*Hi,* *Kindly let me know if you are comfortable on below position.*
*Position: **Security Engineer* *Duration: 6 Month* *Location: Dallas, TX* *(Need Locals only) Interview: Phone Interview/Face to Face Interview* *MUST BE IN DALLAS AREA. FACE-TO-FACE INTERVIEW IS REQUIRED!* *Visa Status: MUST BE EAD AWAITING GREEN CARD, GREEN CARD, or U.S. CITIZEN* *H1 will not work* *JOB DESCRIPTION:* Security Engineer *Job Description* *JOB PURPOSE:* Working with various IT and business teams, act as a subject matter expert who diligently assists with the maintenance and improvement of security with the company. Design, deploy, administer and maintain information security architecture utilizing a thorough understanding of available technology, tools, and techniques. Evaluate, implement, and maintain security standards and practices with direction from Information Security Leadership. *KEY RESPONSIBILITIES:* • Ensure that all systems, applications, endpoints, and networks have appropriate and adequate security controls in place, and create structures to ensure the ongoing maintenance and effectiveness of these controls. • Assist project design, development, testing and deployment teams to ensure that all applications meet security requirements and are coded in a secure manner. • Gain widespread support and compliance with information security requirements & standards. Regularly monitor compliance through log reviews; respond to intrusion alerts, etc. • Serve as the technical lead/technical subject matter expert on the Incident Response Team in responding to various security incidents such as denial of service attacks, virus/worm infestations, security breaches and questionable internal activities. • Working with IT Leadership and the Security Architecture group, research, recommend, and evaluate commercial information security products and services to determine which of these should be adopted by or tested by the company. • Provide special technical guidance and recommendations to co-workers about the risks and control measures associated with new and emerging information system technologies. • Participate as a technical subject matter expert in periodic information systems risk assessments and code reviews, including those of new or significantly enhanced business applications and their underlying supporting infrastructures. • Assist in the preparation and periodic update of information security policies, architectures, standards, reports and other technical requirements documents needed to enhance security. • Assume leadership roles in the development of detailed proposals and plans for new information security systems that would reduce operational risk, augment the capabilities or enable new capabilities for the company. • Assist with the research, evaluation, selection, installation, configuration and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements. • Identify and determine causes of security violations and verify/assist in the corrective actions to assure data and application security. • Interact with internal and external auditors as needed to ensure regulatory and policy compliance. *JOB REQUIREMENTS:* • Bachelor’s degree in related field preferred. • At least five or more years relevant work experience. • Experience working with Websense, Tipping Point, Blue Coat, Cisco IOS, IDS/IPS, anti-virus software, advanced anti-malware, and MS Windows Server, Unix/Linux systems, Windows desktop systems and Mac O/S. Knowledge of mobile (phone and tablet) device and application security is also required. • Experience working with Agile development methodologies and teams. • Extensive knowledge and hands-on experience with secure web application architecture, design, and coding techniques • Demonstrated understanding of security business controls, strategies, and methodologies as well as knowledge and experience with at least some of the following technologies; firewalls; intrusion detection; directory services; web access controls; advanced authentication methods; public key infrastructure (PKI); VPN; TCP/IP; anti-virus, single sign on; and audit; diagnostics, and forensic tools. • Strong background in data protection via PKI and various other encryption methods. • Experienced in creating secure & compliant services and applications supporting a range of regulations, including but not limited to, PCI-DSS and PABP, SOX, FACTA & FACTA “red flags” provisions, US state data privacy, and GLBA. • Expert in secure user authentication and authorization, multi-factor access controls, and role-based access controls (RBAC). • Experienced with using the Open Web Application Security Project (OWASP) and CEW/SANS web security standards to design and build secure web sites and applications • Experience with Code reviews of Perl, Python, Ruby, Java, Java Swing, HTML, XML, CSS, ASP, ASP.NET, Cold Fusion, Oracle, T-SQL, SQL and other languages • Hands-on experience using enterprise web scanning tools (Nexpose experience preferred). • Knowledge of threat modeling or other risk identification techniques. • Able to write security test cases and misuse cases for QA teams. • Must be competent to work at a high technical level of all phases of architectural design and implementation by processing a broad understanding of networks, computers, communication systems, threats and vulnerabilities and their interrelationships. • Must have extensive experience with the current regulatory environment including as Sarbanes-Oxley, PCI-DSS, GLBA, etc. Regards *Mayank* 978-558-4666 x 103 *may...@teknavigators.com* <may...@teknavigators.com> *TekNavigators* 8875 Hidden River Parkway Suite 300 Tampa,FL 33637 *www.*teknavigators.com DISCLAIMER: This message and any attachments are solely for the use of the individual or entity to which it is addressed and may contain information that is privileged or confidential. If you are not the intended recipient, any disclosure, use or distribution of the information contained herein is prohibited. If you have received this communication in error, please notify the sender by reply e-mail and immediately delete this message and any attachments. You may reply and send an email with "Not Interested" in the subject line in order to discontinue communication. -- You received this message because you are subscribed to the Google Groups "MCMS" group. To unsubscribe from this group and stop receiving emails from it, send an email to mcms+unsubscr...@googlegroups.com. To post to this group, send email to mcms@googlegroups.com. Visit this group at https://groups.google.com/group/mcms. For more options, visit https://groups.google.com/d/optout.
