Information security professionals, A very large and stable client of mine in Chicago is once again looking for a senior risk assessment/vulnerability research professional. This is a full time role and we are looking for the right individual to start before the end of the 2002 calendar year. The req. follows:
Responsibilities: Implement and fine-tune enterprise wide risk assessment, vulnerability research, and incident response services (develop process/methodology, infrastructure/technology tools, skills, knowledge base, documentation, resources, etc.). Execute the risk assessment process for new IT infrastructure development projects and existing production systems and applications on a continuous basis (Includes penetration testing and vulnerability assessment versions of the risk assessment process). Execute the vulnerability research process on a continuous basis. Assist with the development and execution of the incident response (CIRT) process. Qualifications: In depth hands-on experience in as many of the following technologies as possible: * Built-in operating system security services & functions: NOKIA IPSO, Sun Solaris, MS Windows NT and Windows 2000, IBM AIX, IBM AS/400, S/390, Cisco IOS, Foundry OS or others. * Built-in application security services & functions: Oracle, DB/2, MS Active Directory, iPlanet LDAP, MS IIS, MS Integration Server, MS Exchange, IBM WebSphere, SAP R/3, MS BizTalk Server or others. * Application development & execution framework security functions: Sun J2EE, MS COM+, MS .NET, OMG's CORBA, or others. * Vulnerability assessment tools: ISS Internet Scanner, ISS Host Scanner, Nessus, McAfee CyberCop, or others. * Computer & electronic equipment forensics tools. Core-Competencies: � IPC - Inter-Process Communications � Kernel Concepts (Exception Handling on NT vs. Unix, Interrupt Schemes, etc...) � Low-Level Network Programming (Raw Sockets, libpcap, winpcap, etc...) � Strong Debugging Skills � Strong Reversing Skills � Strong Web Programming Skills Minimum of 5 years experience in information security solution engineering and security service delivery. BS in Computer Science or equivalent technical degree required. Experience in leading penetration testing, risk and/or vulnerability assessment engagements required. Consulting industry background and experience a strong plus. Stellar technical writing, documentation development, and visual communication skills. Excellent interpersonal and verbal communication skills. For details and a confidential conversation about this role, please contact me via the following and thank you all for your time. Ben Weber Manager, Information Security Recruitment Practice Greythorn Phone: + 1 425 635 0300 mailto:ben.weber@;greythorninc.com http://www.greythorn.com/ London Sydney Melbourne Seattle Canberra ************************************************************************ ********** This email is confidential and intended only for the stated addressee(s). If you receive this in error, please inform us immediately and delete it and all copies from your system. Any unauthorized disclosure, use, or dissemination, either whole or partial, is prohibited. Any views or opinions contained in this email are those of the author and are not necessarily endorsed by Greythorn, and the company cannot be held responsible for any misuse. This email and its attachments are believed to be free of any virus, or defect, but it is the responsibility of the recipient to ensure this. Greythorn do not accept responsibility or liability for any loss or damage arising in any way from its receipt or use or for any errors or omissions in its contents which may arise as a result of its transmission. This email is covered by Greythorn's Terms and Conditions of Business, a copy of which can be viewed on our website, or on request. ************************************************************************ *********** ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com **********************************************************************
