---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Sr. Security Analyst
Location: Pittsburgh, Pennsylvania, United States
Type: Permanent F/T
Closing Date: 2006-11-09
The CERT Program® is part of the Software Engineering Institute (SEI), a
federally funded research and development center at Carnegie Mellon University
in Pittsburgh, Pennsylvania. CERT engages in cutting-edge research and
development, and provides robust training and education programs focused on
ensuring that software developers, Internet security experts, network and
system administrators, and others are able to resist, recognize, and recover
from attacks on networked systems.
This position is responsible for providing technical and strategic leadership
into the research, examination, and analysis of Internet computer security
trends and topics. This is considered a senior Internet Security Analyst
position.
Duties include:
-Analyzing malicious code, vulnerable software, security tools, and patches on
a variety of echnology platforms,
-Correspondence with constituencies regarding security issues,
-Analyzing and identifying security trends,
-Developing technical content for transition to constituencies,
-Software development of security tools,
-Participation in conferences, working groups, and other public forums,
-Developing relationships with key collaborators,
-Developing or oversight of development of internal systems and processes for
conducting analysis,
-Developing or oversight of development of analysis tools used to conduct
analysis of malicious code,
-Mentoring CERT/CC staff,
-Representing the CERT/CC in various technical forums,
-Contributing to the development of the strategic plans and direction of the
CERT/CC.
JOB REQUIREMENTS
---------------------------------------------------
Education/Training: BS in Computer Science or related field with ten (10)
years of applicant experience, or equivalent experience; MS in Computer Science
or related field with eight (8) or more years of applicant experience, or
equivalent experience; PhD in Computer Science with six (6) years of applicable
experience, or equivalent experience.
Experience: Experience with or expert knowledge in all of the following areas:
-system and/or network administration
-operational details of multiple operating systems
-core internet protocols (e.g., TCP/IP, UDP, DNS, SMTP, HTTP, BGP, etc.).
-reverse engineering of malicious code
-development of tools to assist system and network administrators
Experience with or substantial knowledge is preferred in many of the following
areas:
-common host-based and/or network security tools
-common types of attacks against systems and networks
-common vulnerabilities
-Internet security issues
-detailed knowledge of methods used by intruders to attack systems and networks
-theoretical underpinnings of computer security
-programming experience in multiple languages including assembly language
-best practices for secure code development
-compiler design for various operating platforms
Additionally, knowledge or familiarity with most of the following areas:
-computer security forensics
-information security tools
-computer security incident handling
-cryptography and encryption tools
-intrusion detection
Skills/Abilities:
-strong analytical and problem solving skills
-ability to develop and explain technical decisions
-ability to prioritize work
-ability to interact effectively with technical and non-technical audiences
both written and verbally
-ability to work within a closely coordinated team and independently
-ability to work calmly and well under pressure
-ability to maintain composure while dealing with difficult people
-ability to recognize and deal appropriately with confidential and sensitive
information
-ability to communicate effectively under normal and stressful situations
-ability to handle shifting priorities
-mentoring and training skills
-ability to provide technical leadership to junior and entry level staff
-ability to set priorities in a variety of technical domains
-demonstrated experience in public speaking and effective communications with a
large number of external, international collaborators and partners
-ability to serve as a facilitator in coordinating with many different parties
involved in the security of the Internet infrastructure, and to help groups
reach technical consensus
Mobility: Primarily sedentary, long periods of sitting, may have to travel to
other office locations, as well as, travel to customer sites, some bending,
stretching and lifting up to several reams of paper.
Environmental Conditions: Normal office conditions; however close contact with
CRT for prolonged periods of time.
Mental: The ability to work well under pressure of deadlines. The ability to
interact with a large number of colleagues of varying seniority.
Other: Candidates must be able to pass a background investigation, obtain a
security clearance and be a US citizen.
Please visit the Careers@CarnegieMellon web site
(https://secured.kenexa.com/cmu/cc/MyProfileAction.ss?command=MyProfile) to
create a profile and apply to this position (job number 2246).
CONTACT
---------------------------------------------------
Please visit the Careers@CarnegieMellon web site
(https://secured.kenexa.com/cmu/cc/MyProfileAction.ss?command=MyProfile) to
create a profile and apply to this position (job number 2246).
Software Engineering Institute
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
