---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Sr. Security Engineer
Location: New York, New York, US
Type: Permanent P/T
Closing Date: 05/19/2005
Andiamo Partners currently has a NUMBER of Permanent Security Job Openings with
in various financial institutions through out the NYC area.
397- Information Security Analyst (Policies & Procedures)
Position with a Large Global Bank NYC
Permanent/ Full time
90k-110K Base + Bonus
The responsibilities specific to this position, as part of the Information
Security Services & Controls Team, involve ensuring that the bank applications
and infrastructure are secure, customer data remains confidential, and the
security controls mitigate risks. This team works with all areas of This bank
to establish security policies and to develop a secure infrastructure.
Responsibilities:
-Ensure secure implementation of a real-time, browser-level product which
provides visibility into every customer's online experience.
-Identify and secure sensitive information to prevent any potential breach of
privacy.
-Manage, monitor, and maintain the rules and processes used to detect, analyze
and respond to issues surrounding client-facing web applications.
-Provide internal computer security consulting support for centralized and
distributed computer systems. Identify information security issues and
recommend solutions.
-Review and update IS Policies and Standards on a regular basis.
-Provide security-consulting services to the business unit as necessary, to
include security reviews of Technology Service Providers
-Provide security-consulting services to other managers.
-Remain current on technical developments affecting information security and
advises department management.
-Adhere strictly to compliance and operational risk controls in accordance with
this bank and regulatory standards, policies and practices report control
weaknesses, compliance breaches and operational loss events.
Requirements :
-Understanding of Application Security
-Experience with policy-based security implementations
-4-year college degree with experience in Information Technology
-Good verbal/written communication skills and be able to work directly with a
variety of clients (business, development, compliance, etc.)
-Knowledge of network management systems and system monitoring applications
-Proven experience and ability to identify vulnerabilities, recommend and
implement security solutions
-P&P and Penetration Testing experience (sometimes called Pen Testing)
-SQL programming and database administration
-PostgreSQL, Access, or MS SQL server experience desirable
-Perl programming a plus
************************
396 Firewall/IDS Engineer
Position with a Large Global Bank NYC
Permanat/Fulltime
85k-95K Base + Bonus
As a Senior Engineer, you will provide support for all areas of the technical
support function including mainframe systems and communications software, test
tools, performance, capacity planning, eCommerce and call center technology.
You will also provide technical leadership through special and major projects,
as well as provide team leadership.
Requirements:
-This position requires an individual with:
-A Bachelors degree or equivalent experience in Computer Science or related
field
-Minimum of six years specialized experience in support systems technology,
network security, and infrastructure-based work.
-Must have experience with Nokia Firewalls and Checkpoint Alteon highly
desirable. Checkpoint N.G./certification also highly desirable.
-Must have experience with intrusion detection devices, preferably Proventia.
-Strong aptitude on security procedures, compliance issues, and overall
networking skills (i.e. switches, routers, hubs, layer 2/3).
-Corporate level/large infrastructure experience required, with adept skill in
the intricacies of how firewalls and intrusion detection devices interact and
link into overall infrastructures.
-eCommerce experience very helpful.
-Strong awareness and attention to detail, quick response measures, solid
project multi-tasking, and ability to work independently.
-Recognition as a technical resource within the work group knowledge of
multiple platforms, and multiple network protocols and extensive and
specialized technical knowledge in Support Systems. Must be available for
on-call, 24/7 support.
-Must be open to travel, as needed.
*****************************
341- Application Security Engineer
Position with a Large Global Bank NYC
Permanat/Fulltime
90k-110K Base + Bonus
-This position has a particular emphasis on the following responsibilities:
-Perform highly technical/analytical Application-level security testing
-Configure and employ various security testing software and apply results to
security analysis
-Cde and demonstrate proof-of-concept exploits of identified vulnerabilities
-Plan and coordinate security test projects according a structured process,
including managing schedule and generating detailed documentation of test
approach and findings
-Provide implementation recommendations and track remediation efforts.
-Coordinate efforts of various units in planning, execution, and mitigation of
identified vulnerabilities.
In addition, the Senior Information Security Analyst:
-Manages efforts of Information Security project teams.
-Ensures that this bank
.com policies are implemented, enforced, and enhanced when appropriate.
-Leads/participates in team discussions to formulate new or enhance existing
processes, policies, and standards.
-Helps define security baseline of hardware, software and information systems.
-Performs product evaluations of security technologies (e.g.Application
Firewalls, Automated Vulnerability Scanners, etc.)
-Evaluates, procures, and maintains hardware and software tools used to support
Information Security function.
-Monitors information security intelligence theaters and keeps abreast of
pertinent events, research, and developments
-Performs incident response activities for security events.
-Develops in-house solutions, when necessary, for efficient issues tracking or
metrics reporting
-Participates in the development and maintenance of security awareness
programs.
-Other responsibilities as assigned.
****************************
336- Manager of Security Engineering
Position with a Large Global Bank NYC
Permanent Fulltime
110k-130K Base + Bonus
Management Responsibilities:
Manage day-to-day activities of team members, including maintenance, support
and technical project work to ensure performance objectives and project
deliverables are met
-Lead Firewall and IDS activities
-Using performance excellence tools, develop, monitor and assess individual
staff performance and provide timely feedback to promote team effectiveness
I-mplement and be responsible for the implementation of technology
-Collaborate with other teams as necessary to ensure customer service levels
are met
-Execute defined Enterprise System strategies by aligning resources to support
corporate initiatives.
Technical Responsibilities:
-Provide technical leadership, management and direction to ensure that security
objectives to meet service level agreements or performance objectives
-Lead and manage the team in the selection of vendors or tools and provide
input to Group Manager to support supplier management efforts
-Partner with and give feedback to vendors to ensure that SLA’s or
performance objectives are met
-Use industry best practices to manage operations at the lowest cost and
improve operations performance
-Hands on technical responsibilities for implementing Firewall and IDS
solutions.
This position requires an individual with:
-College or technical education preferred or equivalent related experience
-5-10 years Firewall and Intrusion Detection System experience
-3 - 5 years experience in a technical role as a team lead responsible for the
following
*Developing and managing technical teams ranging in size from 3 to 10
individuals
*Managing budgets ranging in size from $1M to $18M.
*Workload prioritization experience
*Managing large projects or programs 5 years experience with Checkpoint
Firewall-1.
Experience with Checkpoint Firewall-1 with Application Intelligence
-3 years experience with Nokia Firewall Hardware and Nokia IPSO Software
-Experience with Nokia High Availability Cluster Configuration, and High
Performance and Service Level Agreements required
-Expert level understanding of TCP/IP and networking
-Expert level understanding of UNIX, Solaris preferred
-Expert level understanding of Microsoft Windows 2000
-Expert level understanding of VRRP
-Solid understanding of Cisco IOS
-Solid understanding of standard business processes including Change
Management, Problem Management, Work Prioritization, Quality Assurance and
Continuous Improvement best practices, etc.
-Strong client relationship management skills
-Very strong analytical and problem-solving skills
-Strong verbal and written communication skills
-Strong interpersonal and conflict management skills
-Strong leadership ability and management experience
-Occasional travel required
-On-call availability 7x24
***************************
331- PKI Security Architect
Position with a Large Global Bank- NYC
Permanat Fulltime
100k-125K Base + Bonus
The Senior Security Architect ensures the confidentiality, availability, and
integrity of This Bank's.com data. He/She designs security into the network and
applications and is responsible for delivery of security solutions. He/She
ensures that the proper controls are in place to mitigate risks and to identify
potential vulnerabilities. This position is a team-lead for Core Technologies
team, part of the Information Security Architecture Team with primary focus on
Authentication and PKI technologies. Primary scope of responsibility is this
banks.com but this position is global in nature and includes the integration
and consultation on a group wide basis. Frequently engaged in Group-wide
Information Security decisions for core authentication services and
infrastructure. Manages the project scope and IT implementation.
The Information Security Architect:
-Recommends security solutions to identified risks.
-Acts as project manager to deliver security solutions when appropriate.
-Ensures that the network and application designs are secure and satisfy
existing policies and guidelines. When appropriate, will propose and design
security solutions.
-Hands on experience with PKI implementation and infrastructure.
-Synthesizes technical requirements for the implementation of such a project.
-Incorporates business requirements into the technical design of the project.
-Reviews and verifies changes to the this bank's.com environment have been
documented and approved.
-Reviews the implementation of user and resource access controls.
-Identifies and helps mitigate any vulnerabilities on the network
-Ensures installed devices are secure from inside or outside attacks.
-Experience with ISO17799 information security best practices and IT risk
assessments using SPRINT (Simplified Process for Risk Identification)
methodology which was developed by the Information Security Forum.
-Participates in the development and maintenance of security awareness
programs, including supervision of staff training.
-Attends project meeting and represents Information Security interests.
-Educates and raises the level of security consciousness.
-Leads/participates in team discussions to formulate new or enhance existing
policies, standards and guidelines at Group and this banks.com levels.
-Participates in Ad Hoc groups formed to address functional security issues.
-Works with This bank and this bank's.com to identity and evaluate vendors who
can provide products and service to support InfoSec activities.
Required Skills:
-4-year college degree
-7 or more years experience in Information Security (and/or equivalent
experience and understanding of general and technical controls)
-Knowledge of network management systems
-Knowledge of network and system monitoring applications
-Expert knowledge in PKI, encryption, SSO and directories.
-Project management experience.
-Mastery of distributed systems paradigms
-Familiarity with development languages and respective security services.
-Demonstrated experience to conduct business analysis work and present finding
to a multi-tiered group
-Relevant professional certifications preferred: CISSP, CISA, CISM
-Demonstrated grasp of Internet concepts and technologies
-Relevant professional certifications preferred: CISSP, CISA
-Excellent verbal and written communication and interpersonal skills
-Ability to effectively manage and motivate staff to obtain the desire results
-Strong technical and problem-solving abilities
IF interested Please reply with a WORD Version of your resume to
vishal.mehta@andiamopartners.com for initial consideration.
JOB REQUIREMENTS
---------------------------------------------------
CONTACT
---------------------------------------------------
Vishal Mehta
Senior Technical Recruiter
Andiamo Partners
vishal.mehta@andiamopartners.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
