Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Security Consultant, New York

from [lmeszaros] Network Security [Permanent Link]
Subject: [SJ-JOB] Security Consultant, New York
Date: 16 Jun 2005 18:56:43 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Security Consultant
Location:       New York, New York, United States
Type:           Contract

Closing Date:   2005-07-14

Application Security and Administration Lead

Project Length 2+ years  (8) hour day 

This Application Security & Administration Lead will manage and coordinate 
security and application administration for the upgraded of a financial system 
among the vendor, Clients Chief Security Officer, and operations unit.  This 
individual contributor will ensure that all aspects of security for are 
adequately addressed including infrastructure, application, and data security.  
The Application Security & Administration Lead will focus on application 
security while ensuring that infrastructure security for is fully addressed by 
IT Group.

The Security/Application Administration Lead for the Project will report 
directly to the Project Manager as a full-time member of the Project Team and 
work closely with CSO and  IT Group to develop, test, and implement application 
security and administration processes and procedures.



JOB REQUIREMENTS
---------------------------------------------------
Position Roles & Responsibilities:

&middot;        The Application Security & Administration Lead will be 
responsible for the following:
&middot;        Reviewing the application security architecture of the vendor's 
baseline financial management package to:
&middot;        Assure it adequately addresses user provisioning, 
authentication, and authorization and conforms to the client and security 
standards and make recommendations to CSO and vendor to address any 
deficiencies;
&middot;        Assure adequate "security controls" are in place for the 
application, for integration touch points with financial systems, and for 
interfaces to external systems, and make recommendations to CSO and vendor to 
address any deficiencies. 
&middot;        Identify security risks (including any new security concerns 
introduced by new technology, new products, or new relationships with external 
parties associated with the project) and make recommendations to  CSO and 
vendor on policies and procedures to address these risks.
&middot;        Coordinate and work with  IT staff and CSO to incorporate 
security solutions into overall security solutions.  
&middot;        Coordinate and work with  and vendor's architects and 
developers to run application security scans, to interpret test results, and to 
address security vulnerabilities on the application. 
&middot;        Coordinate and work with  accounting and budgeting SME's and 
CSO to set appropriate controls for data security (i.e., to identify and 
classify sensitive data and to develop adequate policies and procedures to 
safeguard this data throughout the development cycle and transition to the  
production environment).
&middot;        Coordinate and work with  accounting and budgeting SME's and 
CSO  to develop user group authorization models (roles & access) then working 
with IT Group to test and implement these models in production.  
&middot;        Coordinate and work with  functional SME's  (in the accounting 
and budgeting areas) and to determine master table settings, 
application/desktop configuration and set-up (as required), and workflow models 
then working with  IT Group to test and implement these in production. 



Required Knowledge, Skills & Abilities:
 
&middot;        Ability to serve as an effective member of  a project team 
comprised of technical and business resources (required)
&middot;        Strong working knowledge of  security-related IT "application 
control" (required)
&middot;        Strong analytical skills (required)
&middot;        Strong written and verbal communication skills with ability to 
communicate security concepts to a broad range of technical and non-technical 
staff (required)
&middot;        Ability to work independently with minimal direction (required)
&middot;        Strong and current expertise in information technology and 
information security including firewalls, IDS's, encryption and VPN's,  
identification and authentication tools, and other related security skills 
(preferred) 

Experience:

&middot;        5 years experience in systems/application administration in an 
IT organization responsible for development and maintenance of  large, complex 
business applications OR
&middot;        3 years experience configuring and administering the 
application features of an Enterprise Resource Planning (ERP) system including 
the identification of workflow (procedural) deficiencies and application 
security deficiencies.
&middot;        Experience addressing security requirements of large, complex 
business applications utilizing Web application technology.

Education:

&middot;        BA degree in MIS, computer science or related field from a 
recognized college or university (required)
&middot;        Masters degree in MIS, computer science or related field from a 
recognized college or university (preferred)
&middot;        Certification as Certified Information Systems Security 
Professional (CISSP) or Systems Security Certified Practitioner (SSCP) or 
system / application certification for an ERP solution, or equivalent 
certification (preferred) 
&middot;        Security System/Administration Lead
&middot;        Manage and coordinate security and system administration 
programs between the Vendor and operations units.  
&middot;        Activities include:  ensuring compliance with policies; 
identifying customer needs and expectations; assessing strategies for business 
best practices and recommending alternatives for evaluation; and ensuring 
policies, procedures, and system functions meet requirements.  In addition, 
working with operations units and the Vendor, develop a method for performing 
an impact analysis on future configuration changes and perform / transfer 
knowledge to operations units.




CONTACT
---------------------------------------------------
Please email your resume to lmeszaros@tekmarkinc.com for immediate review and 
consideration.  Please provide a daytime phone number that you can be contacted 
at directly.    



Tekmark Global Solutions 
Lisa  Meszaros 
Senior Technical Recruiter 
lmeszaros@tekmarkinc.com 



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [SJ-JOB] Security Engineer, New York, evagenas
Next by Date:  [SJ-JOB] Sr. Security Engineer, Dallas, srihari . kotni
Previous by Thread:  [SJ-JOB] Sr. Security Analyst, PALO ALTO, isecurity
Next by Thread:  [SJ-JOB] Security Consultant, New York, iain
Indexes:  [Date] [Thread] [Top] [All Lists]