There are eight people I can think of immediately (not including myself) who easily have these qualifications.
Just out of curiosity, anyone know of such a mythical beast?
I've met a lot of good and talented folks throughout the years across the country, but about as close as I could figure was roughly 3-4 of them to meet the "requirements" they want here. I'd gotten the same email, and replied to Grant as such. :)
-mb
On 12/07/2011 02:45 PM, Lisa Kachold wrote:
---------- Forwarded message -------------------------------------------------------------
From: "Grant Wills" <gwills@pdsinc.com <mailto:gwills@pdsinc.com>>
Date: Dec 6, 2011 4:27 PM
Subject: Security Engineer needed Tempe
To: "Lisa Kachold" <lisakachold@obnosis.com
<mailto:lisakachold@obnosis.com>>
I was hoping you or someone you may know might be interested in this
position with my client in Tempe. I have been finding Network Security
folks but my client really needs someone with an Infrastructure Security
background. Any referrals are appreciated! I will elaborate further upon
interest.
Job Description:
? Performing application risk assessments and threat modeling
? Administering application vulnerability scans and coordinating
remediation activities
? Review application security designs and make recommendations
? Manage and configure security database assessment and auditing tools
? Provide consultation to IT department on application security best
practices
? Ensure application and network compliance to documented IT security
policies, procedures, processes and standards requirements.
? Documentation requirements are: exceptions reports, audit/review
reports, technical/process recommendations, reporting of security
statistics/metrics, technical standards, procedures, and guidelines, etc.
____
Skills Requirements:
? 3-5 years experience in an Application Security role. Certified
Information Systems Security Professional (CISSP) or other Security
certification strongly preferred.
? Strong development experience is a must as well as the ability to work
with development teams to resolve issues and improve awareness around
secure coding practices, including experience inserting information
security controls and checkpoints into the application design process.
? Strong knowledge in standard software development applications,
Windows UNIX, and database environments including SQL, DB2, Oracle and
Sybase. Working knowledge of how to build secure web applications.
? Experience using code, web and database scanners.
? Experience with Appscan, HP WebInspect, NESSUS, and other application
assessment tools.
? Familiar with risk analysis and risk management methodologies.
? Solid understanding of application vulnerabilities and
countermeasures. Must be able to provide and recommend remediation
approach and not just provide vulnerability information.
? Excellent communication skills (both oral/written); documentation
requirements are: exceptions reports, audit/review reports,
technical/process recommendations, reporting of security
statistics/metrics, technical standards, procedures, and guidelines, etc.
? Demonstrated ability to work effectively in a fast-paced, high volume,
deadline-driven environment. Self-directed and motivated, with ability
to work independently, as well as collaboratively in a team environment.
Professional maturity in dealing with all levels of management and staff.
Summary:
Designs, codes, tests, debugs and documents complex operating software
applications.
Alters and/or maintains applications dealing with the overall operating
system, such as sophisticated file maintenance routines, large
telecommunications networks, computer accounting and advanced
mathematical/scientific software packages.
Supports and/or installs complex software applications.
Participates in the testing process through test review and analysis,
test witnessing and certification of software.
Performs hardware optimization through software benchmarking.
May provide direction and support to less experienced software engineers
to orient them and increase their understanding of more complex software
engineering.
Maintains and increases professional and technical knowledge and
currency by attending workshops, reviewing professional publications,
establishing personal networks, and participating in professional societies
Performs other duties as assigned or apparent.
A thorough knowledge and understanding of computer science as typically
obtained through the completions of a Bachelor's degree in computer
science or a related field.
Must have sufficient educational background and/or experience to qualify
incumbent to work at the highest technical level on all phases of
software systems programming applications. Four -six years of software
programming or experience in a related field is preferred.
A significant understanding and knowledge of commonly used concepts,
practices and procedures within the software programming field is required.
Experience with the supervision or direction of other software
development staff preferred.
Grant D. Wills
*Productive Data Solutions, Inc. (PDS)*
480-264-0228 <tel:480-264-0228> Office ____
602-697-7156 <tel:602-697-7156> Cell
877-279-7379 <tel:877-279-7379> Toll Free
480-907-2771 <tel:480-907-2771> eFax
950 W. Elliot Road, Suite 106
Tempe, AZ 85284
http://www.pdsinc.com <http://www.pdsinc.com/>____
http://www.linkedin.com/pub/grant-wills/1/5a/724____
Make it a Productive day____
File #5F6B781A082C2376
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss