Just out of curiosity, anyone know of such a mythical beast? I've met a lot of good and talented folks throughout the years across the country, but about as close as I could figure was roughly 3-4 of them to meet the "requirements" they want here. I'd gotten the same email, and replied to Grant as such. :) -mb On 12/07/2011 02:45 PM, Lisa Kachold wrote: > ---------- Forwarded message ---------- > From: "Grant Wills" > > Date: Dec 6, 2011 4:27 PM > Subject: Security Engineer needed Tempe > To: "Lisa Kachold" > > > I was hoping you or someone you may know might be interested in this > position with my client in Tempe. I have been finding Network Security > folks but my client really needs someone with an Infrastructure Security > background. Any referrals are appreciated! I will elaborate further upon > interest. > > Job Description: > > ? Performing application risk assessments and threat modeling > ? Administering application vulnerability scans and coordinating > remediation activities > ? Review application security designs and make recommendations > ? Manage and configure security database assessment and auditing tools > ? Provide consultation to IT department on application security best > practices > ? Ensure application and network compliance to documented IT security > policies, procedures, processes and standards requirements. > > ? Documentation requirements are: exceptions reports, audit/review > reports, technical/process recommendations, reporting of security > statistics/metrics, technical standards, procedures, and guidelines, etc. > > ____ > > Skills Requirements: > > ? 3-5 years experience in an Application Security role. Certified > Information Systems Security Professional (CISSP) or other Security > certification strongly preferred. > > ? Strong development experience is a must as well as the ability to work > with development teams to resolve issues and improve awareness around > secure coding practices, including experience inserting information > security controls and checkpoints into the application design process. > > ? Strong knowledge in standard software development applications, > Windows UNIX, and database environments including SQL, DB2, Oracle and > Sybase. Working knowledge of how to build secure web applications. > > ? Experience using code, web and database scanners. > ? Experience with Appscan, HP WebInspect, NESSUS, and other application > assessment tools. > ? Familiar with risk analysis and risk management methodologies. > ? Solid understanding of application vulnerabilities and > countermeasures. Must be able to provide and recommend remediation > approach and not just provide vulnerability information. > > ? Excellent communication skills (both oral/written); documentation > requirements are: exceptions reports, audit/review reports, > technical/process recommendations, reporting of security > statistics/metrics, technical standards, procedures, and guidelines, etc. > > ? Demonstrated ability to work effectively in a fast-paced, high volume, > deadline-driven environment. Self-directed and motivated, with ability > to work independently, as well as collaboratively in a team environment. > Professional maturity in dealing with all levels of management and staff. > > Summary: > > Designs, codes, tests, debugs and documents complex operating software > applications. > > Alters and/or maintains applications dealing with the overall operating > system, such as sophisticated file maintenance routines, large > telecommunications networks, computer accounting and advanced > mathematical/scientific software packages. > > Supports and/or installs complex software applications. > > Participates in the testing process through test review and analysis, > test witnessing and certification of software. > > Performs hardware optimization through software benchmarking. > > May provide direction and support to less experienced software engineers > to orient them and increase their understanding of more complex software > engineering. > > Maintains and increases professional and technical knowledge and > currency by attending workshops, reviewing professional publications, > establishing personal networks, and participating in professional societies > > Performs other duties as assigned or apparent. > > A thorough knowledge and understanding of computer science as typically > obtained through the completions of a Bachelor's degree in computer > science or a related field. > > Must have sufficient educational background and/or experience to qualify > incumbent to work at the highest technical level on all phases of > software systems programming applications. Four -six years of software > programming or experience in a related field is preferred. > > A significant understanding and knowledge of commonly used concepts, > practices and procedures within the software programming field is required. > > Experience with the supervision or direction of other software > development staff preferred. > > Grant D. Wills > *Productive Data Solutions, Inc. (PDS)* > 480-264-0228 Office ____ > > 602-697-7156 Cell > 877-279-7379 Toll Free > 480-907-2771 eFax > 950 W. Elliot Road, Suite 106 > Tempe, AZ 85284 > http://www.pdsinc.com ____ > > http://www.linkedin.com/pub/grant-wills/1/5a/724____ > > Make it a Productive day____ > > > > File #5F6B781A082C2376 > > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us > To subscribe, unsubscribe, or to change your mail settings: > http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss