[Plug-security] Security Engineer Tempe

Lisa Kachold lisakachold at obnosis.com
Wed Dec 7 14:45:54 MST 2011


---------- Forwarded message ----------
From: "Grant Wills" <gwills at pdsinc.com>
Date: Dec 6, 2011 4:27 PM
Subject: Security Engineer needed Tempe
To: "Lisa Kachold" <lisakachold at obnosis.com>

I was hoping you or someone you may know might be interested  in this
position with my client in Tempe. I have been finding Network Security
folks but my client really needs someone with an Infrastructure Security
background. Any referrals are appreciated! I will elaborate further upon
interest.

Job Description:

? Performing application risk assessments and threat modeling
? Administering application vulnerability scans and coordinating
remediation activities
? Review application security designs and make recommendations
? Manage and configure security database assessment and auditing tools
? Provide consultation to IT department on application security best
practices
? Ensure application and network compliance to documented IT security
policies, procedures, processes and standards requirements.

? Documentation requirements are: exceptions reports, audit/review reports,
technical/process recommendations, reporting of security
statistics/metrics, technical standards, procedures, and guidelines, etc.

** **

Skills Requirements:

? 3-5 years experience in an Application Security role. Certified
Information Systems Security Professional (CISSP) or other Security
certification strongly preferred.

? Strong development experience is a must as well as the ability to work
with development teams to resolve issues and improve awareness around
secure coding practices, including experience inserting information
security controls and checkpoints into the application design process.

? Strong knowledge in standard software development applications, Windows
UNIX, and database environments including SQL, DB2, Oracle and Sybase.
Working knowledge of how to build secure web applications.

? Experience using code, web and database scanners.
? Experience with Appscan, HP WebInspect, NESSUS, and other application
assessment tools.
? Familiar with risk analysis and risk management methodologies.
? Solid understanding of application vulnerabilities and countermeasures.
Must be able to provide and recommend remediation approach and not just
provide vulnerability information.

? Excellent communication skills (both oral/written); documentation
requirements are: exceptions reports, audit/review reports,
technical/process recommendations, reporting of security
statistics/metrics, technical standards, procedures, and guidelines, etc.

? Demonstrated ability to work effectively in a fast-paced, high volume,
deadline-driven environment. Self-directed and motivated, with ability to
work independently, as well as collaboratively in a team environment.
Professional maturity in dealing with all levels of management and staff.

Summary:

Designs, codes, tests, debugs and documents complex operating software
applications.

Alters and/or maintains applications dealing with the overall operating
system, such as sophisticated file maintenance routines, large
telecommunications networks, computer accounting and advanced
mathematical/scientific software packages.

Supports and/or installs complex software applications.

Participates in the testing process through test review and analysis, test
witnessing and certification of software.

Performs hardware optimization through software benchmarking.

May provide direction and support to less experienced software engineers to
orient them and increase their understanding of more complex software
engineering.

Maintains and increases professional and technical knowledge and currency
by attending workshops, reviewing professional publications, establishing
personal networks, and participating in professional societies

Performs other duties as assigned or apparent.

A thorough knowledge and understanding of computer science as typically
obtained through the completions of a Bachelor's degree in computer science
or a related field.

Must have sufficient educational background and/or experience to qualify
incumbent to work at the highest technical level on all phases of software
systems programming applications.  Four -six years of software programming
or experience in a related field is preferred.

A significant understanding and knowledge of commonly used concepts,
practices and procedures within the software programming field is required.

Experience with the supervision or direction of other software development
staff preferred.



Grant D. Wills
*Productive Data Solutions, Inc. (PDS)*
480-264-0228 Office ****

602-697-7156 Cell
877-279-7379 Toll Free
480-907-2771 eFax
950 W. Elliot Road, Suite 106
Tempe, AZ 85284
http://www.pdsinc.com ****

http://www.linkedin.com/pub/grant-wills/1/5a/724 ****

Make it a Productive day****





File #5F6B781A082C2376
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.PLUG.phoenix.az.us/pipermail/plug-security/attachments/20111207/0f3dad31/attachment.html>


More information about the Plug-security mailing list