From: jackschwartz@
Sent: Monday, July 06, 2009 10:44 PM
To: joec@idsi.net
Subject: WE'VE SPOKEN BEFORE: I am recruiting for a Sr Security Engineer in the Allentown PA area. Salary: $80-130K.CAN YOU RECOMMEND ANYONE? Please forward on to others. EMAIL OPTOUT BELOW
Overview:
Support the technical operations of securing the IT resources in accordance with Corporate policies, industry regulations, and industry accepted best practices.Highly technical operations position requiring experience with security technology (e.g., firewalls, proxies, IDS, PKI, virus protection, patching, etc.) and common infrastructure technology (e.g., Unix, Microsoft Windows, Cisco routers, protocol analyzers, etc.). This individual will have a supporting role in implementing and maintaining the security logging and reporting for the entire IT infrastructure. In addition, this individual will perform routine auditing of system compliance with configuration standards, change controls, and privileged access.
Responsibilities:
Assist in the building & administer IT infrastructure logging system. Automate the gathering, parsing, & reporting of security events from various security components including firewalls, proxies, intrusion detection systems, host based intrusion prevention systems, virus protection systems, authentication systems (AD, LDAP, RADIUS, RSA, etc.), UNIX (AIX and Redhat), Microsoft Windows, routers, middleware, web systems, & database systems (UDB, Oracle, Microsoft SQL Server). Review privileged access to hosts, and confirm appropriate use of access controls including two-factor authentication and RADIUS.
Perform routine auditing of system configuration compliance with established build standards. Verify changes are in accordance to change control management.
Provide IT security governance by working closely with IT and business teams to ensure that security policies are followed as intended. Continuously improve procedures, policies, and practices in a joint effort with the CSO, Enterprise Architecture and Engineering team. Make technical and product recommendations.
Assist with design and implementation of security controls as part of security initiatives
Assist with Acceptable Use Policy enforcement, routine security control reporting, incident response, and forensic investigations associated with IT security events
IT experience in the information security field - Experience with some and knowledgeable of most of the following security technology areas: Security Architectures for Internet, security logging, Firewall, Proxies, VPN, access control, authentication systems, Virus Protection, Certificates and Public Key Infrastructure, Two-factor Authentication, Encryption, Ethical Hacking, Intrusion. Audit, Security, and System Certifications desired: CISSP, CISA, GSNA, Security+, GCWN, GCIH, MCSE: Security, GCIA, GCFW, GCIH, GCUX
Qualifications:
* IT experience with large scale log infrastructure implementation and administration.
* Advanced experience with shell scripting and programming using Perl or Python
* Common Security Standards and Regulatory Requirements for large enterprises (ISO 17799, NIST Orange Book, RFC 2196 - Site Security,Handbook, HIPAA, GLBA, etc.)
* Understanding of common IT security exposures and risk mitigation.
* Experience with process re-engineering, security & business apps implementation, network & host security controls, system recovery, & distributed sys/admin
* Familiarity with common security incident response processes and tools
* Familiarity and participation in recognized external security associations
* Hands-on expertise with security event monitoring, correlation and investigation
* Knowledge of common IT auditing techniques and tools.
* Comprehensive knowledge of common open source logging tools such as swatch, logger, and syslog duplicators
* Comprehensive knowledge of commercial logging solutions such as Tivoli Enterprise Console and Log adapter, ArcSight, Rippletech Logcaster, Consul, etc.
* Comprehensive knowledge of common authentication systems such as RADIUS, LDAP, AD, RSA, Kerberos, etc.
* Comprehensive knowledge of common business operating systems including: Windows NT / 2K / XP / 2003; Unix (IBM AIX); Linux (Redhat)
* Broad understanding of security and system logging associated with common business middleware and web application servers including: Microsoft .Net Server; Microsoft IIS; IBM Websphere Application Server and Portal Server; IBM LDAP; Tivoli Access Manager; Lotus Notes; Apache Web Server
* Familiarity with SQL concepts and common database software from IBM, Oracle, Microsoft, and Sybase.
* Expertise with Computer Forensics tools
* Knowledge of Security Best Practices
* Understanding of Change Control & Configuration Management using products like Tripwire
* Contributor to Process Improvement and Quality Initiatives
* Occasional on-call obligations
I AM SENDING THIS TO YOU BASED UPON PREVIOUS CONTACT. However, I respect your privacy. If you do not wish to be contacted by us for suitable job opportunities, for yourself and/or for your friends/associates, please reply to this e-mail with "Remove Me" in the subject line. You will be removed from the list within 24 hours". Here is my bio:
JACK SCHWARTZ is the Managing Director of Staffing at ITech Recruiting LLC. Previously, he was a V.P., Staffing Services at The Ayers Group, and he ran the I.T. Contingency Search Practice for The Jarvis Walker Group (JWG). Before JWG, Jack was the Chief Information Officer of the NPD Group, a market research firm. Prior to NPD, he managed three metropolitan area offices for Source EDP, a national IT search firm, and was a Senior Director of Applications Development for the Federal Reserve Bank of New York. Jack has a BS and an MS in Engineering from Cornell University and an MBA in Finance from the Stern School of Business of N.Y.U.
Jack M Schwartz
Managing Director
ITech Recruiting LLC
516-826-4640 office
516-524-6010 cell
jackschwartz@
Checked by AVG - www.avg.com
Version: 8.5.375 / Virus Database: 270.13.8/2224 - Release Date: 07/08/09 05:53:00
__._,_.___
Change settings via the Web (Yahoo! ID required)
Change settings via email: Switch delivery to Daily Digest | Switch format to Traditional
Visit Your Group | Yahoo! Groups Terms of Use | Unsubscribe
.
__,_._,___
No comments:
Post a Comment