---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Sr. Security Engineer
Location: San Jose, California, US
Type: Permanent F/T
Closing Date: 05/21/2005
Company
Our client was founded in 1997, have raised $75 million and are currently
operating on revenue. They are profitable on a quarterly basis.
There are currently 90 people in the company, with offices in the US, Europe
and Asia. They are doing some development in Bangalore.
They sell their product through system integrators and directly to the
carriers. The system integrators pay a license fee and the carriers pay on a
product basis.
They increase their revenues by 50% in 2004 and are on target for another 50%
increase for 2005.
Product
They develop a carrier class, tier-1, IP platform. Their technology captures IP
traffic off of carrier backbones. The platform offers a real time collection
and analysis of one packet to billions of packets across multiple networks at
up to OC192 rates. The platform enables IP applications such as billing,
infrastructure protection, policy enforcement and IP monitoring. They passively
monitor IP traffic and do layer 7 reconstruction of that traffic on the fly.
Essentially they do packet analysis on any packet that goes through their
packet analyzer. This is not packet processing and it is not content analysis.
They are able to see all the IP traffic (email protocols, instant messaging
protocols, teleconferencing protocols, streaming protocols, network management
protocols, web protocols, etc…anything that runs on TCP/IP) from the
beginning from when you authenticated on the network to when you leave the
network. They know which URLs a person has been to, if a person went
to a home page, if a person is uploading/downloading email, teleconferencing,
IM’ing, etc. This helps their clients in three ways:
1. This is important because the carriers/ISP’s want to be able to
bill their users on network utilization so that they can provide differentiated
services. For example, when a user goes to an email server, they get one price,
when they go too specific website, they get another price, and when they go to
a premium site, they pay a third price. What they can do is provide a detailed
record of what an individual subscriber’s behavior is in the same way the
phone company provides a bill with local and long distance charges, the phone
numbers called, the duration of those calls, roaming charges. They does the
same thing for IP traffic.
2. The marketing reason for the product is that it helps their clients to
understand what kind of services their subscribers want. Like the cable
companies that provide various premium packages (sports, movies, etc), this
will allow their client’s to offer various packages that would be
interesting to their subscribers.
3. Another use of their product is for network and service management. The
quality of service management that they pick up is extremely fine grained. It
isn’t tied to a particular switch or network element so they get a lot of
info that is independent of those. They can see in real time if there are
delays, if there are errors, what those errors might be. Also, it allows their
clients to monitor the service level agreements better as well as lets them do
more precise network planning.
Initially they started with post-paid services (you receive your bill at the
end of the month for services you have used). Now they have added pre-paid
services (like pre-paid calling cards, just for data services).
Their 20+ customers include AT&T, KDDI, US Cellular, T-Mobile, Korea Telecom,
and KPN Mobile (Netherlands).
Architecture/Technology
Their product consists of a collection layer, which captures all the IP
information. This layer also does semantic traffic analysis, layer 4 analyses
and layer 7 analyses. It is all written in C for performance reasons. Then all
the info is sent to the logic/policy management server. This does all the
correlation and aggregation. This is also where their client’s put all
their business rules. This is a highly scalable, highly distributed
server/platform written in C++ and OO running on Linux and Solaris. Any of the
elements can scale geographically or by CPU. The customer’s applications
(billing systems, business applications, etc) tie into this server. They use
Oracle to archive all the info and MySQL for the internal management.
JOB REQUIREMENTS
---------------------------------------------------
Position:
This person will come in and be driving the implementation of various
algorithms within their framework. There are basically three types of
algorithms that they will be implementing - rule based, learning, and
statistical. Most of the coding will be done in C and C++ running on Linux or
UNIX based systems. This person will work closely with the CTO, the security
team in Mountain View and India and the core engineering team. They will need
to have a good knowledge of network distributed systems, where there might be
100 different nodes across a network and they all have to work together. Most
of the work will be with the layer 7 protocols - SSL, HTTP, IPsec, etc.
CONTACT
---------------------------------------------------
send resumes to hayley@stecs.com
Hayley Rubin
Technical Recruiter
SearchTech
hayley@stecs.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
