Tuesday, March 31, 2020

Information Security Analyst III

Role: Information Security Analyst III

Location: Sunnyvale, CA

Duration: 12+ Months


This information security analyst will understand governance, risk and controls strategy for information security and product security and will be responsible for documenting the security policies, security procedures, product architecture topology diagrams and data flows, security controls definition and implementation details.
This person will also closely work with the security and product engineering staff members to assess the current state and maturity of various controls, find gaps and define roadmap to address those gaps.
The analyst will mainly focus on security-related documentation required for internal and external/audit consumption to obtain industry certifications like PCI-DSS compliance, ISO 27001, SOC2 and SOC3 certifications and other similar regulatory certifications.
This person will also focus on enabling to be an integral member of Cloud Security Alliance (CSA) and submit the self-assessment documents.
The analyst must have deep understanding of technologies, tools and architecture related to Threat and Vulnerability Management, DevSecOps, Customer Facing IAM, Employee facing IAM, infrastructure security, data security and security intelligence involving SIEM tools implementation and SOC functions.
Excellent verbal and written communications are required.
The security analyst should have deep understanding of business context of IaaS PaaS and SaaS cloud offferings and what it takes to secure these product offerings.
The analyst should also be able to translate the security implementation into risk and governance language for consumption by legal, privacy, internal audit and external auditors.
The analyst should also understand NIST and COBIT control framework and should have prior experience of helping an organization go through the certification process for certifications like ISO 27001 SOC2 etc.
Knowledge of and experience in ITSM business processes and the corresponding documentation is required..
CISST, CISSA – certifications.

Nitin Gera | 408.503.6915 | nitin.gera@amiseq.com
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Monday, March 30, 2020

Cyber Security Controls Assessor

Job Description:

IT - Cyber Security Controls Assessor

Location: San Francisco /Sacramento/ San Ramon/ Concord

Duration: 12+ Months


Bachelors in Computer Science, or related discipline, or equivalent experience.
Experience in Information Technology (IT) risk management, or related
5 yrs Experience in Information Technology (IT)
5 yrs Utility industry experience 
Certified Information Systems Security Professional (CISSP)
Certified in Risk and Information Systems Control (CRISC)
Certified Information Systems Auditor (CISA) 

Nitin Gera | 408.503.6915 | nitin.gera@amiseq.com
Amiseq, Inc. 1551, McCarthy Blvd, Milpitas, CA 95035

Network Security Engineer

Job Title: Network Security Engineer
Location: Richardson,TX 
Duration: Contract

Job Description:

Bachelor's Degree in the Information Technology, Information security , or related fields preferred
Minimum 5-7 years in the Information Security field in a client-facing security services advisor, security analyst, security engineer
Must have background, experience, and understanding of networking and network security technologies such as Firewalls, IDS/IPS, Proxies, Content Filtering, Application security, SIEM and Log, monitoring/management, Vulnerability Management, Risk and Compliance
Previous experience in an operations, engineering or other technical role within networking, network security, IT and/or telecommunications field, particularly in a client facing role
Ability to analyze log data, threat data, and threat intelligence information, interpret, and communicate derived meaning to client with recommendations for risk mitigation strategies
Expert level knowledge of Cisco ASA/ Palo Alto
Has significant experience working in large-scale, enterprise strategic initiatives
Illustrates advanced knowledge of internal and perimeter security controls, network architecture, advanced network security platforms
Strong analytical skills, technical writing skills, communication skills, crisis management skills
Network Security certifications (CCNP Security , PCNSE, CEH, Security+, Vendor Certificates) preferred
Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred
Possesses solid communications skills, both written and verbal
Demonstrates solid analysis skills
Responsibility of / Expectations from the Role
Expertise of Cisco ASA, Palo Alto or VM NSX
Deploy network security solution across enterprise
Work with various stakeholders in implementation of the technology
Knowledge sharing with network team
Help in reporting

Reena Kumari
Sr. Engineering Recruiter
eTeam Inc.
(732) 338-2745
1001 Durham Avenue, Suite 201,South Plainfield, NJ 07080
South Plainfield, NJ, 07080

Saturday, March 28, 2020

Cyber Threat Analysts

W2 pay rate: $50-$70 hourly
Job # 9969823
Onsite Work Location: St Louis MO  63134 or Franklin Lakes, NJ  07417 following Covid 19
10 month contract

Cyber Threat Analyst
Duties: The  Information Protection Senior Advisor drives Security and Privacy monitoring and alerting solutions across business segments and supports objective and professional analysis and response to security policy violations. The ideal candidate will have excellent analytical skills, a background in cyber security, and intermediate-level technical skills. The candidate will be recognized internally as a subject matter expert who provides expert counsel on complex Information Protection assignments/projects. The role requires the ability to analyze complex information security issues, to recommend solutions to functional leaders and key stakeholders, and the ability to apply the technical solutions.
Apply understanding of threat actor TTPs, threat intelligence, vulnerability data and other relevant threat-related information to the development of threat detection use cases.
This position will be responsible for creating and managing custom monitoring and alerting solutions in Splunk in partnership with various customers and product owners in order to provide business and security value.
Develop and manage custom Tanium signal content
Leverage big data analytic tools to identify anomalous activity
Leverage Kanban methodology in support of an agile framework to develop content in accordance with established SLA's
Utilize Content Governance to ensure all content is documented, inventoried and aligns to naming standards and best practices
Manage the lifecycle of all content, including operations and maintenance routines to ensure contents continued viability and relevance
Perform functional, user-acceptance, and regression testing in support of SDLC practices
Continuously improve processes and operationalize new and innovative detection techniques to drive maturity
Apply thought leadership within Information Protection and across broader projects that impact the extended business environment.

Bachelor's degree in related field with 3 years of experience.
Master's degree in related field with 1 year of experience
5 years relevant experience without Bachelor's Degree.
Ability to write scripts in Python or PowerShell required
Strong pattern recognition and deductive reasoning skills
Strong understanding of malware techniques and host-based forensics
Experience with statistical analysis is a plus
Familiarity with the Cyber Kill Chain, Diamond, VERIS or ATT&CK modeling is a plus.

Skills and Experience:
Required Skills:
Additional Skills:

Please send resume for immediate consideration

  Erika Marsek | Technical Recruiter
  Strategic Staffing Solutions
  200 N Broadway Suite 1720, St. Louis, MO  63102

Network Security

Job Title: Network Security
LocationSan Diego, CA
Job Description: Network Security Engineer. (L3)
Technical skill set
  • Must have hands on experience in managing Palo Alto firewalls not limited to managing multi VSYS instance, BGP peering, security policies management
  • Hands on experience in managing threat prevention components of Palo Alto firewall
  • Strong Experience with BGP route reflector and all other routing protocols
  • Troubleshoot network route related issues and recommend best practices that helps to prevent any issues that impacts the network
  • Should have good troubleshooting skills – ability to analyse network packet captures, ability to isolate the cause of an issue, working with various support teams to resolve day today issues
  • Good to have experience with VMWare NSX firewall and Juniper SRX
  • Strong experience with Security (IPSEC / SSL-VPN / NAT)
  • Should have good presentation skills - shall be able to participate in the review meetings and be able put across the points of concern
  • Should have Capability to conduct risk analysis, impact analysis, dependencies on customer/internal teams,
  • Knowledge and experience of working with ITIL Processes
  • Preference would be given to candidate holding PCNSE

Non-Technical Responsibilities
  • Coordinate with other team members for availability of capable resource
  • Ensure quality work - review and validate the technical configuration changes
  • Coordinate with COE resources for resolution of technical issues/problems before escalation to OEM

Technical Responsibilities
  • Configuration and management of all firewalls,
  • Manage security policies and profiles to handle day to day operations
  • Articulate or highlight risks/dependencies
  • Adhering to high-quality standards and best practices, high performance, and scalable, repeatable processes and deliverables in accordance with applicable regulations
  • Analyze, troubleshoot, and investigate network security-related incident based on security platform reporting, network traffic, log files, host-based and automated security alerts

HMG America LLC
Cell: (315) 983-4969
Direct 732-645-2740

Security & Risk Analyst

Title: Security & Risk Analyst - II
Duration: 6 Months
Location: Foster City, CA 94404

Will be remote only temporarily due to Coronavirus.

Skilll sets are more or less in the description…
• Familiarity with vendor security and privacy assessments (we can obviously train on our specific processes)
• Familiar with using ServiceNow tools (The GRC module especially)
• Ability to interact professionally with teams from Security, IT and the business.
• Ability to write and communicate in proper business English (including writing our formal assessment documents)
A lead should have ~5 years of experience.
System requirements – VDI or Citrix would be used for access. Laptops may be provided but this is tbd.
For education, I’d prefer a college degree.
The primary responsibilities will be the delivery of key security and privacy related functions related to performing Privacy Impact Assessments (PIA), vendor security assessments and security policy exception management. 
The IT Security and Privacy analyst is a key member of the Information Security and Privacy team and works closely with other team members, colleagues in IT and our business partners. 
The Security and Privacy Analyst will serve as a subject matter expert on Information Security and Privacy principles; company policies and standards; and regulatory requirements (e.g GDPR, CCPA, etc.) as they pertain to privacy and security incidents. 
The person in this position will be required to understand and communicate the reporting requirements as defined by company policy and interpret and apply the concepts and requirements when processing and managing privacy and security incidents.

Kabirkhan Pathan
Recruitment Executive
Integrated Resources, Inc.
IT|Life Sciences| Healthcare
(Direct) 732-844-8738 (W) 732-549-2030 x 327
Email ID – kabir@irionline.com

Tuesday, March 24, 2020

IT Solution Architect

Job Title: IT Solution Architect
Location: San Francisco, CA
Duration: 12 Months Contract

Minimum: Six years in IT including experience in solution architecture and project implementation experience.
B.S. degree or equivalent work experience in computer science, computer engineering, business administration, or related field; or equivalent experience.

Desired: At least one relevant certification such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent Exposure to and basic understanding of solution architecture discipline, processes, concepts and best practices.
Experience with operational support for applications, systems, or infrastructure.
knowledge of technological trends and developments in cybersecurity.
Knowledge of cybersecurity technologies and products deploying those technologies.
Knowledge of regulatory requirements (including but not limited to HIPAA, SOX, NERC-CIP, TSA, CCPA, other privacy legislation).
providing direction to design and engineering staff.

Harjit kaur
1551, McCarthy Blvd, Milpitas, CA 95035
Desk: 408-503-6884|
Email: harjit@amiseq.com | Website: www.amiseq.com

Wednesday, March 18, 2020

Ethical Hacker

Position :- Manual Ethical Hacker
Location:  Charlotte NC
Duration: Full time On Site Job Opportunity
Interview process: Telephonic followed by Skype

Job Description:-
Desired Skills
- Ethical hacking certification.
relevant work experience with some applied within financial services, risk or technology

Required Skills

Prior experience in application development (including Mobile) and SDLC processes is preferred
Demonstrated and proven experience in one or more programming languages (like Java. .NET, Python etc.)
Professional ethical hacking experience using one or more of the following tools:
       Burp Suite Pro Attack (Manual ethical hacking)
       AppScan Enterprise tool (Automated ethical hacking)
       SoapUI (Web Services)
       Fortify or Checkmarx (Self-Service Source Code scanning tools)
Prior experience in application security standards & best practices, assessment methodologies, secure coding practices are a big plus
Ability to conduct web application ethical hacking in accordance with a defined process using attack proxies and scripting tools
Solid understanding of network protocols
Experience communicating application security issues to wide range of audiences (including both technical and non-technical)
Demonstrated increasing levels of accountability and ownership
Demonstrated ability to operate as a change agent and driving change across diverse stakeholders groups
Strong collaboration and partnering skills with ability to positively influence and motivate teams
Comfortable with ambiguous situations capable of analyzing, simplifying and collaborating to solve complex problems
Strategic thinkers, self-starter, organized, versatile, and capable of performing work with minimal management oversight
Ability to connect dots and not work in a silo, understanding the impacts of the work that is done and how it can tie into other areas within the team and across GT&O

Vinay Mudgal
Milpitas, CA
Phone: 408-418-5778 Ext: 3283
Cell Phone : 408-819-7178

Wednesday, March 11, 2020

Cyber Incident Response

Title:                       Cyber Incident Response
Work Location:     Menomonee Falls, WI

Job Description:

As a member of IT Security team, contributes to development of a comprehensive information security program.  Responsible for implementing and operating information security capabilities, documenting security policies, processes and standards.  Reporting to the Director of IT Security, this position is responsible for cyber incident response, providing operational support to security systems and tools for boundary, network, email, and endpoint security / monitoring.

Position Responsibilities:
• Serves as a subject matter expert on cyber response activities
• Provides second and third-level support and analysis during and after a security incident.
• Monitors reports and security logs for unusual events.
• Works closely with and provides guidance/direction to the Managed Security Service and Security Operations Center.

• Provides operational support for Security Operations technologies/capabilities to include:
- Firewall configuration
- Endpoint protection
- Email security
- Vulnerability scanning

• Develops security policies and procedures.
• Participates in security investigations and compliance reviews, as assigned by management.
• Assist in development and deployment of information security awareness, training, and communication capabilities
• Responsible for operating, maintaining and supporting various security tools as assigned by management.
• Collaborates with other security and infrastructure team members to identify and implement solutions.
• Works with business partners in resolving security-related infrastructure outages. Must possess expert troubleshooting skills.
• 3 or more years of experience in Cyber Security and/or Security Operations.
• Understanding of cybersecurity frameworks including but not limited to NIST CF, HITRUST CSF, ISO 27001.
• Understanding of general security concepts including but not limited to cryptography, DLP, Security Operations Center, Security Managed Services, SEM, FW, Audit, Cloud Security, Mobile Security.
• BA in Computer Science or related field is required or equivalent acquired through combination of education and experience.

Ronak Patel
Lancesoft Inc
13454 Sunrise Valley Drive, Suite 120, Herndon, VA 20171
Direct:000-000-0000 | Fax:(703) 935-0339
ronak.p@lancesoft.com | www.LanceSoft.com

Wednesday, March 4, 2020

IT - System Administrator

Job Title : IT-System Administrator
Location : San Francisco CA
Duration : 6 Months long contract
Job Description:
specifically looking for a Senior AIX system administrator. local candidate prefer, but open to non-local candidates IBM PowerVM, VIO, HMC, server build and system management; 2. Performance monitoring and troubleshooting; 3. TSM data backup/restore, What does the 10% of travel consist of? For in person meetings, project meetings

Muthu Srinivasan
Sr IT Recruiter
Amiseq, Inc
1551, McCarthy Blvd | Milpitas CA 95035

Monday, March 2, 2020

Information Security Consultant

Job Title: Information Security Consultant
Location: Irvine, CA
Duration: 6-12 Months Contract.
Interview Logistics: Phone Screen and Skype.
Provides technical and programmatic Information Assurance Services to internal and external customers in support of network and information security systems. Designs, develops and implements security requirements within an organization̢۪s business processes. Prepares documentation from information obtained from customer using accepted guidelines such as NIST 800-171. Prepares Security Test and Evaluation plans. Provide certification and accreditation support in the development of security and contingency plans and conduct complex risk and vulnerability assessments. Analyzes policies and procedures against Federal laws and regulations and provides recommendations for closing gaps. Develops and completes system security plans and contingency plans. Recommends system enhancements to improve security deficiencies. Develops, tests, and integrates computer and network security tools. Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration. Conducts security program audits and develops solutions to lessen identified risks. Develop strategies to comply with privacy, risk management, and e-authentication requirements. Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements. Evaluates, develops and enhances security requirements, policy and tools. Provides assistance in computer incident investigations. Performs vulnerability assessments including development of risk mitigation strategies.

Kranthi Kumar
Sr. IT Recruiter
USM Systems | 14175 Sully field Circle, #400, Chantilly, VA 20151
 (703) 880-3566