Duration: 6+ months
Location: New York, NY
Client: Large entertainment/media company
Description:
We are looking for seasoned hands on architect with a good blend of both
Security and Applications who has an understanding of application
development, and expertise in applications security, and infrastructure
security.
*Duties and Responsibilities *
1. Application, solution and security architecture for ongoing
initiatives at our client
2. responsible for providing protection to the information technology
(IT) systems
3. security risk assessment for applications and infrastructure
4. remediation for applications and infrastructure
5. Develop and document information security policies
6. Define, develop, and implement security models around IRM and DLP
initiatives
7. Proactively monitor security threats to identify and prevent potential
intrusions
8. Plan and execute security projects. This may include managing joint
development with 3rd party vendors, and providing guidance (with other
departments) to the engineering and qa teams. Ensure, and deploy as needed,
security solutions, best practices
General Skills
1. Architecture
1. 3+ years of experience as a Solution Architect and Security Architect
and 5 years of experience as a Security Architect ( both application
security and infrastructure security)
2. Thorough understanding of application architecture for N-Tier web
based applications.
3. Well versed in integration architecture and related security
aspects
1. Thorough conceptual understanding of authentication, authorization,
data confidentiality, non-repudiation and audit logging
2. Excellent programming skills (in any language)
3. Good understanding of owasp and pci
4. Deep understanding of security policy best practices. Should have
knowledge and experience in developing security standards for an enterprise
5. Deep understanding of PKI and certificate management.
6. An expert understanding of identity management and Role based access
control
7. Deep SSO implementation experience
8. Deep understanding of network security including DMZ design
9. Knowledge and experience addressing security challenges in virtualized
environments
10. Experience in DLP and IRM
Thorough understanding, skills and experience with following product and
tool oriented areas:
1. network and application firewalls (web app firewalls, XML firewalls,
database firewalls) - conceptual only
2. security event management and architecture of SIEM products
3. application security for custom code
4. J2EE application server security, web server security, proxy servers
etc.
5. windows and UNIX security models.
6. data encryption at rest and over the wire
7. browser oriented security concepts (e.g. Tokens) and risks (e.g. xss)
8. ability to configure SSL, PKI servers
9. any one LDAP server including design of custom LDAP schema and general
LDAP server administration
Must be familiar with the following
1. Secure coding best practices
2. SSL/TLS
3. VPN
4. Data leak prevention technologies
5. Forward proxies and reverse proxies
6. Anti-virus
7. DLP
8. IRM
9. Mobile device security
10. Web service security including relevant standards
--
**
*Regards,*
* *
*Raman Gill*
*IDC Technologies, Inc., Milpitas CA , USA, 95035*
* *
*Voice *: 408-457-9399 Ext 2044 I *Email:* [email protected]
*Yahoo IM:* raman.gill915
*LinkedIn Connect. <http://www.linkedin.com/pub/raman-gill/25/467/a82>*
*Web:* *www.idctechnologies.com*
* *
"Under Bill s. 1618 Title III passed by the 105th U.S. Congress this mail
can not be considered spam as long as we include a way to be removed from
our mailing list. Simply send us an e-mail with REMOVE in the subject and we
will gladly REMOVE you from our mailing list."
--
You received this message because you are subscribed to the Google Groups
"Oracle Developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/oradev?hl=en.
