Wednesday, November 04, 2009
Security Engineer with CISSP in Dallas, TX
Must be local to the Dallas Fort Worth area only please. Also, no third parties please. This is a contract to hire situation. 2 to 6 months before going perm.The Security Engineer works with infrastructure, security architecture, and business teams to design security into each phase of the system lifecycle including; risk assessments, requirements analysis, system design, configuration, deployment, maintenance, and monitoringRESPONSIBILITIES: * Create system-level security architecture and design which includes definition of technical security controls (eg, access control, authentication, encryption, deterrence measure, etc) and definition of non-technical security controls (eg, process and procedure) necessary to achieve the security requirements.* Execute a cost/benefit analysis for various security design elements. This will enable the business owner to evaluate various cost/benefit trade-offs. * Assess and document how to mitigate key application vulnerabilities.* Design and configure application level security and Middleware level security ie authentication, encryption, auditing/logging, PKI, etc. * Define detailed technical security design, which will articulate specific integration with security technologies such as DMZ, firewalls, proxy, and intrusion detection system. * Design detailed security processes and procedures. This includes specific technical security standards and configuration procedures for appropriately hardening the system (servers and applications). This also includes documentation for a user administration process and required monitoring.* Test detailed security configuration to ensure it complies with technical standards and meets system performance and production load requirements.JOB REQUIREMENTS * Requires 5-7 years of relevant experience in a multi-platform and networked environment. * 4-year degree in MIS, business, or engineering is preferred. * CISSP certifications is required. * Mus be a quick learner and be able to analyze the security components of complex multi-layered computer systems (applications layer, Middleware layer, and infrastructure layer). * Must have an understanding of technical and process security controls and their appropriate incorporation into business systems. * Strong impact and influence skills are required.* Able to focus on teamwork and the ability to escalate unresolved issues to management in both technical and non-technical terms required.Knowledge and Experience:* Windows 2008 and Windows 2003 server platforms* Common Internet protocols and their vulnerabilities: HTTP; HTTPS; FTP, Telnet, SMTP, ICMP, SNMP * Security technologies: encryption, cryptography, public key infrastructure (PKI), Firewall services and features, proxy, virtual private networks (VPN), remote access connectivity solutions such as dial-up, ISDN, and RAS, and intrusion detection systems.* Email systems: Lotus Notes, Exchange, and Simple Mail Transfer Protocal (SMTP)* Techniques and tools used to secure/harden a server*s operating system and applications running on the server* Information risk management analysis process: information asset identification, threat and vulnerability analysis, technical and process control evaluation* Advanced ability to troubleshoot and solve complex problems relating to multi-layered computer systems* Advanced oral and written presentation skills* Advanced skill in the development of security standards and operational processes as well as the ability to effectively document the information as an Enterprise standard To Apply to this job go to http://www.GadBall.com or click here