Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Application Security Architect, Hong Kong

from [iain] Network Security [Permanent Link]
Subject: [SJ-JOB] Application Security Architect, Hong Kong
Date: 20 Apr 2007 19:19:19 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Application Security Architect
Location:       Hong Kong, , China
Type:           Permanent F/T

Closing Date:   2007-05-17

Security Integrator

Reference No.   SF-208
Company Global Financial Organisation
Location        Hong Kong
Salary  Dependent upon skills and experience
Start Date      ASAP
No. Required    1
The Role
This is a highly leveraged, internal consulting position within the Banks IT 
Security organization with excellent potential for growth. The Security 
Integration team works with IT groups on a global basis to ensure that IT 
projects are executed on a secure basis.  The Security Integrator is expected 
to provide technical leadership to these teams, which are themselves extremely 
technical organizations. Some of the specific roles and responsibilities for 
this position are:
&#149;  Subject Matter Expert on IT security across a variety of platforms.
&#149;  Lead architecture design and review sessions with IT teams to ensure 
that security is incorporated into projects at the earliest stages by 
identifying potential risks and threats as well as mitigating designs or 
controls.
&#149;  Provide specific engineering expertise into tactical project tasks. 
Such areas might include securing databases, implementing encryption, 
configuring wireless networks, etc.
&#149;  Help identify areas of infrastructure the Firm might want to invest in 
to improve further the discipline of IT security. This could include commercial 
tools, internally developed libraries, certification courses, and so forth.
Skills Required 
Strong interpersonal skills are critical, since the individual will be 
interacting with IT clients and executives around the world, and must be able 
to effect change and influence decisions.
Platform:  Although this role is not systems administration position, the 
candidate must have deep knowledge of at least one primary operating system 
(Unix or Windows), the configuration and management of that platform at an 
enterprise scale, the security risks to that platform, and how to mitigate 
those risks.
Network security:  The candidate will be expected to understand thoroughly the 
standard network model and the risks present at each layer, the functions of 
network equipment such as switches, routers, firewalls, proxies, and 
load-balancers, and to understand network architecture.
Multi-tier application security: Many of our most important applications are 
multi-tier applications, and the candidate will be expected to understand how 
to secure all layers of an n-tier application.  This includes applications 
incorporating web services.  
Authentication issues: An understanding of system authentication technologies 
(Active Directory and Kerberos in particular) and broad understanding of the 
concepts of Identity Management technologies (SiteMinder, SAML, Liberty 
Alliance, WS-Security) is key.
Experience in formulating policy and ensuring compliance with regulatory 
requirements
Across all topics, candidate should have expertise with security-related topics 
such as authentication mechanisms, data protection, validation checking, 
encryption, hashing, principle of least privilege, software attack 
methodologies, physical security, social engineering, etc.  Genuine expertise 
is required here, as the candidate will be extensively tested on security 
principles.
Additional:
Experience in financial services is highly desired.
Security expertise in multiple operating systems is strongly preferred.
Programming:  Experience with C/C++, Java, C# / .NET, Perl, and shell 
programming would be beneficial.
Automated testing tools:  Experience with automated vulnerability assessment 
tools (Watchfire), or with more general purpose testing tools (such as Purify).
Database design and security issues.
Educational requirements
Bachelors Degree with min 5+ yrs relevant work experience in high-paced, 
enterprise environment.




JOB REQUIREMENTS
---------------------------------------------------
Candidates must be able to speak Cantonese


CONTACT
---------------------------------------------------


Information Security Solutions
Iain Sutherland

iain@InformationSecuritySolutions.com



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [SJ-JOB] Application Security Architect, Hong Kong, iain <=
Previous by Date:  [SJ-JOB] Security Engineer, Mountain View, jobposting
Next by Date:  [SJ-JOB] Management, Mountain View, pberi
Previous by Thread:  [SJ-JOB] Security Engineer, Mountain View, jobposting
Next by Thread:  [SJ-JOB] Security Engineer, London, start
Indexes:  [Date] [Thread] [Top] [All Lists]