---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Auditor
Location: San Jose, California, United States
Type: Permanent F/T
Closing Date: 2006-09-25
Our Northern California San Jose and San Francisco offices are seeking high
caliber, experienced, professionals with solid IT security and audit
backgrounds (network, application, database and operating system layers). In
this high visibility position, you will part of the IT-Technology Risk
Management team tasked with providing risk related technology services and
solutions for Jefferson Wells’ clients. Services and solutions include
(but are not limited to) vulnerability assessments and penetration testing (web
and client-server applications, database, network, and OS), secure code
assessments, secure information architecture design assessments, secure network
designs, compliance readiness (SOX, PCI, SAS70s, etc), wireless security,
business continuity management, and IDS design and implementation.
If you have a minimum of 5 years experience in the areas of IT-infrastructure
risk assessment, PCI, HIPAA, SOX, SAS-70, Cobit/ISO17799, Grahm-Leach-Bliley
Act, PII, Safe Harbor, Data Privacy, we should talk about the excellent future
you can have with Jefferson Wells.
JOB REQUIREMENTS
---------------------------------------------------
Bachelor’s degree in information technology or related area; minimum 7
years experience in the general areas of technology risk management, project
planning and Sox compliance, the professional service experience is a plus;
broad understanding of information security, information technology auditing
compliance and business continuity management; strong communication and
customer service skills.
Experience performing vulnerability assessments and/or penetration testing and
general security auditing include (but not limited to):
Windows Active Directory NetworksUNIX/Linux/BSD
Cisco Network Devices (Routers-Switches-Firewalls-VPNs)
Other Network Devices
CheckPoint Firewalls
Web-based Applications
Oracle Applications and DatabasesMicrosoft SQLServer
SAP
IDS Systems
Wireless Systems
Possess knowledge and experience with:
nmap, nessus, Critical Watch, Appscan, App Detective, Metasploit Framework,
Jack the Ripper, Lophtcrack, Wireshark/Ethereal, Netcat, Hping2, Kismet,
TCPDump, Cain, Tiger, Ettercap, nikito, THCHydra, Paros Proxy, Dsniff,
NetStumbler, GFI Languard, Superscan, Retina, RAT, Tripwire, Web Inspect, Core
Impact, RainbowCrack, QualisGuard, SARA, cheops-ngperl, python, ruby, Java,
Javascript, VBscript, C, shell code, wsh.
Experience with the design and implementation of:
Business Continuity Systems
Intrusion Detection/Prevention Systems
Information Security Offices
IT Policies, Standards, Procedures, Controls and Testing
IT Audit Offices
Preferred certifications:
Cisco, Microsoft, RedHat, CISSP, CISM, CISA, ABCP or CBCP, SANS, and CANSEC
West Dojo belts.
CONTACT
---------------------------------------------------
Please email a cover letter and a copy of your resume.
Place TRM-SecFoc in Subject line of email.
Jefferson Wells
Recruit.USFRA@jeffersonwells.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
