*Job Title : WINDOWS SECURITY SPECIALIST* *Location: Manhattan, New York* *Duration: 12 months (Possible Extension) * Requirements Education: Bachelors degree (B.S.) in Computer Science or a related field Experience: Must have a minimum of 8 to 12 years Windows experience that includes security experience for large Global Enterprise networks. Required Skills: Must have previous and/or current Microsoft development language experience using some of the following areas: Visual Basic .NET, Visual C# .NET, Visual C++ .NET, Transact-SQL, VBScript, Jscript, Jscript .NET, XML, Visual J++, PowerShell. Requires Windows applications security architecture experience with a good understanding of threat modeling, security patterns and security methodologies (e.g. OSSTMM). Relevant Microsoft certifications such as MCSE Solutions Expert and/or MCSD Solutions Developer Knowledge of OWASP tools and methodologies Understanding of HTTP and web programming Good understanding of Information Security standards, frameworks and best practice (e.g. OWASP, ITIL, CoBIT). Good understanding and awareness of documentation required as part of the secure software development lifecycle. Excellent communication skills (written and verbal) and able to articulate key messages to a range of audiences. Preferred Skills: Relevant professional qualifications / certifications SSCP, SANS, CEH, CHECK, CREST. Previous professional services consulting experience Essential Functions Provide enterprise software development support for testing driven approach, continuous integration, and Agile development practice with Microsoft platforms. Provide specific security expertise to development and engineering teams. Areas include database access, security testing, authentication methods, implementing encryption, and input validation. Provide support using Visual Basic .NET, Visual C# .NET, Visual C++ .NET, Transact-SQL, VBScript, Jscript, Jscript .NET, XML, Visual J++. Provide the ability to work with database teams working with MSSQL Server, SQL, SSIS, SSRS, and other MSSQL specific technologies. Provide support for MS IIS and/WCF as a delivery platform. Application integration into a cloud environment such as Azure and AWS. Provide security testing for Microsoft applications. Ability to quantify and communicate application vulnerabilities and explain identified risks to developers. Ability to evaluated technical and functional specifications early within the SDLC identifying possible vulnerabilities and risks. Leverage knowledge of mobile and cloud applications and how to secure them Provide expertise on authentication, entitlements, identity management, data leak prevention, data protection, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, etc. Provide some expertise around code analysis software using such tools as Fortify, Ounce Labs, AppScan, WebInspect, or Burp as well as being able to communicate the how and the why of these types of tools. Responsibilities and Additional Duties Work with minimal supervision as an individual contributor Work with a matrixed team(s) of security consultants and engineers toward successful project completion Thanks & Regards Ranjith Ph:(925) 973-0000 x 232(Off) Email: ranj...@allianceit.com -- You received this message because you are subscribed to the Google Groups "SAP or Oracle Financials" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-or-oracle-financials+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. Visit this group at https://groups.google.com/group/sap-or-oracle-financials. For more options, visit https://groups.google.com/d/optout.