Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Jobs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[SJ-JOB] Security Engineer, Seattle

from [adam . ely] Network Security [Permanent Link]
Subject: [SJ-JOB] Security Engineer, Seattle
Date: 3 Apr 2008 21:49:11 -0000 
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------


JOB DESCRIPTION
---------------------------------------------------
Position:       Security Engineer
Location:       Seattle, Washington, United States
Type:           Permanent F/T

Closing Date:   2008-05-03

The Security Engineer is responsible for the administration of several security 
processes, including managing vulnerability scans and remediation efforts, 
evaluation of network connectivity and VPN access requests, and supporting 
Information Security Operations&#146; on-call schedule. The Security Engineer 
will also participate in the Security Incident Response team as needed. This 
position will also review system and firewall logs for potential security 
events. Finally, this position will help to manage system security policy 
configuration.

 
JOB RESPONSIBILITIES

* Security Process Administration.  Review, remediate, and follow-up on 
remediation of vulnerabilities identified in proactive vulnerability scans. 
Evaluate and approve firewall change requests and requests for Virtual Private 
Network (VPN) access. Coordinate/provide oversight on production password 
changes. 

* Incident Response. When needed, participate in the incident response team in 
a technical, hands-on role. Identify the root cause of security incidents. 
Independently recommend and implement solutions for limiting the scope of the 
incident. Eradicate any signs of intrusion. Work with management to recommend 
and implement additional controls to prevent future incidents. 

* Security Scanning and Monitoring. Monitor announcements of new security 
vulnerabilities. Identify vulnerabilities that are applicable to WDIG systems 
and applications, determine their severity and urgency, work with system owners 
to determine if and when corrective action will be taken, and perform necessary 
actions to ensure recommendations are implemented in a timely manner. Review 
system and firewall logs, and IDS alerts. 

* Miscellaneous Security Consulting. Provide other teams with security 
consulting services, including responding to requests for more information and 
assisting with specific projects. 

QUALIFICATIONS FOR POSITION

* Bachelor&#146;s degree in Computer Science, Information Systems, Engineering, 
or related major is desired.

* Requires 2-4 years of full-time experience in information security, including 
specific experience with firewall administration or auditing, vulnerability 
scanners, and security event monitoring.

* 3-5 years of total experience in information security, network 
administration, or systems administration is desired.

* Experience working in a high-bandwidth Internet environment is desired. 


SPECIFIC SKILLS REQUIRED

* Must be able to independently evaluate change requests to production 
firewalls and VPN access, and provide an approval recommendation based on 
information security best practices.

* Familiarity with security tools such as QualysGuard, nmap, Nessus, Sourcfire 
Intrusion Sensor and Realtime Network Awareness (RNA), CIS Scoring tools, 
Retina, etc. is desired.

* Must be familiar with PGP.

* SSCP, CISSP, or at least one GIAC certification (GSEC, GCWN, GCFW, GCIH, 
etc.) is strongly desired.

* The candidate must be able to successfully complete a criminal background 
investigation and a credit history check.


JOB REQUIREMENTS
---------------------------------------------------
JOB RESPONSIBILITIES

* Security Process Administration.  Review, remediate, and follow-up on 
remediation of vulnerabilities identified in proactive vulnerability scans. 
Evaluate and approve firewall change requests and requests for Virtual Private 
Network (VPN) access. Coordinate/provide oversight on production password 
changes. 

* Incident Response. When needed, participate in the incident response team in 
a technical, hands-on role. Identify the root cause of security incidents. 
Independently recommend and implement solutions for limiting the scope of the 
incident. Eradicate any signs of intrusion. Work with management to recommend 
and implement additional controls to prevent future incidents. 

* Security Scanning and Monitoring. Monitor announcements of new security 
vulnerabilities. Identify vulnerabilities that are applicable to WDIG systems 
and applications, determine their severity and urgency, work with system owners 
to determine if and when corrective action will be taken, and perform necessary 
actions to ensure recommendations are implemented in a timely manner. Review 
system and firewall logs, and IDS alerts. 

* Miscellaneous Security Consulting. Provide other teams with security 
consulting services, including responding to requests for more information and 
assisting with specific projects. 

QUALIFICATIONS FOR POSITION

* Bachelor&#146;s degree in Computer Science, Information Systems, Engineering, 
or related major is desired.

* Requires 2-4 years of full-time experience in information security, including 
specific experience with firewall administration or auditing, vulnerability 
scanners, and security event monitoring.

* 3-5 years of total experience in information security, network 
administration, or systems administration is desired.

* Experience working in a high-bandwidth Internet environment is desired. 


SPECIFIC SKILLS REQUIRED

* Must be able to independently evaluate change requests to production 
firewalls and VPN access, and provide an approval recommendation based on 
information security best practices.

* Familiarity with security tools such as QualysGuard, nmap, Nessus, Sourcfire 
Intrusion Sensor and Realtime Network Awareness (RNA), CIS Scoring tools, 
Retina, etc. is desired.

* Must be familiar with PGP.

* SSCP, CISSP, or at least one GIAC certification (GSEC, GCWN, GCFW, GCIH, 
etc.) is strongly desired.

* The candidate must be able to successfully complete a criminal background 
investigation and a credit history check.


CONTACT
---------------------------------------------------
Send resumes or questions to adam.ely@disney.com

The Walt Disney Company
Adam Ely
Manager, Information Security Operations
adam.ely@disney.com



---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.

http://www.securityfocus.com/jobs
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [SJ-JOB] Security Engineer, Seattle, adam . ely <=
Previous by Date:  [SJ-JOB] Sr. Security Analyst, Hartford, lfg . recruiting
Next by Date:  [SJ-JOB] Security Consultant, Copenhagen, hs
Previous by Thread:  [SJ-JOB] Sr. Security Analyst, Hartford, lfg . recruiting
Next by Thread:  [SJ-JOB] Security Consultant, Copenhagen, hs
Indexes:  [Date] [Thread] [Top] [All Lists]