Minimum 5-7 years in the Information Security field in a client-facing security services advisor, security analyst, security engineer
Must have background, experience, and understanding of networking and network security technologies such as Firewalls, IDS/IPS, Proxies, Content Filtering, Application security, SIEM and Log, monitoring/management, Vulnerability Management, Risk and Compliance
Previous experience in an operations, engineering or other technical role within networking, network security, IT and/or telecommunications field, particularly in a client facing role
Ability to analyze log data, threat data, and threat intelligence information, interpret, and communicate derived meaning to client with recommendations for risk mitigation strategies
Expert level knowledge of Cisco ASA/ Palo Alto
Has significant experience working in large-scale, enterprise strategic initiatives
Illustrates advanced knowledge of internal and perimeter security controls, network architecture, advanced network security platforms
Strong analytical skills, technical writing skills, communication skills, crisis management skills
Network Security certifications (CCNP Security , PCNSE, CEH, Security+, Vendor Certificates) preferred
Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred
Non-Technical:
Possesses solid communications skills, both written and verbal
Demonstrates solid analysis skills
Responsibility of / Expectations from the Role
Expertise of Cisco ASA, Palo Alto or VM NSX
Deploy network security solution across enterprise
Work with various stakeholders in implementation of the technology
Knowledge sharing with network team
Help in reporting

Reena Kumari
Sr. Engineering Recruiter
eTeam Inc.
(732) 338-2745
1001 Durham Avenue, Suite 201,South Plainfield, NJ 07080
South Plainfield, NJ, 07080

Saturday, March 28, 2020

Cyber Threat Analysts

W2 pay rate: $50-$70 hourly
Job # 9969823
Onsite Work Location: St Louis MO  63134 or Franklin Lakes, NJ  07417 following Covid 19
10 month contract

Cyber Threat Analyst
Duties: The  Information Protection Senior Advisor drives Security and Privacy monitoring and alerting solutions across business segments and supports objective and professional analysis and response to security policy violations. The ideal candidate will have excellent analytical skills, a background in cyber security, and intermediate-level technical skills. The candidate will be recognized internally as a subject matter expert who provides expert counsel on complex Information Protection assignments/projects. The role requires the ability to analyze complex information security issues, to recommend solutions to functional leaders and key stakeholders, and the ability to apply the technical solutions.
FUNCTIONAL RESPONSIBILITIES
Apply understanding of threat actor TTPs, threat intelligence, vulnerability data and other relevant threat-related information to the development of threat detection use cases.
This position will be responsible for creating and managing custom monitoring and alerting solutions in Splunk in partnership with various customers and product owners in order to provide business and security value.
Develop and manage custom Tanium signal content
Leverage big data analytic tools to identify anomalous activity
Leverage Kanban methodology in support of an agile framework to develop content in accordance with established SLA's
Utilize Content Governance to ensure all content is documented, inventoried and aligns to naming standards and best practices
Manage the lifecycle of all content, including operations and maintenance routines to ensure contents continued viability and relevance
Perform functional, user-acceptance, and regression testing in support of SDLC practices
Continuously improve processes and operationalize new and innovative detection techniques to drive maturity
Apply thought leadership within Information Protection and across broader projects that impact the extended business environment.

Bachelor's degree in related field with 3 years of experience.
Master's degree in related field with 1 year of experience
5 years relevant experience without Bachelor's Degree.
Ability to write scripts in Python or PowerShell required
Strong pattern recognition and deductive reasoning skills
Strong understanding of malware techniques and host-based forensics
Experience with statistical analysis is a plus
Familiarity with the Cyber Kill Chain, Diamond, VERIS or ATT&CK modeling is a plus.

Skills and Experience:
Required Skills:
FORENSICS
INFORMATION SECURITY
MAINTENANCE
MALWARE
OPERATIONS
Additional Skills:
REGRESSION TESTING
SDLC
SECURITY
CYBER SECURITY
GOVERNANCE
KANBAN
SPLUNK
STATISTICAL ANALYSIS
SUBJECT MATTER EXPERT
THOUGHT LEADERSHIP
USE CASES
PATTERN RECOGNITION
PYTHON

Please send resume for immediate consideration

  Erika Marsek | Technical Recruiter
  Strategic Staffing Solutions
  200 N Broadway Suite 1720, St. Louis, MO  63102
  emarsek@strategicstaff.com
  www.strategicstaff.com

Network Security

Job Title: Network Security
LocationSan Diego, CA
DurationContract
Job Description: Network Security Engineer. (L3)
Technical skill set
  • Must have hands on experience in managing Palo Alto firewalls not limited to managing multi VSYS instance, BGP peering, security policies management
  • Hands on experience in managing threat prevention components of Palo Alto firewall
  • Strong Experience with BGP route reflector and all other routing protocols
  • Troubleshoot network route related issues and recommend best practices that helps to prevent any issues that impacts the network
  • Should have good troubleshooting skills – ability to analyse network packet captures, ability to isolate the cause of an issue, working with various support teams to resolve day today issues
  • Good to have experience with VMWare NSX firewall and Juniper SRX
  • Strong experience with Security (IPSEC / SSL-VPN / NAT)
  • Should have good presentation skills - shall be able to participate in the review meetings and be able put across the points of concern
  • Should have Capability to conduct risk analysis, impact analysis, dependencies on customer/internal teams,
  • Knowledge and experience of working with ITIL Processes
  • Preference would be given to candidate holding PCNSE

Non-Technical Responsibilities
  • Coordinate with other team members for availability of capable resource
  • Ensure quality work - review and validate the technical configuration changes
  • Coordinate with COE resources for resolution of technical issues/problems before escalation to OEM

Technical Responsibilities
  • Configuration and management of all firewalls,
  • Manage security policies and profiles to handle day to day operations
  • Articulate or highlight risks/dependencies
  • Adhering to high-quality standards and best practices, high performance, and scalable, repeatable processes and deliverables in accordance with applicable regulations
  • Analyze, troubleshoot, and investigate network security-related incident based on security platform reporting, network traffic, log files, host-based and automated security alerts

HMG America LLC
Cell: (315) 983-4969
Direct 732-645-2740
manpreet@hmgamerica.com

Security & Risk Analyst

Title: Security & Risk Analyst - II
Duration: 6 Months
Location: Foster City, CA 94404

Will be remote only temporarily due to Coronavirus.

Description:
Skilll sets are more or less in the description…
• Familiarity with vendor security and privacy assessments (we can obviously train on our specific processes)
• Familiar with using ServiceNow tools (The GRC module especially)
• Ability to interact professionally with teams from Security, IT and the business.
• Ability to write and communicate in proper business English (including writing our formal assessment documents)
A lead should have ~5 years of experience.
System requirements – VDI or Citrix would be used for access. Laptops may be provided but this is tbd.
For education, I’d prefer a college degree.
The primary responsibilities will be the delivery of key security and privacy related functions related to performing Privacy Impact Assessments (PIA), vendor security assessments and security policy exception management. 
The IT Security and Privacy analyst is a key member of the Information Security and Privacy team and works closely with other team members, colleagues in IT and our business partners. 
The Security and Privacy Analyst will serve as a subject matter expert on Information Security and Privacy principles; company policies and standards; and regulatory requirements (e.g GDPR, CCPA, etc.) as they pertain to privacy and security incidents. 
The person in this position will be required to understand and communicate the reporting requirements as defined by company policy and interpret and apply the concepts and requirements when processing and managing privacy and security incidents.



Kabirkhan Pathan
Recruitment Executive
Integrated Resources, Inc.
IT|Life Sciences| Healthcare
(Direct) 732-844-8738 (W) 732-549-2030 x 327
Email ID – kabir@irionline.com

Tuesday, March 24, 2020

IT Solution Architect

Job Title: IT Solution Architect
Location: San Francisco, CA
Duration: 12 Months Contract

Qualifications:
Minimum: Six years in IT including experience in solution architecture and project implementation experience.
B.S. degree or equivalent work experience in computer science, computer engineering, business administration, or related field; or equivalent experience.

Desired: At least one relevant certification such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent Exposure to and basic understanding of solution architecture discipline, processes, concepts and best practices.
Experience with operational support for applications, systems, or infrastructure.
knowledge of technological trends and developments in cybersecurity.
Knowledge of cybersecurity technologies and products deploying those technologies.
Knowledge of regulatory requirements (including but not limited to HIPAA, SOX, NERC-CIP, TSA, CCPA, other privacy legislation).
providing direction to design and engineering staff.

Harjit kaur
1551, McCarthy Blvd, Milpitas, CA 95035
Desk: 408-503-6884|
Email: harjit@amiseq.com | Website: www.amiseq.com

Wednesday, March 18, 2020

Ethical Hacker

Position :- Manual Ethical Hacker
Location:  Charlotte NC
Duration: Full time On Site Job Opportunity
Interview process: Telephonic followed by Skype


Job Description:-
Desired Skills
- Ethical hacking certification.
relevant work experience with some applied within financial services, risk or technology

Required Skills

Prior experience in application development (including Mobile) and SDLC processes is preferred
Demonstrated and proven experience in one or more programming languages (like Java. .NET, Python etc.)
Professional ethical hacking experience using one or more of the following tools:
       Burp Suite Pro Attack (Manual ethical hacking)
       AppScan Enterprise tool (Automated ethical hacking)
       SoapUI (Web Services)
       Fortify or Checkmarx (Self-Service Source Code scanning tools)
Prior experience in application security standards & best practices, assessment methodologies, secure coding practices are a big plus
Ability to conduct web application ethical hacking in accordance with a defined process using attack proxies and scripting tools
Solid understanding of network protocols
Experience communicating application security issues to wide range of audiences (including both technical and non-technical)
Demonstrated increasing levels of accountability and ownership
Demonstrated ability to operate as a change agent and driving change across diverse stakeholders groups
Strong collaboration and partnering skills with ability to positively influence and motivate teams
Comfortable with ambiguous situations capable of analyzing, simplifying and collaborating to solve complex problems
Strategic thinkers, self-starter, organized, versatile, and capable of performing work with minimal management oversight
Ability to connect dots and not work in a silo, understanding the impacts of the work that is done and how it can tie into other areas within the team and across GT&O


Vinay Mudgal
Milpitas, CA
Phone: 408-418-5778 Ext: 3283
Cell Phone : 408-819-7178

Wednesday, March 11, 2020

Cyber Incident Response

Title:                       Cyber Incident Response
Work Location:     Menomonee Falls, WI

Job Description:

As a member of IT Security team, contributes to development of a comprehensive information security program.  Responsible for implementing and operating information security capabilities, documenting security policies, processes and standards.  Reporting to the Director of IT Security, this position is responsible for cyber incident response, providing operational support to security systems and tools for boundary, network, email, and endpoint security / monitoring.

Position Responsibilities:
• Serves as a subject matter expert on cyber response activities
• Provides second and third-level support and analysis during and after a security incident.
• Monitors reports and security logs for unusual events.
• Works closely with and provides guidance/direction to the Managed Security Service and Security Operations Center.

• Provides operational support for Security Operations technologies/capabilities to include:
- DLP
- IDS/IPS
- Firewall configuration
- Endpoint protection
- Email security
- Vulnerability scanning

• Develops security policies and procedures.
• Participates in security investigations and compliance reviews, as assigned by management.
• Assist in development and deployment of information security awareness, training, and communication capabilities
• Responsible for operating, maintaining and supporting various security tools as assigned by management.
• Collaborates with other security and infrastructure team members to identify and implement solutions.
• Works with business partners in resolving security-related infrastructure outages. Must possess expert troubleshooting skills.
• 3 or more years of experience in Cyber Security and/or Security Operations.
• Understanding of cybersecurity frameworks including but not limited to NIST CF, HITRUST CSF, ISO 27001.
• Understanding of general security concepts including but not limited to cryptography, DLP, Security Operations Center, Security Managed Services, SEM, FW, Audit, Cloud Security, Mobile Security.
• BA in Computer Science or related field is required or equivalent acquired through combination of education and experience.


Ronak Patel
Lancesoft Inc
13454 Sunrise Valley Drive, Suite 120, Herndon, VA 20171
Direct:000-000-0000 | Fax:(703) 935-0339
ronak.p@lancesoft.com | www.LanceSoft.com

Wednesday, March 4, 2020

IT - System Administrator

Job Title : IT-System Administrator
Location : San Francisco CA
Duration : 6 Months long contract
 
Job Description:
 
specifically looking for a Senior AIX system administrator. local candidate prefer, but open to non-local candidates IBM PowerVM, VIO, HMC, server build and system management; 2. Performance monitoring and troubleshooting; 3. TSM data backup/restore, What does the 10% of travel consist of? For in person meetings, project meetings
 

Muthu Srinivasan
Sr IT Recruiter
Amiseq, Inc
510-455-2043
muthu@amiseq.com 
1551, McCarthy Blvd | Milpitas CA 95035

Monday, March 2, 2020

Information Security Consultant

Job Title: Information Security Consultant
Location: Irvine, CA
Duration: 6-12 Months Contract.
Interview Logistics: Phone Screen and Skype.
JOB DESCRIPTION:
Provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems. Designs, develops and implements security requirements within an organization̢۪s business processes. Prepares documentation from information obtained from customer using accepted guidelines such as NIST 800-171. Prepares Security Test and Evaluation plans. Provide certification and accreditation support in the development of security and contingency plans and conduct complex risk and vulnerability assessments. Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps. Develops and completes system security plans and contingency plans. Recommends system enhancements to improve security deficiencies. Develops, tests, and integrates computer and network security tools. Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration. Conducts security program audits and develops solutions to lessen identified risks. Develop strategies to comply with privacy, risk management, and e-authentication requirements. Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Evaluates, develops and enhances security requirements, policy and tools. Provides assistance in computer incident investigations. Performs vulnerability assessments including development of risk mitigation strategies.



Kranthi Kumar
Sr. IT Recruiter
USM Systems | 14175 Sully field Circle, #400, Chantilly, VA 20151
 (703) 880-3566 

Friday, February 28, 2020

Information Security Analyst III

Job Details:-
Title: Information Security Analyst II
Duration: 6+ months contract
Location: Sunnyvale, CA
 

Specific responsibilities include:
  • Lead or make senior contributions to the selection, deployment, and management of a GRC platform
  • Lead or make senior contributions to implementation of a company-wide security controls
  • Lead or contribute to achieving security compliance programs
  • Drive and track remediation efforts resulting from internal audits and third-party audits
  • Develop methods to gather and organize audit artifacts
  • Collaborate with various stakeholders from business units that include Infrastructure, Product Software, IBX Datacenters, Network Operations, Internal Audit, Product Management, Legal, and HR
  • Assist in the development and implementation of a continuous compliance monitoring framework
 
Skills:
 
  • Candidates must exhibit advanced competencies and hands-on experience with:
  • At least one GRC platform for automating and managing security policy lifecycles, continuously monitoring for compliance, monitoring of associated risks, etc.
  • At least two security control frameworks and associated policy requirements, for example, ISO 27001, NIST CSF, NIST 800 800-53, NIST 800-171, NIST 800-82, Cloud Security Alliance Cloud Controls Matrix (CSA CCM), SOC2, PCI/DSS
  • Ideally, also at least government / legislative security compliance programs, for example, FedRAMP, Controlled Unclassified Information (CUI), General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA)
  • the ability to build and continually strengthen relationships with teammates and stakeholders
  • the ability to bridge gaps of understanding between business and technical stakeholders
  • an unmistakable disposition to collaborate with others
  • writing skills suitable for consumption by senior executives

Education:
 
  • A Bachelor's degree in a computer-related field, with preference given to those with a Master's degree
  • at least 7 years of experience in Information Security related disciplines
  • Preference will be given to candidates having one or more advanced security credentials, for example, CISSP, CISA, CISM, CCSP, SSCP, CompTIA CASP, CompTIA CySA, etc.

 
Aishwarya Bhisey
Amiseq, Inc
669-213-4945  | aishwarya.bhisey@amiseq.com 
1551, McCarthy Blvd | Milpitas CA 95035

Wednesday, February 26, 2020

IBM Support Lead

IBM Support Lead
Fulltime
Houston,TX
 
Job Description
 
IBM Intergration Bus IIB 10 / IBM Message broker, MQ 9 ,  IBM Operation Decision Manager (ODM) with business Rule engine knowledge & SQL Knowledge
SOAP UI Tool, RFH Util, MQ Explorer, MQ scripting, Kibana, Kafka
1. Good Communication and Interpersonal Skills
2. Good analytical and problem solving skills
3. Airline domain knowledge added advantage
4. Sound time management skills.
Knowledge on EDIFACT Messages
8 - 10 years
1. Strong experience working with multiple mapping techniques in IBM Intergration Bus 10
2. Strong experience implementing MQ 9
3. Strong experience in ODM , Business rule engine
4. Strong experience implementing Global cache, Exception and logging frameworks
5. Experience working with multiple data formats, XML, Fixed length etc
6. Experience writing rules for data interchange in ESQL
7. Experience creating scripts/procedures for BCP/DR recovery
8. Design and develop security features into the IIB flows.
9. Set up Broker domains and execution groups
10. Set up Flow patterns/templates and develop re-usable flows, sub-flows
11. Some experience in continuous integration of IIB flows.
12. Strong trouble shooting, root cause analysis, debugging and problem resolution skills.
Desirable:
13. Hands on database development experience including PL/SQL, Stored procedures etc for business reporting
 

 
Deepak Saini
 

Friday, February 21, 2020

SIEM SOC Analyst

Position : SIEM SOC Analyst
Location:  Erlanger KY 41018
Duration  : Full Time

Job Description:
  • Understanding of HP Arcsight SIEM Architecture and componnets
  • Experience in managing and configuring security monitoring correlation rules
  • Responsible to create Rule book for all correlated rules and Train SOC monitoring team
  • Generate reports and collect logs for deep analysis of Security incidents
  • Event/Alert Triage & Analysis and suggest new rules for improvements
  • Ability to continuously tune alerts and provide recommendations
  • Suggest tuning the events and alerts from IDS, deep packet inspection devices
  • Participate with SOC/Incident response team for security incidents

Ajaz Ahmad
IT Recruiter
 
Serve Staffing Solutions Inc.
113 Barnum Street West Babylon
New York-11704
Direct: (332)-209-4428
Email: ajaz@servstaffing.com

Thursday, February 13, 2020

Security Operations Analyst III

Job Details:

Job title    :  Security Operations Analyst III
Location: :    Frisco, Texas
Duration  :   3 Months Contract

Job Duties in Brief:

        Coordinate operational controls effectiveness SDLC testing across teams within a specified organization as required.
        Provide intake, review, oversight, and tracking in support of SDLC functions.
        Support the remediation of results from reviews and tests.
        Ensure that SDLC quality and risk metrics are collected and compiled.
        Ensure the effective collection, review and publication of results.
        Ensure that the SDLC Framework, policies and procedures are adhered to by the IT division.
        Support the development and execution of the risk assessments, control objective, and IT risk theme assessments including track mitigating actions and communicate results.
        Continually review and mature the key risk indicators being monitored by the IT divisions.
        Perform trend analysis and problem reviews and make recommendations for improvement and/or prevention of weaknesses noted.
        Perform and document results of Control Self Assessments for Event Driven Preventive/Detective business process controls according to the audit calendar.

About You:

        Proficient with Microsoft products not restricted to but including: Outlook, Excel, Visio, PowerPoint, and Word.
        Proficient or willing to learn SharePoint administrative functions in order to update/maintain team SharePoint sites.
        Ideal candidates should have a working knowledge of one or more of the Compliance and Controls standards. (i.e. SOX, COBIT, ITIL, COSO).
        Demonstrated ability in identifying, evaluating and/or defining compliance requirements in a technical environment.
        Strong verbal and written communication skills are important for this position which includes the ability to translate technical requirements and issues into non-technical language.
        Ability to approach technical challenges from a business perspective is required along with the ability to manage and ensure the completion of multiple tasks and projects simultaneously.
        Possess strong negotiation skills with a can-do attitude and be able to motivate stakeholders.
        Meticulous in daily working details (Excel spreadsheets, meeting minutes, Compliance template documents), and a track record of delivering regulatory documentation.
        Must be able to prioritize, manage, and meet deadlines as well as adapt to direction/priority changes with short notice.
        Should be a self-starter or have the ability to be part of a self-managed team and have the ability to initiate assistance where needed



J S SANTHOSH
Senior  Recruiter
Experis IT
414-346-0723 | Santhosh.phani@experis.com