Security Engineer more… ▼
Location: | San Diego, CA |
Company: | Structure Networks Inc. |
First posted: | March 17, 2015 |
Structure Networks is in search of an Infrastructure Security Engineer for our client in San Diego, CA Duration 6-12 months Qualifications bull Strong knowledge of web application methods, protocols, and vulnerabilities bull MS in Computer Science or equivalent desired bull Emerging company-wide reputation in the field of information security bull Consistent implementation of security solutions at the business unit level bull At least 2 years experience in infrastructure or application-level vulnerability testing and auditing bull At least 5 years of system, network andor application security experience bull At least 5 years of experience involvement with development team(s) that delivered software or software-based services (development, QA testing, or security role) bull Experience with securing Industrial Control Systems (SCADA) is desired.
bull Experience working in Energy Sector is a plus.
bull Strong experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security bull Knowledge of network and web related protocols (e.g.
, TCPIP, UDP, IPSEC, HTTP, bull HTTPS, routing protocols) bull Experience coding in, or making security recommendations for, C, C++, Java andor .Net frameworks bull Experience coding in, or making security recommendations for, client-side technologies like Javascript, Ajax, andor Flash bull Able to describe, identify, and defend against current XSS, SQL, XML, and other web-based attacks bull Knowledge of common SSL, hashing, and symmetric encryption, especially in Java and .Net environments bull Exposure to secure architecture patterns bull Able to articulate risk modeling and able to communicate technical concepts in simple terms both verbally and in written reports bull Experience with service-oriented architecture and web services security desired bull Experience with the application of threat modeling or other risk identification techniques bull Detailed knowledge of system security vulnerabilities and remediation techniques, including penetration testing and the development of exploits is desired bull Scripting skills (e.g.
, PERL, shell scripting) desired bull Results oriented, high energy, self-motivated bull Excellent written and clear verbal communication skills bull Excellent leadership skills and teamwork skills Responsibilities bull Identify security issues and risks, and develop mitigation plans bull Architect, design, implement, support, and evaluate security-focused tools and services including project leadership roles bull Interpret security policies and procedures to Business and IT bull Participate in security compliance efforts (e.g.
, NERC-CIP, SOX) bull Acquisition and vendor risk assessment due diligence bull Perform Security Risk Assessments on large and medium programs and projects bull Experience with security frameworks such as NIST 800-53 bull Evaluate and recommend new and emerging security products and technologies bull Participate in projects that develop new intellectual property and ensure security policies, requirements, best practices, etc.
are applied bull Evangelize security within Company and be an advocate for customer trust.
Qualified candidate needs to be personable, be prepared to speak to Information Security issues and topics to large groups including Program Managers, IT Technical Leads, Managers, and possibly Director level.
While having a positive attitude when dealing with our business clients and other IT teams when discussing security topics.
Comments Special Instructions Qualified candidate needs to be personable, be prepared to speak to Information Security issues and topics to large groups including Program Managers, IT Technical Leads, Managers, and possibly Director level.
While having a positive attitude when dealing with our business clients and other IT teams when discussing security topics.
|
EmoticonEmoticon