Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Jr. Security Analyst, South Brunswick

from [tim] Network Security [Permanent Link]
Subject: [SJ-JOB] Jr. Security Analyst, South Brunswick
Date: 21 Nov 2005 19:41:26 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Jr. Security Analyst
Location:       South Brunswick, New Jersey, United States
Type:           Permanent F/T

Closing Date:   2005-12-22

Doesn't have to have it all, or be deep in a lot of it.  Director needs someone 
that can be his primary pen tester - run Nessus, review results, write up a 
decent report.  Programming/scripting it a big plus.  Formal specs follow:
Position requires an individual with experience related to testing and 
validating exploitable conditions on devices such as web servers, mail servers, 
routers, firewalls, intrusion detection systems, etc. The individual must be 
able to document accurate findings and present detailed remediation 
requirements to management. Additionally, candidate will be responsible for 
effectively managing internal and external information security alerts, 
remediation plans, and other risk mitigation projects. Experience is required 
in application and network testing and running both automated and manual 
vulnerability assessments. Experience in .NET and ASP is highly desirable as is 
application programming experience (JavaScript, Shell Script, Perl, Python, C, 
C++, CGI, PHP, etc.).

CISSP is required &#150; CISA, CEH, SANS, UNIX certifications preferred. 
In-depth background check required




JOB REQUIREMENTS
---------------------------------------------------
&#149; Significant experience performing vulnerability testing (internal / 
external) 

&#149; Must have found vulnerabilities in previous assessments 

&#149; Evaluating fixes (patches) of vulnerabilities and malicious code (e.g., 
viruses) 

&#149; Comprehensive understanding or advanced routing, firewall and intrusion 
detection methodologies

&#149; Proficient in risk assessment/mediation methodologies

&#149; Strong operating systems experience (Windows, Linux, Solaris, etc.)

&#149; Ability to demonstrate exploitation using SQL Injection, Cross-site 
Scripting, Buffer Overflows, Parameter Tampering, Hidden Field Manipulation, 
Cookie Poisoning, SOAP and WebServices Manipulation, etc

Technical Skills:

Candidates should have significant expertise in one or more security areas, and 
should have demonstrated outstanding project management experience in a 
leadership role.

&#149; Knowledge of ethical hacking and penetration testing techniques 
including the following:

- Penetration Testing / Ethical Hacking tools and forms of attack (SQL 
Injection, Cross-site Scripting, Buffer Overflows, Session Hijacking, Hidden 
Field Manipulation, Cookie Poisoning, SOAP) and associated tools (eEye, Qualys, 
NMap, SQueaL, Foundstone, DShield, Nessus, etc.) 

- Hacker exploit scripts/programs to test whether vendor/developer patches 
operate as intended and fix the identified vulnerability or identify the 
malicious code. 

&#149; Intrusion Detection Environments and forms of attack with the ability to 
perform analysis of the systems and application logs for signs of attacks and 
intrusions 

&#149; Network Traffic Monitoring Tools 

&#149; Network Protocols (TCP/IP, NetBIOS / Netbeui, IPX, OSI) and associated 
technologies (DNS, FTP, HTTP) 

&#149; Network Topologies 

&#149; Operating Systems: Microsoft Environments, Linux, UNIX, AIX 

&#149; Knowledge of security and encryption mechanisms 

&#149; Application Servers (Websphere, Weblogic) 

&#149; Web Servers 

&#149; Network Security (VPN, SSL, Smart Cards, Biometrics) 

&#149; Cryptographic tools, methods, systems and protocols

&#149; Exceptional interpersonal communication and presentation skills is a 
must 

&#149; Strong written and verbal communications skills required.  



CONTACT
---------------------------------------------------
Please email your resume to security@infonet.bz

Infonet Resources, LLC is a retained executive search firm that has earned a 
reputation for excellence in securing leadership and intellectual capital.  
This positione reports to a Director of InfoSec we recently recruited and 
placed with our outstanding client.


Fortune 500
tim mcintyre
managing director
tim@infonet.bz



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [SJ-JOB] Jr. Security Analyst, South Brunswick, tim <=
Previous by Date:  [SJ-JOB] Information Assurance Engineer, Fairfax, paul . coleridge
Next by Date:  [SJ-JOB] Information Assurance Engineer, Kent, colleen . corbin
Previous by Thread:  [SJ-JOB] Information Assurance Engineer, Fairfax, paul . coleridge
Next by Thread:  [SJ-JOB] Information Assurance Engineer, Kent, colleen . corbin
Indexes:  [Date] [Thread] [Top] [All Lists]