---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Palo Alto, California, US
Type: Permanent F/T
Closing Date: 06/23/2005
Major Responsibilities
• Analyze complex application and network security issues, provide
solutions, and recommend enhancements to information security policy and
standards.
• Assess security risks, identify and recommend effective solutions, and
consult with operations or business units when necessary.
• Improve security infrastructure through internal assessments,
identification of vulnerabilities, and implementing effective corrective
actions.
Essential Duties and Responsibilities
• Perform high-level risk assessment analysis of applications, service
providers, networks, and servers.
• Recommend and implement methodologies to test, assess, and improve
integrity and effectiveness of overall security infrastructure, including
routers, firewalls, VPN, IDS, servers, databases, and other systems involved
with security.
• Design, conduct, and report on results of risk assessments, audits,
system reviews, and vulnerability scans performed using a combination of
automated tools, manual methods and interviewing.
• Maintain current knowledge of security vulnerabilities to identify
vulnerabilities applicable to the infrastructure and recommend, implement, and
assess the effectiveness of corrective actions.
• Integrate security solutions and improvements into existing
infrastructure with minimal disruption.
• Perform comprehensive security reviews of applications addressing all
layers.
• Perform intrusion detection monitoring and report findings to
management.
• Evaluate and recommend network and application solutions for
establishing and improving security.
• Evaluate, install, and configure security tools to enforce security
policies.
• Develop technical security standards and guidelines to address best
practices.
• Evaluate log management and network/host IDS implementation and
recommend areas for improvement.
• Implement security incident response plan when needed to identify the
root cause of the security incident, recommend and implement solutions to limit
the scope of the incident and eradicate any sign of the intrusion.
• Conduct security reviews on IT projects and design security solutions
for new systems and applications.
• Perform other duties as assigned.
JOB REQUIREMENTS
---------------------------------------------------
Education/Experience Requirements
• Undergraduate degree in computer science or related field, and/or 5 to
8 years related IT/Security experience designing, deploying, maintaining and
assessing secure infrastructure.
• Technical knowledge and experience with assessing and implementing
security of routers, firewalls, VPN and IDS required
• Technical knowledge and experience with assessing and implementing
security of Microsoft Windows servers, systems and networks required.
• Solid understanding of security architecture for both client/server and
web applications required.
• Knowledge and experience with implementing and fine-tuning network and
host IDS desirable.
• Knowledge and experience with implementing centralized log management
and monitoring desirable.
• Experience with developing and implementing incident response plan
required.
• Experience establishing and managing security architecture including
Microsoft Windows Server, Active Directory, ISA Server, Cisco IOS, Snort, TCP,
UDP, IP, HTTP, SMTP, FTP, DNS, NetBIOS, PKI, IPSec, IDS, and scripting.
• Experience with the following tools: Nmap, Nessus, nslookup, TCPDump,
WinDump, Ethereal, MBSA, HFNetChk, and LOphtCrack.
• Current professional certification(s) in security and/or networking
preferred (e.g., CISSP, MCSE: Security, CCIE Security, CCSP, CISA, GSEC, ISSEP,
ISSAP).
• Knowledge of security and privacy regulations a plus.
• Prior work experience in banking industry a plus.
• Good analytical and communication skills.
• Solid documentation and technical writing skills are a must.
• Effective project management skills required.
CONTACT
---------------------------------------------------
Please e-mail resumes to Angela Keller
Angela Keller
Recruiter
Tac Worldwide Companies
akeller@tacworldwide.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
