---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Seattle, Washington, United States
Type: Contract
Closing Date: 2006-05-26
The Security Engineer is responsible for the administration of several security
processes, including remediation of vulnerability scans, evaluation of firewall
change requests, and coordinating production password changes in response to
employee terminations. The Security Engineer will also participate in the
Security Incident Response Team as needed. This position will also review
system and firewall logs for potential security events. This position will help
to manage system security policy configuration. Finally, the Security Engineer
will provide security consulting services to other departments as needed.
JOB RESPONSIBILITIES
35% Security Process Administration.
Review, remediate, and follow-up on remediation of vulnerabilities identified
in proactive vulnerability scans. Evaluate and approve firewall change requests
and requests for Virtual Private Network (VPN) access. Coordinate/provide
oversight on production password changes.
5% Incident Response.
When needed, participate in the incident response team in a technical, hands-on
role. Identify the root cause of security incidents. Independently recommend
and implement solutions for limiting the scope of the incident. Eradicate any
signs of intrusion. Work with management to recommend and implement additional
controls to prevent future incidents.
45% Security Scanning and Monitoring.
Monitor announcements of new security vulnerabilities. Identify vulnerabilities
that are applicable to WDIG systems and applications, determine their severity
and urgency, work with system owners to determine if and when corrective action
will be taken, and perform necessary actions to ensure recommendations are
implemented in a timely manner. Review system and firewall logs, and IDS
alerts.
15% Miscellaneous Security Consulting.
Provide other teams with security consulting services, including responding to
requests for more information and assisting with specific projects.
JOB REQUIREMENTS
---------------------------------------------------
QUALIFICATIONS FOR POSITION
Bachelor’s degree in Computer Science, Information Systems, Engineering,
or related major is desired
Requires 2-4 years of full-time experience in information security, including
specific experience with firewall administration or auditing, vulnerability
scanners, and security event monitoring
SSCP certification or at least one GIAC certification (GSEC, GCWN, GCFW, GCIH,
etc.) is strongly desired
3-5 years of total experience in information security, network administration,
or systems administration is desired
Experience working in a high-bandwidth Internet environment is desired
SPECIFIC SKILLS REQUIRED
Must be able to independently evaluate change requests to production firewalls,
and provide an approval recommendation based on information security best
practices
Familiarity with security tools such as nmap, Nessus, Tenable Lightning and
Thunder consoles, Sourcfire Intrusion Sensor and Realtime Network Awareness
(RNA), CIS Scoring tools, Retina, etc. is desired
Must be familiar with PGP
The candidate must be able to successfully complete a criminal background
investigation and a credit history check
CONTACT
---------------------------------------------------
If interested in this position, please apply online at
http://agilerecruiter.com/agilecan/starthere.php?job=518
Walt Disney Internet Group
Alie Degon
alie@metajiva.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
