Dear Associate,
We are having an opening for below mentioned position: Position: Senior System security Specialist Location: Baltimore, MD Duration: 3 years *Duties / Responsibilities:* - Conduct Static and Dynamic Application code and security vulnerability testing. - Conduct Penetration testing on Enterprise applications and recommend remediation using available tools and technologies. - Educate and support application developers and administrators in fixing security vulnerability issues in all tiers of applications including network, database and web/application servers. - Incident Response and Forensics evaluation using security information and event management (SIEM) tools - Work with Systems and Network Administrators to evaluate and enforce security controls and hardening rules as determined by industry standards for state and federal security compliance requirements. - Integrate applications with SIEM tools and log aggregation / analysis tools such as Splunk. - Ensure that the MHBE system security requirements are addressed during all phases of the system development life cycle. - Conduct daily/weekly security audit log reviews and report any suspicious activities. - Conduct security impact analysis of controls on proposed system changes. - Conduct ongoing security reviews and tests of the MHBE systems to periodically verify that security and operating controls are functional and effective. - Review and update systems security documentation and artifacts such as SSP, ISRA, PIA, SSR, CAP and POA&Ms. - Create and track POA&M requirements for resolving security findings. - Adhere to all security, change control and MHBE Project Management Office (PMO) policies, processes and methodologies. *Minimum Qualifications:* - A minimum of eight (8) years of experience in analysis and definition of system security requirements. - A minimum of five (5) years of experience in performing static analysis of applications using different tools and technologies such as Fortify, AppScan, Veracode, SonarQube. - A minimum of five (5) years of experience in performing dynamic / customized security analysis of web applications using various tools and technologies to perform penetration testing and identify vulnerabilities/security issues and suggesting remedial measures. - A minimum of three (3) years of experience in defining computer security requirements for high-level applications and evaluating approved security product capabilities. - A minimum of two (2) years of experience working with Web Application Firewall (WAF), Content Delivery Network (CDN) tools such as Akamai, Incapsula, AWS WAF, Cloudflare. - Active CISM, CISSP, CISA, or other Security Certifications - Experience in performing Security Incident Response and Forensics evaluation with SIEM Tools. Thanks, Samiksha Edify Technologies, Inc. (630) 812-0152 (Direct) *samik...@edifytech.com <samik...@edifytech.com>* *www.edifytech.com <http://www.edifytech.com>* Awarded one of the Fastest Growing Companies in America by Inc Magazine for 2009, 2010 Oracle Silver Partner, Microsoft Registered Partner *Celebrating 15 years in Business* *Certified Minority Business Enterprise (MBE)* This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail, with the subject "remove" and destroy all copies of the original message -- You received this message because you are subscribed to the Google Groups "CorptoCorp" group. To unsubscribe from this group and stop receiving emails from it, send an email to corptocorp+unsubscr...@googlegroups.com. To post to this group, send email to corptocorp@googlegroups.com. Visit this group at https://groups.google.com/group/corptocorp. For more options, visit https://groups.google.com/d/optout.
