Hi, This is Kuldeep Samra with ASK IT Consulting Inc . Currently we are having a very urgent requirement with us for the below position :
Position : Information Security Consultant/Data Compliance Lead Location : 621 17th Street, Suite 601Denver,Colorado 80202 REQ ID: 2017-3642-UIM-035 Duration 6 + Months *Complete Description:* Data Compliance Lead The Data Compliance Lead’s role is to ensure the secure operation of the in-house systems, servers, and network connections in accordance with internal processes, procedures, and compliance requirements as well as Federal, State and Local laws. Tasks also includes conducting regularly scheduled audits on internal systems and hosting third-party and/or Cloud audits as required in order to maintain certifications and compliance certificates. The data compliance lead also develops implements, maintains, and oversees remediation and enforcement of internal security policies and procedures. Skills: · Data Compliance Lead is responsible for designing, publishing and reviewing technology designs, security controls and solutions to reduce the risk of unauthorized access, transmission and storage of confidential PII and FTI data. · As and an expert/lead technical will define the information security architecture and design for the application. · Partner with security architects, other functional-area architects, engineering, and security specialists to ensure adequate security solutions and controls are in place throughout the IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements · Provide expert-level guidance to security analysts, testers, and development teams during application security assessments. Must be able to identify, re-create, and remediate security defects · Providing training for development and QA teams on how to implement Secure Software Development Life Cycle S-SDLC into their existing practices · Experience using and compliance testing REST and/or SOAP APIs · In-depth knowledge on common web application security flaws and secure coding practices and the ability to clearly explain security issues to project and development staff · Ability to prioritize and track security issues and work with the necessary teams to ensure remediation · Serve as a leader by promoting security awareness, mentoring other team members, and staying up-to-date on current development methodologies (Agile/DevOps) · Understand HTTP, REST, SOAP, XML and JSON as it relates to APIs and AJAX · Understanding of AWS, Azure, and other cloud solutions, security issues and Security controls in those environments Desired knowledge and experience includes · 7+ years in Information Security space · 5+ years in enterprise software development · Strong development background with prominent web or mobile development languages and frameworks, provide security remediation advice to development and testing teams; · Strong experience with Threat Modeling in an enterprise, not just theoretical · Strong oral, written, and presentation abilities -able to convey risk to all levels of the business, from C-level executives to operations and development teams · Strong understanding of web applications and architectures, relational and non-relational databases, and hardware architectures, and effectively applying the principles of information security to IT environments · Strong experience working in a multi-platform, multi-protocol, distributed enterprise computing environment · Experience with Unix/Linux and Windows system administration · Some understanding of governance frameworks such as ITIL and ISO 27001; · Some project management experience: Able to assess needs, define objectives, identify resources needed to achieve objectives and begin implementation towards goal completion; · Must be able to work effectively alone and as part of a larger project team. · Current understanding of Industry trends and emerging threats Type Qualification Description Competency Experience Required Skills AGILE - Agile Development Methodology Advanced No Skills AJAX Proficient No Skills Apache Advanced No Skills CISSP (security) Advanced No Skills Communication skills both verbal and written Advanced No Skills EJB Proficient No Skills EMC Cloud Architect (cloud) Novice No Skills GSEC (security) Advanced No Skills Integration planning and strategy Proficient No Skills Java Proficient No Skills JSON Proficient No Skills Oracle 12c Proficient No Skills Security+ Advanced No Skills SOAP Proficient No Skills XML Proficient No *Regards,* *Kuldeep Samra | Technical Recruiter* *ASK IT Consulting Inc. | 33 Peachtree St., Suite 100 |Holtsville, NY 11742* *Phone: +1 631-649-1313 Ext - 4419* *Fax: +1 631-803-4449* *Email: [email protected] <[email protected]> | Website: http://www.askitc.com <http://www.askitc.com/>* G talk: <http://www.tresourceinc.com/> kuldeepsamra144 | *Skype:* kuldeep.samra7 -- -- To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/CBE-Software-Engineer?hl=en --- You received this message because you are subscribed to the Google Groups "CBE Software Engineer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
