*Good Morning,*
I hope you are well! I wanted to inform you of an excellent job opportunity that has become available with one of our Direct Clients. They are looking for a * Network Engineer* *Job Title: Application Security Tester (Phone then Face to Face)* *Location: Washington DC* *Duration: 3 month +* *Job Description:* *Summary: *Responsible for ensuring the security of Internet-based applications by interacting with software engineers, quality assurance testers, business analysts, and software application managers throughout the entire software lifecycle. Provides direct support to the business and IT projects for security related issues. Educates IT and the business about security policies and consults on security issues. Enforces security policies and procedures by administering and monitoring security profiles, reviewing security violation reports and investigating possible security violations. Involved in the evaluation of security products and/or procedures to enhance productivity and effectiveness. Here are the test types that the security test contractor may need to perform: · Ad-hoc Pen Test · Planned Pen Test · Release Testing · Appscan (automated application security test tool) · Appscan Source (automated application security source code evaluation tool) · Manual Cod Review *1) **List the minimum qualifications necessary for this position:* *a) **Number of years and type of education and training:* - Bachelor's degree in computer science, information systems or related field required. *b) **Number of years and type of practical experience:* - 5-7 years of IT work experience, with at least 3 years' experience in software development or network security testing. - Previous system administrator or software developer experience desired. *c) **Any special knowledge or skills:* - ISO27001 training highly desired. - COBIT and/or ITIL Foundation Certification highly desired. - CISSP, CIPP, CISM, CISA, CRISC or equivalent industry certifications desired. - Demonstrated strong analytical ability and technology related experience performing problem resolution. - Excellent oral and written communication skills required including ability to make effective presentations and create documentation and reporting artifacts. - Excellent desktop skills in Microsoft Office products required. - Knowledge of software engineering methodologies, technology architectures, systems integration, emerging technologies, contract management and operations. - Ability to exercise sound judgment in complex situations. *2) **Describe the frequency and complexity of internal and/or external contact with others.* The position requires frequent and close contact with IT staff, other AAMC staff, contractors, consultants and vendors. *3) **Describe the amount of supervision received.* This is a senior technical position and minimal supervision. *4) **List the job titles and functions supervised and describe the degree of supervision:* This position does not provide any supervision. *5) **Describe each duty performed and assign a percentage of total working time to the approximate amount of time spent at each task.* *Percent of Time* *Duties* 65 Analyzes risk, plan and perform security testing for new application systems, business services, and changes, including new 3rd party delivered business services. Record issues and recommend potential solutions. 5 Respond to and, where appropriate, investigate, resolve or escalate reported security incidents. 5 Monitor and ensure the security of databases and data transferred both internally and externally. Review logs and reports for problematic activity and initiate corrective action 5 Monitor and review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, firewalls, business applications, etc.). Interpret the implications of that activity and devise plans for appropriate resolution. 5 Monitor access and authentication controls, end-user accounts, privileged accounts, permissions and access rights. 5 Maintain up-to-date baselines for the secure configuration and operations of all in-place devices and applications, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, business applications, etc.). 5 Recommend, schedule, test, and/or apply fixes, security patches and any other measures required in the event of a security breach or identification of a new vulnerability. 5 Provide data for information security measurements and metrics (key goal indicators, key performance indicators, etc) and create audience appropriate reports. Thanks and Regards *Ashok Kumar | Technical Recruiter* *Email: **as...@svsintegration.com* <apo...@svsintegration.com> *Ph: 408-722-9100 Ext: 101* *www.svsIntegration.com* <http://www.svsintegration.com/> 2033 Gateway Place, Suite 500, San Jose, CA 95110 San Jose | Chicago | New York -- You received this message because you are subscribed to the Google Groups "USITCV" group. To unsubscribe from this group and stop receiving emails from it, send an email to usitcv+unsubscr...@googlegroups.com. To post to this group, send email to usitcv@googlegroups.com. Visit this group at http://groups.google.com/group/usitcv. For more options, visit https://groups.google.com/d/optout.
