Friday, March 23, 2007

Security Vulnerability Specialist-Penetration Tester in Brooklyn, NY

Friday, March 23, 2007
Lead the design and implementation of Qualys vulnerability scanners and an overall vulnerability management program. Develop policies and processes for performing vulnerability scanning, prioritizing results, and remediating discovered risks. Perform penetration testing against existing and newly developed systems. Develop metrics for tracking and analyzing vulnerability information. Develop reporting plan and individual reports for review by both management and technical staff. Integrate vulnerability management program into overall security operations. Work with IT audit function to report on security policy compliance. Train security team members on vulnerability management process and tools. Perform additional security duties as needed to supplement the team's activities. Advanced security certification (CISSP, CISM, CISA, CEH, or GIAC) Very strong written and verbal communications skills and an ability to communicate technical information to non-technical audiences. Experience: Experience deploying and using enterprise vulnerability management systems, with a strong preference for hands-on experience with QualysGuard Enterprise. Knowledge of open-source vulnerability assessment and penetration testing tools. Experience performing vulnerability assessments on very large sets of hosts (preferably over 100,000). Experience performing penetration testing against .NET/J2EE (web, client/server, and portlet/portal), and mainframe and database systems. Experience conducting and documenting risk assessments, particularly surrounding large-scale applications, preferably on data warehouse and portal projects. Experience with data loss prevention (DLP) technology Strong scripting and programming knowledge, with a preference for application development experience. Broad and deep knowledge of infrastructure, application, and data security To Apply to this job go to http://www.GadBall.com or click here