job search mailing list home about quest career resources contact
line

Job Search Results
1-12 of 115 jobs shown.


sb-appsec-lead      
Lead Application Security Architect      
Prestigious Leading Enterprise Financial Firm in downtown Chicago seeks Application Security Engineers. This role will provide leadership on how to best improve application security assessment program and take the lead performing manual application security assessments, assisting developers using static source code scanning tools such as Fortify.

sb-nwsec-ck      
Network Security Engineer      
Prestigious Enterprise Company is currently seeking a Network Security Engineer. Candidate will provide technical leadership to the security team to develop, maintain and advance the security posture of the company in order to protect assets.

CJ-ApSec      
Web Application Security Engineer      
***This is a possible 75% remote/25% travel role*** Prestigious Fortune 500 Company is currently seeking a Web Application Security Engineer. Candidate is responsible for the identification, tracking, mitigating, remediation, and verification of web security vulnerabilities in software, systems, and application services. The candidate will combine experience in information security, web development, IT operations, and project management to ensure security risks are effectively identified and appropriately addressed while maintaining a balance between security and usability. This role will define, deliver and sustain the enterprise web security strategy, standards and solutions from a governance, process, discipline and technology standpoint, to support the global and enterprise environments. Responsibilities: " Accountability and ownership for web security scanning solutions, processes, services and operations. " Develop and maintain tools and processes for web application scans, reviews and assessments along with ethical hacking. " Develop security guidance documentation. " Develop and maintain secure web coding practices and enterprise wide standards. Educate and collaborate with customers on practices and standards. " Performs requirements gathering, initial engineering design, platform/environment integration and evolution planning to support highly reliable, available, scalable, and cost-effective computing. " Interfaces with Architecture team regarding the ratification and implementation of new Architecture standards. " Interface with product vendors for escalated support and advanced product knowledge. " Ensures IT security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IT standards and overall IT security " Partner with delivery support teams and customers to maintain web security SLA/KPIs and provide technical leadership. " Manage and provide tier II support for web security related incidents. " Maintain an understanding of attacks, vectors and emergent threats (OWASP) " Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies Qualifications: " Bachelors Degree " 7+ Years of IT experience " 3+ years experience with Infrastructure engineering security " Experience with multiple programming languages (such as ASP.NET, Java, Powershell, Ruby, Perl, etc...) " 3+ years of web application security experience required (AppScan and Web Application Firewall) " Service oriented mentality with focus on customer service Additional Skills Required: " Excellent written and verbal communication capability with a customer focus " Success in collaborating with customers, partners, and co-workers across cultural boundaries (including flexibility in work schedule as needed) " Able to identify, address or escalate potential dependencies and issues " Manage the effort within deferred and expense budget constraints (if project lead) " Effectively manage ambiguity, change and conflict " Effectively prioritize in high pressure situations " Strong project leadership and support skills " Demonstrated track record of success in delivering in a security environment " Proven experience in navigating complex organizations with creative problem solving " At ease in establishing senior-level working relationships and communications " Ability to deliver a clear yet compelling and realistic business case " Ability to translate complex technical topics into easy to understand concepts " Minimum of 5 years' experience in security or network architecture/engineering role including designing and deploying security solutions " Strong analytical skills and cross functional knowledge across multiple security disciplines " Strong working experience with databases and data warehouse technologies and solutions " Working experience with systems automation in a major scripting language (Perl, Python, etc.) " Ability to communicate security-related concepts to a broad range of technical and non-technical staff " Must possess a high degree of integrity, be trustworthy, and have the ability to work with autonomy " Any of the following are a plus: CISSP, CISM

CJ-ApSec      
Web Application Security Engineer      
***This is a possible 75% remote/25% travel role*** Prestigious Fortune 500 Company is currently seeking a Web Application Security Engineer. Candidate is responsible for the identification, tracking, mitigating, remediation, and verification of web security vulnerabilities in software, systems, and application services. The candidate will combine experience in information security, web development, IT operations, and project management to ensure security risks are effectively identified and appropriately addressed while maintaining a balance between security and usability. This role will define, deliver and sustain the enterprise web security strategy, standards and solutions from a governance, process, discipline and technology standpoint, to support the global and enterprise environments. Responsibilities: " Accountability and ownership for web security scanning solutions, processes, services and operations. " Develop and maintain tools and processes for web application scans, reviews and assessments along with ethical hacking. " Develop security guidance documentation. " Develop and maintain secure web coding practices and enterprise wide standards. Educate and collaborate with customers on practices and standards. " Performs requirements gathering, initial engineering design, platform/environment integration and evolution planning to support highly reliable, available, scalable, and cost-effective computing. " Interfaces with Architecture team regarding the ratification and implementation of new Architecture standards. " Interface with product vendors for escalated support and advanced product knowledge. " Ensures IT security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IT standards and overall IT security " Partner with delivery support teams and customers to maintain web security SLA/KPIs and provide technical leadership. " Manage and provide tier II support for web security related incidents. " Maintain an understanding of attacks, vectors and emergent threats (OWASP) " Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies Qualifications: " Bachelors Degree " 7+ Years of IT experience " 3+ years experience with Infrastructure engineering security " Experience with multiple programming languages (such as ASP.NET, Java, Powershell, Ruby, Perl, etc...) " 3+ years of web application security experience required (AppScan and Web Application Firewall) " Service oriented mentality with focus on customer service Additional Skills Required: " Excellent written and verbal communication capability with a customer focus " Success in collaborating with customers, partners, and co-workers across cultural boundaries (including flexibility in work schedule as needed) " Able to identify, address or escalate potential dependencies and issues " Manage the effort within deferred and expense budget constraints (if project lead) " Effectively manage ambiguity, change and conflict " Effectively prioritize in high pressure situations " Strong project leadership and support skills " Demonstrated track record of success in delivering in a security environment " Proven experience in navigating complex organizations with creative problem solving " At ease in establishing senior-level working relationships and communications " Ability to deliver a clear yet compelling and realistic business case " Ability to translate complex technical topics into easy to understand concepts " Minimum of 5 years' experience in security or network architecture/engineering role including designing and deploying security solutions " Strong analytical skills and cross functional knowledge across multiple security disciplines " Strong working experience with databases and data warehouse technologies and solutions " Working experience with systems automation in a major scripting language (Perl, Python, etc.) " Ability to communicate security-related concepts to a broad range of technical and non-technical staff " Must possess a high degree of integrity, be trustworthy, and have the ability to work with autonomy " Any of the following are a plus: CISSP, CISM

CJ-LeadAppSec      
Lead Application Security Engineer      
Prestigious Financial Institution in currently seeking a Lead Application Security Engineer. Candidate join and lead a team responsible for securing applications and will write your own tools to find vulnerabilities in a variety of applications utilizing custom and industry-standard protocols. Candidate will always have the resources and time needed to perform the best assessment possible and learn as you go. Candidate will also will integrate your assessment findings, as well as static and dynamic scans into our Software Development Lifecycle (SDLC). Your involvement will be critical to advancing our Security Development Lifecycle (SDL) with developers, QA, project leads, and others. Candidate will have dedicated time to research the topics you are passionate about. Research and assessments performed by our team have led to presentations at Black Hat, OWASP, other conferences and user-groups, as well as a number of public vulnerability disclosures. Responsibilities: Manual review of source code (Java, C#, C++) for security vulnerabilities Dynamic assessment of HTTP and proprietary protocols Development of bespoke assessment tools Driving application security awareness and remediation of identified vulnerabilities Development of in-house tools to integrate with CME Group SDLC and to track and derive security metrics Implementation of static and dynamic automated security testing tools and their deployment within Continuous Integration systems Qualifications: A demonstrable passion for application security 4 years experience performing application security assessments both with and without source code Strong development background, Bachelors of Computer Science preferred Full-stack knowledge of web and network applications. Familiarity with TIBCO and other messages queues a plus, but you should be able to quickly learn it Continuous integration, static analysis (Fortify, Coverity, and/or Veracode), and/or dynamic scanning tools (WebInspect, Appscan, NTObjectives)

RobynOenTe      
Pentester Ethical Hacker Architect      
The key responsibilities of this position are to develop application security architecture, own and operate the encryption systems protecting SHC High-Value Data. This includes defining security requirements for Architecture & Engineering, application standards and guidelines, and secure coding practices. This position is responsible for designing, implementing and supporting the enterprise encryption strategy and solutions for protecting SHC information assets.

CJ-AppSecArc      
Application Security Architect / Ethical Hacker      
Application Security Architect / Ethical Hacker ***We are unable to sponsor for this permanent full-time role*** Prestigious Fortune 500 Company is currently seeking an Application Security Architect with strong Pen Testing and Ethical Hacking. Candidate will be responsible for the development of application security architecture, own and operate the encryption systems protecting data. This includes defining security requirements for Architecture & Engineering, application standards and guidelines, and secure coding practices. This position is responsible for designing, implementing and supporting the enterprise encryption strategy and solutions for protecting information assets. Responsibilities: " Ownership and operational support of the enterprise encryption solution RSA Data Protection Manager (DPM). 24 x 7 support of production encryption systems. " Develop and drive enterprise application security strategy, security architecture, standards across the organization. " Support strategic data protection initiatives: enterprise encryption, tokenization, and EuroPay, MasterCard, VISA (EMV) implementations. Qualifications: " B.S. or equivalent experience in the Information Security or related field. " 10+ years of experience in designing secure systems, applications, databases, experience in integrating the solution with multiple other applications and systems. " Detailed knowledge of security standards, such as NIST 800-53, and have prior experience in defining security requirements that can satisfy relevant security and privacy regulation, standards and guidelines (PCI, HIPAA). " Advanced knowledge and experience designing, implementing and supporting Payment Card Industry (PCI) Encryption Key requirements. " Experience implementing and operational support of enterprise encryption solutions such as RSA Data Protection Manager (DPM), other centralized Key Management solutions. " Advanced knowledge and experience designing, planning and implementation Data Tokenization technologies. " Advanced knowledge and experience with data encryption solutions; including symmetric and asymmetric encryptions, including; Public Key Infrastructure (PKI), TLS, AES, java encryption libraries, Encrypting File System (EFS), storage encryption. " Proficient in demonstrating examples of application security components. " Experienced in software development experience in J2EE or Microsoft.Net (C#, Visual Studio.Net, etc.) " Knowledge of application secure design patterns and principles (Delegation, Impersonation, Brokered Authentication, IAM,SSO, PKI, etc.) " Must have 7+ experience supporting web application infrastructure including; Web Servers, Java application servers, JVMs, Virtualization, Databases, etc& " Proficiency with the Microsoft Office suite of products, (i.e., Visio, PowerPoint, Excel). " Highly ethical, analytical, team-oriented, flexible, inquisitive, and logical. " Must be effective working in conjunction with various levels of management and teams to accomplish agency goals. " Strong sense of urgency with ability to multi-task, take initiative, and follow-through. " Demonstrated ability to lead and manage security and projects. " Ability to use consensus building, negotiation, coalition building, and conflict resolution techniques sufficient to establish and maintain effective communication channels with multiple stakeholders and teams. " Effective at providing security services to multiple teams, and be able to interact appropriately in highly charged emotional situations. Must be able to justify and defend matters involving significant or sensitive issues. Skill in effectively working with personnel and managers with divergent educational and cultural backgrounds. " Extensive project experience of applying secure design methodologies and best practice, such as threat model driven secure design, to build secure applications and systems " Keen awareness of top application security vulnerabilities and mitigation methods " Must know how to integrate security into different SDLC processes, and be able to define insertion points, deliverable templates, and standards.

CJ-SrCybMan      
Sr. Manager of IT Security      
Sr. Manager of IT Security ***We are unable to sponsor for this permanent full-time role*** Prestigious Fortune 500 Company is currently seeking a Sr. Manager of IT Security. Candidate will lead the organization in detecting, responding to, and mitigating security incidents across the enterprise. This individual will work across all Business Units establishing and managing the processes to assess and response to cyber security incidents. This leader must have 7-10 years experience managing security operations with incident response capacity in a large enterprise environment. The IR Lead provides leadership and knowledge to the organization and works closely with Security teams operating technologies such as Security Information and Event Management (SIEM), Intrusion Detection & Prevention (IDS / IPS), Data Leakage Prevention (DLP), computer forensics, sniffers and malware detection and analysis tools. Collaborate with other IT teams, Retail, Legal, Loss Prevention, and other leaders in the organization during Security incident handling situations and proactively for security related initiatives. Responsibilities : * Lead the team in incident prevention, detection/analysis, containment, eradication activities * Provide leadership and oversight to determine if an adverse event is a security incident. * Lead incident response efforts to determine the criticality of an incident, appropriate containment, and mitigation activities. Will communicate across the organization and ensure proper reporting and documentation is produced outlining the details of the incident. * Develops, maintains, and executes the incident response strategy. Evaluates existing and new Security technology, processes, skills, and resourcing to enhance current capabilities or address gaps. * Develops and maintains incident response metrics and dashboards to drive security performance and effectiveness. Provides senior leadership with actionable data and trending to enhance security. * Demonstrates knowledge of security technology, policies, processes and standards. Provides consistent, practical and relevant ideas and perspectives on improvements. * Works with threat intelligence team to provide defensive measures against future security threats. * Manages matrix teams supporting IR Processes, ensuring proper and timely feedback in accordance with performance management process, including performance evaluations and pay for performance. Handles all hiring, terminations, and constructive discipline as needed for area of responsibility. * Manages relationship and oversees performance of external managed services vendors providing security incident response monitoring, forensic, and other security incident response related services. * Collaboration with other IT teams, Employee Relations, Legal, Loss Prevention, and other leaders in the organization during security incident handling situations and proactively for security incident response initiatives. Proactively identifies opportunities to improve business focus as it relates to security monitoring capabilities * At least 5 years of experience monitoring and responding to information security incidents. * At least 5 years of experience analyzing network, system and application vulnerabilities. * At least 5 years of experience writing logic to detect exploitation of vulnerabilities. * Knowledge of data mining, log analysis and/or fraud detection logic. * Knowledge and practice of developing code or scripting to automate processes or other methods to enhance capabilities. * Experience educating and leading senior leaders through large investigations. * Experience presenting to, collaborating and communicating with leadership both within the immediate organization and across IT and the business.

sb-pentest-HE      
Penetration Test / Ethical Hacker Architect      
Prestigious Enterprise Firm seeks a PenTest / Ethical Hacker Architect. The key responsibilities of this position are to develop application security architecture, own and operate the encryption systems protecting High-Value Data. This includes defining security requirements for Architecture & Engineering, application standards and guidelines, and secure coding practices. This position is responsible for designing, implementing and supporting the enterprise encryption strategy and solutions for protecting information assets.

RobynIDS      
Senior Manager IT Security      
Looking for a Senior Manager IT Security who will lead all security incident response, cyber security. You will manage over MSSP outsourced security. Provide threat vulnerability, threat intelligence, 6+ people responding and maintaining security incidents. All SIEM intrusion detection IDS/IPS, data leakage, data mining, log analysis, code event management.

RobynCTV      
CCTV Security Systems Engineer      
Travel up to 50% The key to this role is CCTV experience and understanding how it feeds back into the infrastructure. You will be overseeing the contractors installing these new camera systems and making sure that it links properly back into the infrastructure and the info/video goes through the Firewalls and over the Network to the right place. Cisco Firewalls and Network environment. Would like to see someone who has experience with CCTV Victor Management Software (Enterprise version) or another comparable software. They are rolling out this new camera and software initiative to 20+ malls. Any ADFS, Office 365, Powershell, etc is a plus. They need CCTV, Firewalls and Networking. Will handle tier 3 tickets, tier 1 & 2 tickets go to one of the outsourced partners. Find someone who has done this in the past and/or I currently doing it.

IDMSunSailTempe      
Senior Identity Management Security Engineer - IDM      
Prestigious Fortune 500 Company is seeking a Senior Sun IDM Security Engineer. This individual will be responsible for leading key security program initiatives, working with cross-functional IT groups and operational resources to deliver solutions with quality, availability and security. This position requires strong IT security experience, communication, leadership and mentoring skills required in this fast-paced and exciting environment. Knowledge and experience in identity management and/or access management is required. Main Responsibilities " Leads enterprise-wide Identity and Access Management security initiatives " Serves as a subject matter expert supporting, administering and managing multiple disciplines and identity & security platforms " Partners with business areas to understand, provide and implement security solutions Qualifications Skills and Work Experience " Minimum of 5 years in a large corporate infrastructure " 3-5 years experience in Identity and Access Management " 3-5 years experience with Directory Services and LDAP " 2-3 years experience with Java Webservice " Experience in performance monitoring, tuning and load testing " Experience with capacity planning, monitoring and alerting " Knowledge in Java and scripting " Understanding of TCP/IP networks, HTTP and DNS technologies " Experience in one or more Database platforms (Oracle, MySQL, etc) Education " Bachelors Degree in Information technology, Computer technology or Information Security " IT Security certifications a plus
Next Page