Hi All, Hope you are doing good. We have an urgent requirement on following position with one of our direct client. please find the detailed Job description and revert me with suitable profiles * Job Title: Security Consultant - Security Architecture*
*Education Level : Bachelor's DegreeExperience Level : 8years* *Location:New york(Need locals to NY/NJ)* *Visa Status:USC,GC,GCEAD,TN* *A Senior Security Architecture Specialist has the following responsibilities:* -Lead architecture consulting to construct Security Architectures for a business unit or infrastructure Technology team -Conduct risk assessment and provide technology risk/requirements to address risks identified. Areas covered: a) Authentication, Authorization, Auditing b) Application Security: Session Security, Vulnerability/Penetration Testing items, Input Validationc) Secure data transport and storage -Periodically review security reference architecture (security blueprints) and conduct updates/enhancements to guidance, policies, or other applicable reference materials4 -Participate in various Operational and Technology Risk governance processes5 -Lead, where applicable, a role in architecture review committees representing Security Architecture *Skills and Experience: Soft Skills Required:* -Excellent communication skills: written, oral, presentation, listening -Ability to influence through factual reasoning -Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking -Strong focus on delivery when presented with short timelines and increased involvement from senior management -Ability to adjust communication of technology risks vs business risks based on the audience -Ability to operate in multiple virtual teams, directly manage teams, or ability to operate as a sole-contributor *Security Architecture Skills Required:* -In depth knowledge of application, network and platform security vulnerabilities. -Ability to explain vulnerabilities to developers -Experience in conducting Information Security, Security Architecture, Audit assessments. Presenting the outcomes of the assessment and obtaining buy in. -Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.The candidate must have working experience in the following application/network security domains: a) Authentication: SAML, SiteMinder, Kerberos, OpenId b) Entitlements and identity management c) Data protection, data leakage prevention and secure data transfer and storage d) App Security -validation checking, software attack methodologies e) Cryptography: encryption and hashing *Desired Skills*: -Knowledge of standard network model and the risks that present at each layer, the functions of network equipment such as switches, routers, firewalls, proxies, vpn, and load-balancers, and to understand network architecture. -The candidate must have working knowledge of the primary operating systems (Unix, Windows, z/OS, Mac OS), the configuration and management of that platform at an enterprise scale, the security risks to that platform, and how to mitigate those risks. -Experience in testing tools, at least one of Veracode, Fortify, OunceLabs, AppScan, WebInspect, BurpDevelopment Even though the SecArch role is not a development role, the candidate must have previous background in programming, design and/or application architecture.In order to be a practical SecArch the candidate must have experience implementing complex applications in an enterprise environment: -Working knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby -In-depth knowledge of web technologies such as Web Browsers, Web Servers, Web Services * Other Areas of Expertise Desired:* -Frameworks, protocols and subsystems: J2EE, .NET, Spring, RPC, SOAP, MQSeries,JMS, RMI, JMX, Hibernate -Knowledge of JSP /Servlet/EJB or ASP.NET <http://asp.net/>, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex / Silverlight -Database design and programming experience4 -Experience of liaising with 3rd Party Entities (exchanges, suppliers, regulators)5 -Experience in conducting and/or reviewing penetration tests, dynamic vulnerability assessments and static vulnerability assessments6 -Understanding of geographic regulations and their impact on Security assessments7 -Previous experience in Financial Services is preferred8 -CISSP or other industry qualificationExperience working with global organizationsEducational Requirements: -Bachelor?s Degree with minimum 7 years relevant work experience in high-paced, enterprise environment -- You received this message because you are subscribed to "rtc-linux". Membership options at http://groups.google.com/group/rtc-linux . Please read http://groups.google.com/group/rtc-linux/web/checklist before submitting a driver. --- You received this message because you are subscribed to the Google Groups "rtc-linux" group. To unsubscribe from this group and stop receiving emails from it, send an email to rtc-linux+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/rtc-linux/CAC796wUK75trgCpn_x0G2UjK7Z1esfA7hNDfYH_%2BwLkT9uZ3_A%40mail.gmail.com.
