ISACA - Central Maryland Chapter

MeetingsJoin ISACA-CMCCISA Certification InformationResearchR.S.V.P. for Meetings Here

search.gif (1310 bytes)

Career Opportunities

 

SecureIT helps organizations plan, design, and implement processes that effectively mitigate risks and adequately protect technology investments.

Title: Senior IT Security Specialist

Function:

Serve as a Subject Matter Expert (SME) on application, database, network and operating system security topics.

Organizational Relationships:

The Senior IT Security Specialist reports directly to the Vice President of Consulting.

Duties and Responsibilities:

The Senior IT Security Specialist is responsible for:
  • Assisting in information technology audits and system security reviews
  • Performing security vulnerability assessments
  • Performing penetration testing or security assessment of clients’ network infrastructure, systems and applications
  • Managing engagements, interacting with clients, preparing reports

Special Requirements:
  • Possess Knowledge/Experience in several of the following areas:
    • Hands-on experience developing software as a programmer, especially web application development experience in Java or .Net technologies
    • Experience using application scanners, vulnerability scanners, and database scanners
    • Provide guidance on potential exploit data and impacts to existing applications
    • Assess and detect application security vulnerabilities through source code analysis, security testing and design architecture review
    • Preferred knowledge of TCP/IP and related communication protocols. Some knowledge of basic unix network communications, Windows NT networking communication and NT authentication schemes (Kerberos, NTLM, AD), web applications access databases (JDBC, ODBC, Sqlnet, etc.)
    • Knowledge of web application security, including application vulnerabilities (e.g. input validation) and standards (e.g. OWASP)
    • Knowledge of systems security, including operating systems (Unix – Linux, Solaris/Windows) and system software security configuration
    • Knowledge of database security, including platforms such as Oracle, Sybase, SQL
    • Knowledge of network security, including network security architecture and implementation of network security devices (e.g. firewall, IPS)
    • Experience with application source code review
    • Ability to interact with clients and communicate risk and security issues in business context (i.e. translate technical risks to business risks)
    • Initiative to identify opportunities to deliver security advisory services to clients
    • Interest in learning and gaining knowledge on new security issues, vulnerabilities and technology

Education and Experience

Minimum of a Bachelor's degree or equivalent in engineering or information systems. MS preferred.
5+ years of progressive security experience

Please email resume with cover letter to resumes@secureit.com. To learn more about SecureIT, please visit www.secureit.com.

EOE

 
ISACA-CMC is sponsored by:

             
About the Chapter · Officers · Feedback · Links · Jobs · Disclaimer 
 

This web site is maintained by ISACA Central Maryland Chapter, please use our Feedback page if you have questions or comments.  These pages were last updated on March 30, 2008. Although we will attempt to keep this information accurate, we can not guarantee the accuracy of the information provided.