Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Application Security Engineer, New York

from [ryan . brogan] Network Security [Permanent Link]
Subject: [SJ-JOB] Application Security Engineer, New York
Date: 3 Dec 2007 23:57:58 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Application Security Engineer
Location:       New York, New York, United States
Type:           Permanent F/T

Closing Date:   2007-12-27

This position is expected to evaluate business project requirement, assess 
information security risks to the company and provide solutions to reduce risk 
through the use technology, awareness/training and process. This position will 
play a consulting role in all phases of projects by providing Information 
Security guidance and recommendations. This position ensures that in-house 
developed applications and vendor products comply with all relevant and 
applicable information security and privacy regulations and best practices.

Key Accountabilities:
&#149; Support existing client, vendor, and IT relationships, and achieve 
desirable project results.
&#149; Research and participate in the acquisition of new and relevant 
information security technologies.
&#149; Participate in benchmarking, evaluation and selection of new information 
security tools 
&#149; Develop and maintain understanding of regulations impacting information 
security, privacy and compliance
&#149; Understand and tactically execute information security goals.
&#149; Develop and deliver awareness and training materials for Information 
Security and Privacy policies and procedures 
&#149; Manage and maintain key Information Security tools use for compliance, 
incident response and assessment purposes.
&#149; Create and maintain documentation on information security policies and 
procedures 
&#149; Conduct risk assessment and information security and privacy reviews; 
participate in information security project checkpoints
&#149; Consults with IT and business management in the development of tactical 
security plans and directions to assure proper security and privacy controls 
have been implemented. 
&#149; Act as part Information Security Incident Response team including 24/7 
on-call rotation.
&#149; Maintain and enhance hands on technical skills as well as tactical 
understanding of information security concepts and best practices 
&#149; For Information Security projects: create project charter and detailed 
project plan; support project budgeting; manage task execution; craft and 
distribute stakeholder communications 


JOB REQUIREMENTS
---------------------------------------------------
Key Competencies:
&#149; Able to act as part of team and lead teams as necessary.
&#149; Working knowledge of technology trends and tools 
&#149; Competent in a variety of communication skills (interpersonal, formal 
presentation, meeting management, and conflict resolution) 
&#149; Demonstrated innovation skills

Functional/Technical
&#149; Demonstrated expertise in technical requirements gathering 
&#149; Highly proficient in logical and physical database design 
&#149; Demonstrated mastery of application security techniques and best 
practices 
&#149; Demonstrated knowledge of application development and/or configuration 
Java, Perl, C#
&#149; Working knowledge of software vulnerabilities (i.e., SQL Injection, XSS, 
buffer overflows).
&#149; Competent in application troubleshooting and problem resolution 

Supervision:
It is expected that the Information Security Engineer will report to the Senior 
Director of Information Security and require a moderate level of direct 
supervision. On a project basis, the position may also be supervised by 
additional managers and senior level team members.

May supervise, guide and provide training to the Information Security staff and 
consultant. Assists the Senior Director in the review and evaluation of the 
work of the staff, planning, organizing and controlling the activities of the 
section and in the development of the overall project plans and timetables. 

Certifications preferred, but not required:
&#149; CISSP, CISM, CISA, GIAC

Minimum Years Experience:
3 years in IT industry


CONTACT
---------------------------------------------------
Please email your resume to ryan.brogan@timewarner.com

Time Inc.
ryan brogan

ryan.brogan@timewarner.com



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [SJ-JOB] Application Security Engineer, New York, ryan . brogan <=
Previous by Date:  [SJ-JOB] Sr. Security Engineer, McLean, john
Next by Date:  [SJ-JOB] Application Security Architect, Cincinnati, rachel . wiesman
Previous by Thread:  [SJ-JOB] Sr. Security Engineer, McLean, john
Next by Thread:  [SJ-JOB] Application Security Architect, Cincinnati, rachel . wiesman
Indexes:  [Date] [Thread] [Top] [All Lists]