Security Analyst for the State of MA/Executive Office of Administration and
Finance doing a project for The Department of Revenue/Child Support
Enforcement Division. Rate is set by client. Let me know if you have anyone
suitable
*Application Security Analyst, Boston, MA., 12 months +*
*Interview process depends on candidate location. *
The Department of Revenue Child Support Enforcement Division (DOR/CSE) is
in the process of updating and replacing the legacy COMETS mainframe
system. The program has successfully implemented Release 1 (Enterprise
Content Management) and is presently in the construction phase for the core
Child Support Enforcement system. DOR has a robust quality plan which
includes verification and validation of the Program’s security and
vulnerability considerations.
DOR is seeking to augment the existing quality assurance staff with a
senior application security analyst. This position will lead aspects of the
COMETS HD validation effort with focus on Security Services architecture
solutions. The systems analyst must be familiar with Quality Assurance best
practices have experience with Iterative Software Development Life Cycle in
a Service Oriented Architecture environment.
*Skills Desired:*
- Candidate must possess a broad understanding of security architectures
- Candidate must understand Open Web Application Security Project
(OWASP) and Common Weakness Enumeration (CWE) industry resources to
assess risk and communicate application security findings
- Using CWE and OWASP resources the candidate must provide fix
recommendations, safe coding practices, and other tactics to development
for actionable remediation
- In depth knowledge of industry standard client privacy and data
protection policies and techniques
- Ability to readily reference NIST and IRS Pub 1075 government
regulations and executive orders as part of validation approach
- Vulnerability and Intrusion detection and prevention
- Verification and Validation of:
- Authentication and Authorization
- Security policies
- Access Controls
- Audit and Accountability
- System and Communication Protection
- Web services using SOAP tools
- Failover testing
- Active Directory
- Encryption
- Event Management
*Tool Experience:*
*The candidate must have experience using* *IBM APPSCAN *or comparable or
similar application vulnerability detection and management software [such
as *HP Fortify/WebInspect , Rapid 7 Nexpose/NTO objective, Veracode, White
Hat or Qualys*] and should have experience using the some of the following
tools sets:
- *Nessus Network Scanning Tool* & *Tenable Security Center*
- *Security Identity Manager Security Access Manager (formally Tivoli)*
), or comparable identity and access management tool
- Data Power
- Active Directory Federation Services
*Qualifications/Experience Desired:*
- Computer Science degree
- 5-10 years’ experience with technical validation of large scale,
complex public sector systems
- Experience with RATIONAL / JAZZ software development lifecycle (SDLC)
tool sets
- Auditing and Regulatory Compliance Testing
- Working knowledge of virus scanning software
- Automated Tool experience is a plus
· Full Name of the Consultant
Contact #
Email-ID:
Current Location:
Work Authorization:
Currently on a project:
Relocation:
Total years of experience:
US Experience
Interview Availability:
Available to join from:
Education Qualification:
SSN(last 4) #
DOB:
Skype ID:
Rate:
*Thanks and Regards,*
*Warm Regards,*
*Randhir Kumar*
*IDC Technologies*
*1851 McCarthy Blvd. Suite 116, Milpitas, CA 95035*
*Email: **randhir.ku...@idctechnologies.com
<randhir.ku...@idctechnologies.com>*
*Phone: *
*408-459-1535 Web: www.idctechnologies.com
<http://www.idctechnologies.com/> *
--
You received this message because you are subscribed to the Google Groups "SAP
or Oracle Financials" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to sap-or-oracle-financials+unsubscr...@googlegroups.com.
To post to this group, send email to sap-or-oracle-financials@googlegroups.com.
Visit this group at https://groups.google.com/group/sap-or-oracle-financials.
For more options, visit https://groups.google.com/d/optout.
