---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Application Security Engineer
Location: Chicago, Illinois, US
Type: Permanent F/T
Closing Date: 05/22/2005
Senior Application Security Engineer Chicago, IL
$90-$100K base + bonus, relocation assistance available
The Senior Application Security Engineer will possess very specialized web
application security skills. These skills will include previous experience
securing a large java environment through security code reviews and application
penetration testing. The candidate should have java coding experience and be
familiar with the OWASP secure coding practices.
This person will work with the technology teams and business units as an
in-house consultant always prepared to lead or participate in broader
initiatives spanning all areas of information security.
RESPONSIBILITIES:
Works with the enterprise planning group on all architecture and design
proposals to build in security at the planning stages
Provides guidance on change control management and application development
security to the Development groups
Analyzes vulnerability of company applications, including internal and external
Web sites, to identify trends. Determines appropriate solutions.
Research and develop standards for Access Control techniques and administration
Provides guidance on database security and data warehousing to the Database
Administration organization
Research and develop standards for Internet, Intranet and Extranet Security
(both wired and wireless environments)
Initiates Security Awareness and Training
Documents Security Policies, Standards, Procedures and Guidelines that meet
legal requirements for corporate due diligence
Establishes standards for cryptography to protect the corporate assets by
encrypting internal and external communications/data using Public Key
Infrastructure and/or Private Key Algorithms
Performs internal security auditing services utilizing the appropriate tools
required to measure compliance to corporate standards and technology standards
for security
Consults with multiple organizations within Cendant as required on any security
related issues requiring technical expertise
Implements monitoring capability for security infrastructure. Reviews logs and
alerts for violations. Takes appropriate action to isolate and secure systems.
Monitors industry security alerts and coordinates appropriate changes to secure
systems.
Identifying and evaluating future and emerging technologies in information
security
JOB REQUIREMENTS
---------------------------------------------------
QUALIFICATIONS:
 Minimum of 5 years of experience in Information Security
Expertise in web application security, including secure coding standards
required (java, J2EE).
Expertise in securing large database environments required.
Experience working on government and industry compliance projects (Sarbanes
Oxley, Visa CISP/PCI, GLBA, etc.).
Prior experience in a start-up or Internet environment a plus.
Strong interpersonal and communication skills.
Information security industry certifications are a plus (CISSP, GSEC, etc.).
Bachelor’s degree in Computer Science, or equivalent experience.
Excellent verbal and written communication skills.
CONTACT
---------------------------------------------------
If you are interested in learning more about this opportunity email your resume
in Word along with your availability and contact info. Also, please send a
brief synopsis of your background and professional goals to
jeff@altaassociates.com.
Jeff Combs
Senior Recruiter
Alta Associates, Inc.
jeff@altaassociates.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
