---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Reston, Virginia, United States
Type: Permanent F/T
Closing Date: 2007-03-09
Technical Security Engineer
Requisition Number - 74702BR
www.aol.com/careers
The position is within AOL's IT Security Assurance team whose mission is to
deliver world-class security consultation, training, and risk assessment and
management services geared towards protection of AOL's information assets.
Primary Responsibilities
1. Provide security assurance, risk assessment and consultation services,
including activities such as:
- Perform security analysis and risk assessments of technical specifications
and requirements of applications and systems infrastructure.
- Conduct hands-on security evaluations, threat modeling, penetration testing,
and vulnerability assessments of applications and systems infrastructure.
2. Assist in development of technical security policies, standards, baselines
(procedures), and training/outreach programs:
- Author and maintain technical security standards to govern operational
practices within various information security subject areas [ie, operating
system security, use of encryption, network security, authentication,
authorization, and auditing (AAA), etc.]
- Develop, maintain, and deliver training content in various information
security subject areas for the purposes of employee awareness and education.
3. Engineer security solutions to protect a variety of users, applications,
platforms and computing environments, including development and maintenance of
security testing and vulnerability assessment tools, methodology, and
procedures.
JOB REQUIREMENTS
---------------------------------------------------
Skills Required
- Demonstrated knowledge of information security principles, standards,
practices and subject areas
- 4-6 years experience in performing technical security risk assessments, web
systems penetration testing, security engineering, or secure systems
development in a heterogeneous, multi-platform, multi-protocol environment
- Demonstrated knowledge of information security management and assurance
models, standards and control objectives, such as NSA IAM/IEM, ISO 17799,
Payment Card Industry Data Security Standard (PCIDSS), and Sarbanes-Oxley
- Proficiency with various network, host and application security protocols,
tools, and vulnerability assessment packages
- Excellent written and verbal communication skills and the proven ability to
present complex, technical information to both technical and non-technical
audiences
- Strong customer service and time management skills
Skills Desired
- Secure software development experience and/or solid scripting/coding skills
- Knowledge of cryptographic standards, ciphers, algorithms and PKI
Years of Experience Required
- 4-6 years of hands-on experience in information security engineering,
software engineering, or related disciplines
Education/Equiv. Experience
- Bachelor's degree, or equivalent work experience and information security
expertise
- Strongly prefer candidates possessing information security certifications,
such as CISSP or CISM
CONTACT
---------------------------------------------------
Please submit your resume/CV to SecJob [at] aol [dot] com.
AOL, LLC
Sec Job
Technical Security Engineer
SecJob@aol.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
