Phone/skype Hire
Location: Columbia, SC Duration: 6+ months Rate: Open Conduct application, DB, and operating system security vulnerability remediation efforts prioritized. Work with teams and resources to remediate the security findings in these systems. Implement remediation’s, best practices, and work towards system compliance with applicable state and federal regulations, policies, and standards. Responsibilities: · Work under the supervision of the Division of Information Security to enhance the security posture of the state-wide SAP ERP environment. · Provide detailed recommendations and a plan for security improvements, including a risk-based prioritization of improvement efforts. Work with multiple teams to implement and validate security improvements. · Provide architectural, engineering and configuration support regarding both the ongoing and strategic security configuration of a large SAP environment including underlying systems and third party applications. · Work with business and technical teams to advise and develop best business practices around SAP security for all SAP platform technologies. · Define SAP Role Matrix with Functional Leads, configuration of control environment, and creation of SAP Roles, profiles, and authorizations. · Work with functional/process teams to refine requirements and develop solutions to application security issues including segregation of duties (SOD). · Providing input and feedback on security decisions regarding the SAP infrastructure and architecture. · Validate systems, applications, and operations are in compliance with established standards. · Develop and maintain operational documentation where needed for the proper secure administration and operation of the system, to directly support security standards, architecture, and design. · Use and refine appropriate and effective incident response measures for network security alerts. · Work with members of agency and DIS staff to support the enterprise approach to security. · Interface with vendors and development teams resolving technical challenges and providing clarity on product security features and requirements. · Consider and foresee first, second, and third order impacts on the system, product, feature, or work flow as a result of any new change introduced. · Actively participate in technical discussions related to idea conceptualization, product or feature development and security impact. Skills Needed: · Minimum of 5 years of hands-on \ application security experience · Minimum of 4 years of hands on experience with web-based applications · At least 2 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structure · Strong understanding of SAP Integration Security including system interfaces and Third Party Applications · Proven experience developing SAP information security architectures and solutions · Experienced with SAP Security authorization concept across SAP components · Proven experience in managing segregation of duties, sensitive access and mitigating controls. · Strong understanding of Internal Controls and Segregation of Duties Framework · Understand the security requirements of client and security implications of new business decisions · Expert understanding of SAP's authorization concepts and profile generator · Information Security experience with subject-matter expertise on a range of information security topics including application security, host security and network security. · Expert understanding of web application, middleware and database security · Extensive knowledge of software security threat vectors and vulnerabilities · Understanding of commonly used web and inter-system communications protocols · Understanding of database administrator fundamentals · Strong IT backend technology experience is required, Windows and *NIX engineering, system administration and exploitation. · Thorough understanding of 3-tier, 2-tier, n-tier architectures · Proven ability in applying architecture development methods/patterns Preferred Skills · 4 years experience in development, configuration or support with SAP Security including leading design changes and improvements to SAP role structure · Experience collaborating with auditors to demonstrate compliance with internal and external standards. · Good understanding of SQL and Relational Database support and administration (e.g. Oracle, Sybase, DB2, SQL Server, etc.) · Support or administration experience with Windows, Linux, Solaris, HP-UX, and AIX · Working knowledge of web services frameworks (i.e. SOAP) · Hands on experience with Secure Software Development Lifecycle (S-SDLC) methodologies and best practices / Knowledge of secure coding principles and practices. · Static analysis, dynamic analysis and manual code reviews. · Understanding of JavaScript, HTML5, Java, .NET, C++, SQL and other modern programming languages REQUIRED EDUCATION: Bachelor’s degree or 8 to 10 years experience. Certifications Preferred: CISSP, CEH, MCSE, CCSP, GCIH, APPLICATION SECURITY/SECURE SOFTWARE PROFESSIONAL CERTIFICATIONS (E.G. CSSLP, GSSP, GWEB, GWAPT, ETC.) Thanks Sandeep Sandeep Jain Software People Inc. www.softwarepeople.us [email protected] Ph: 631-863-0299, 631-410-4741, 631-921-2111 © Fax: 631-574-3122 Certifications: SBA 8a/SDB, NY MWBE, VA SWaM, DE OMWBE, MA MWBE -- You received this message because you are subscribed to the Google Groups "Exact Match" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/exact-match. For more options, visit https://groups.google.com/d/optout.
