HI *Urgent requirement*
*Please e-mail me on nik...@rgtalent.com <nik...@rgtalent.com>* I have an urgent requirement with one of my clients, details given below. If you find your self suitable for the position, please send me your latest updated resume along with contact details. Please include your employer details as well. *Job Title* Security Testers *Project Location* Washington, DC *Duration* 12 months /Contract *Skills Required and Job Description:* *MOI:-Telephonic+FacetoFace* *NEED GC OR USC ONLY* * MUST HAVE* 1. *1. PENETRATION TESTING* 2. *2. VULNERABILITY ASSESSMENTS* 3. *3. WEB APPLICATIONS – MENTIONED BELOW* 4. *4. AUTOMATION TESTING TOOLS* *DO NOT SEND CANDIDATES IF THEY DO NOT HAVE 1-4 ABOVE* Successful candidates must possess a thorough working knowledge of common commercial and/or open source vulnerability assessment tools and techniques used for evaluating operating systems, databases and web applications. Successful candidates should be generally familiar with the Federal Executive security assessment and authorization processes; experience with the NIST 800 series of documents would be advantageous. Successful candidates must be able to quickly master new technology / software for the purposes of evaluating or subverting the security functionality of the technology / software. The security projects undertaken by the Security Test Team range in complexity and duration but typically require two weeks planning, two weeks testing, and two weeks to analyze information and report findings. The level of effort for each assessment varies dependent on the size and complexity of the system tested and the technologies employed. *DELIVERABLES DESCRIPTION:* Candidate will provide technical information system security testing in support of the judiciary security risk management process. Techniques used in the security assessment and technical testing efforts include in-depth network and application vulnerability testing (both automated and manual testing), demonstrable false positive validation. Automated testing will include tools such as: Tenable Nessus, Cenzic Hailstorm, BurpSuite Professional, DBProtect, Core Impact, Nmap, Metasploit, and other tools found in the BackTrack and Samurai Web Testing Framework distributions. The candidate shall develop documentation in support of testing efforts that may include: Test Plans, Preliminary Findings Reports, Security Assessment Reports, and other, similar test artifacts, as required by the government. *Operating Systems*: expert understanding of the following operating systems and their related security concerns: • Microsoft Windows desktop/server operating systems (Microsoft Windows 2000 and up) • UNIX and Linux, especially Ubuntu, Red Hat Enterprise, SUSE Enterprise, and knowledge of UNIX variants • Apple OS X operating systems *Web Applications & Technologies*: advanced understanding of application programming languages, application servers, web services, browser technology, common vulnerabilities, security best practices, and automated assessment tools and manual testing techniques specific to web applications. Working knowledge of JavaScript, AJAX, PHP, Perl, SOAP-based web Services and ability to perform code review in Java, C# and/or .Net. *Enterprise Solutions, Storage & Databases*: advanced understanding of relational database, database management systems, enterprise storage solutions, and security concerns specific to these technologies. *Software Programming*: experience with Java, Microsoft .NET, Python, Perl, Ruby, Linux/UNIX Shell Scripting. In addition to one or more of the critical skills listed above, all candidates must be knowledgeable in the following areas: All candidates shall be comfortable using, configuring, troubleshooting, and administering both Linux and Microsoft operating systems with extensive experience with at least one of these operating systems. Have a broad knowledge of security best practices, security solutions, and methodologies for conducting advanced security assessments, to include manual assessments and malicious user testing. Have a broad and expert knowledge of security assessment tools and manual security testing techniques. Advanced understanding of security tool strengths and weaknesses and ability to select, configure, troubleshoot and use the best “tool for the job”. Have a broad knowledge of cyber security threats and techniques used by adversaries to compromise systems – both technical and non-technical techniques. Have the ability to think creatively, to think critically, to analyze complex concepts, to articulate themselves clearly and concisely, and to conduct themselves in a professional manner. Possess technical certifications specific to a critical skill; evidenced by possessing one of the following certifications or an equivalent certification: Certified Information Security Professionals (CISSP), SANS GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN), or GIAC Certified Web Application Penetration Tester (GWAPT). Thanks & Regards, *Nikhil Gupta* *Technical Recruiter * *RG Talent Inc* *39120 Argonaut way* * Suite # 157, Fremont CA 94538* Phone : 510-443-0758 Ext - 114 Email : nik...@rgtalent.com URL : www.rgtalent.com -- You received this message because you are subscribed to the Google Groups "Citrix and Sap problems" group. To unsubscribe from this group and stop receiving emails from it, send an email to citrix-and-sap-problems+unsubscr...@googlegroups.com. To post to this group, send email to citrix-and-sap-problems@googlegroups.com. Visit this group at http://groups.google.com/group/citrix-and-sap-problems. For more options, visit https://groups.google.com/d/optout.
