Senior Security Consultant (m/w) gesucht!

Frankfurt am Main  ‐ Vor Ort
Dieses Projekt ist archiviert und leider nicht (mehr) aktiv.
Sie finden vakante Projekte hier in unserer Projektbörse.

Schlagworte

Beschreibung

Wir suchen erfahrene Freelancer, die uns bei der Durchführung des Projektes unterstützen:

Senior Security Consultant (m/w)
Vulnerability Scanning / Pen Testing

Aufgabenbeschreibung:
This role encompasses assessment methodologies of penetration testing, operational methodologies of vulnerability assessment and mitigation plan design and management methodologies of leading and driving remediation projects to successful completion on-time and on-budget while producing relevant MI to key stakeholders at a weekly and monthly frequency. This role requires political and business acumen as well as a full suite of technical expertise.

- 3+ year application penetration test / vulnerability scanning experience
- Deep understanding of application and network (LAN, Wireless) security testing tools and exploits to identify vulnerabilities and recommend effective corrective actions
- Perform and create procedures for penetration tests, vulnerability assessments and resolution tracking
- Conduct technical risk evaluation of hardware, software, installed systems and networks
- Recommended preventive, mitigating and compensating controls to ensure the appropriate level of protection and adherence to the goals of the overall information security strategy
- Participate in the development and maintenance of global information security policy
- Provide technical leadership to the enterprise for the information security program
- Mentor and provide training to IT security team

Tätigkeiten:
Security Assessment:
Maintain assessment and penetrative relevance in a number of the following security assessment domains:
- Infrastructure
- Application
- Wireless
- Network security architecture
- Social engineering
- War dialling
- Code review

Operational:
- Establish and manage processes and technologies necessary to ensure that sufficient assessment controls are in place to detect vulnerabilities across the estate.
- Design and delivery mitigation plans for the enterprise by developing top-down and bottom-up information security processes for functional departments
- Take a role, as a subject matter expert, to respond to local, regional, and global security events and incidents.

Information Security:
- Provide support for all Information Security functions such as policy & standards, architecture, intrusion monitoring & response and threat intelligence
- Provision of ‘out of hours’ support and investigation as and when required

Skills:
- Critical Requirements:
- Strong written English skills
- Minimum intermediate level spoken English
- Work independently or lead any size team for engagement on critical infrastructure and/or applications
- Have superior time management and organizational skills to undertake multiple critical projects concurrently
- Have a superior ability to articulate technical concepts and security risk to non-technical business owners and management
- Understand the business context/significance of technical security assessment findings
- Consistently output superior quality of deliverable
- Possess a entrepreneurial attitude to excel in loosely defined scenarios

Technical Knowledge:
- Excellent understanding of security strategies and technologies including secure network design, e-Channels, remote computing, desktop and server hardening, secure web services, Compliance Auditing, Secure Software Development Lifecycles, Software Audit
- Strong knowledge of information security frameworks and standards such as ISO and their application into diverse environments
- Strong understanding of the security mechanisms associated with Windows or Unix operating systems, switched networks, web based applications and databases
- Able to explain security functionality from first principles
- Competent to discuss the underlying technology with product developers
- Understands core development methodologies and their associated technologies
- Can describe major phases, activities, checkpoints and deliverables of the application development lifecycle
- Understands the security controls/processes required to implement a robust secure application and can clearly articulate the risk associated with the failure of those controls/processes
- Excellent TCP/IP knowledge and understanding of security implications/issues over the OSI model
- Strong web application testing experience
- Keen understanding of network security architecture
- Technical risk assessment experience
- Experience with rolling out NIDS and SIMS technology, defining policies and investigating alerts
- Experience with ArcSight and Sourcefire a plus.
- Familiarity with proxy architectures and web filtering tools

Ihr aussagekräftiges Profil schicken Sie bitte per E-Mail unter Angabe
des nächstmöglichen Verfügbarkeitsdatums und mit Angabe Ihres Stundensatzes an:

IQ-NET AG, Marija Pehar

Weitere Projektanfragen von uns finden Sie auch unter:
http://www.iqnet-ag.de/projektangebote.html

Wir werden uns dann umgehend mit Ihnen in Verbindung setzen.
Start
01.2010
Dauer
12 Monate
(Verlängerung möglich)
Von
ConRise GmbH
Eingestellt
20.12.2010
Ansprechpartner:
Marie Veleva-Soysal
Projekt-ID:
184590
Vertragsart
Freiberuflich
Um sich auf dieses Projekt zu bewerben müssen Sie sich einloggen.
Registrieren