---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Sr. Security Engineer
Location: San Francisco, California, United States
Type: Permanent F/T
Closing Date: 2007-07-06
Immediate opening for a Sr. Log Correlation Engineer to design and implement
the systems log and IDS analysis for the Systems Security Vulnerability
Management Program.
Duties and Responsibilities
1. Lead the Project to design and implement the company*s centralized Systems
Logging effort, as an integral part of the company*s Vulnerability Management
program: - Provide architectural leadership, design and project management to
ensure the company*s Centralized Systems Logging/Correlation/Reporting effort
is properly implemented.- Assist in the implementation of the Central Systems
Logging solution- Develop logging policy and standards for each logged entity
(operating systems, databases, processing platforms, applications,
vendor-supplied systems, etc.)- Implement minimum-security compliance logging
standards and procedures for each of the above log gable entities.- Develop
logging and monitoring standards and procedures for each of the segregated
network zones.- Assist in the development and rollout of network
certification/accreditation procedures based on the above network security
architecture.- Maintain the logging standards as significant changes to the
network oc
cur.
2. Assist with Network Security Policy, Standards and Procedures Development as
it pertains to logging/monitoring/IDS oversight.
3. Develop and maintain an Intrusion Management Program that includes:-
Development and implementation of Intrusion Detection (Host and Network)-
Further development and implementation of Intrusion Protection (Virus, denial
of service, etc.)- Development and implementation of Incidence Response
Procedures- Development and implementation (or facilitation of for externally
managed firewalls) Firewall security policy development and configuration
management
4. - Integrate following tools to compensate shortcomings of SIM product:
-perl &/or python scripting
-openssh / encryption basics
-unix, any flavor
-nmap
-snort or other IDS
-firm understanding of tcp/ip
-packet analysis using tcpdump or winshark
-develop monitoring / awareness / alert strategies regarding a relatively
immature industry.
-assist with developing Incident Response as it pertains to logging.
-SIM tool.
Assist in the development, maintenance and training for all systems
administration resources in Security Administration policies, standards, and
procedures for all systems, platforms, databases and applications.
5. - Conduct (or ensure they are conducted) daily/weekly/monthly/annual access
and activity reviews, as well as annual certification-of-access reviews.
6. - Facilitate and document Disaster Recovery planning and testing for
Information Systems as it pertains to the recovery of centralized logging
software and the availability of logs at the recovered site.
7. - Perform duties & responsibilities specific to department functions &
activities.
8. - Performs other duties & responsibilities as required or assigned by
supervisor.
JOB REQUIREMENTS
---------------------------------------------------
Education, Experience and/or Technical Skills: Some form of technical network
security certification preferred (SSCP) and/or CISSP.BS in Computer Science or
equivalent preferred.
Working security knowledge of: Logging tools such as Security Threat Manager,
various IDS products, Addamark*s Omnisight, Netforensics, Arcsight or
e-Security*s Sentinal. TCP/IP networks, various Windows environments, Bindview,
NT, Novell, Active Directory, VPN systems, encryption schemas and algorithms,
security tokens, various authorization and authentication mechanisms/software,
intrusion detection and protection software and methodologies, firewall design
and management experience (checkpoint, CISCO, etc., various virus
protection/detection/clean-up tools).Also prefer experience with Vulnerability
Management tools such as Ncircle and WebInspect. In depth experience with IDS
and logging tools is also preferred.Also prefer programming experience in
languages such as Perl, C++, etc., or any other current scripting
language.Ability to design security controls based on level of risk, supporting
a *defense-in-depth* network security strategy.Excellent written skills, and
proven
policy & procedures development capability.Strong project management
skills.Experience managing consultants.Ability to multi-task.Ability to design,
resource, conduct, status, and complete projects independently, with minimal
supervision.
CONTACT
---------------------------------------------------
Please email your resume in word format to Philia@trinova.com
Thank you.
TriNova, LLC
Philia Ng
philia@trinova.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
