Web Application Security Forum - Jobs

Recruitment Firm in Delhi Ncr (no replies)

rajeshdelhi — Tue, 30 Apr 2013 01:29:23 -0500

New Delhi
http://kaiznhr.com
job consultant in Delhi ncr - job consultant in India - Recruitment firm in Delhi ncr Recruitment firm in India - hr consultant in Delhi Ncr - hr consultant in India - recruitment agency in Delhi - Placement consultant in Delhi Ncr

Kaiznhr is a leading consultant in delhi NCR with main focus on providing high quality HR services to the clients. The focused approach, continuous improvement to enhance operational and delivery standards, implementation of best practices and technology has helped Matrix HR in attaining the leading position in the HR Services. We currently employs more than 700 employees in leading MNCs, Corporate Houses, FMCG, Service Industries, KPO, Technologies, Engineering & Manufacturing Companies.
We see HR as a crucial part of any successful business. We believe that people are the single most important asset of any organisation and the role they play both internally and externally is extremely pivotal to the organisation’s success. Kaizn HR acts as a gateway to offer top of the line executive recruitment and selection services to companies.
Central to our approach is the development of close and long term relationships with our clients. Our range of services includes consultation, executive search & selection, executive training, performance management etc. We recruit across various industry segments for multinational corporates as well as for leading and emerging business houses. We have consultants who can quickly understand your business and provide cost-effective yet efficient solutions.

Why Kaizn HR
(1) We provide the best staffing solutions ensuring quality, integrity and expertise.
(2) We are a talent-rich company.
(3) We enjoy the confidence of leading corporations.
(4) We offer multiple advantages.
(5) We have state of the art technologies for total solutions.
(6) Major costs savings in accounting & overhead work.
(7) Trained, highly qualified staff readily available at short notices.
(8) Turn around time is very short depending upon the project.
(9) Cost effective Staffing Solutions.

We deliver customized staffing solutions that make it easier for our clients to achieve their goals at a great value proposition with innovative technology, customized staffing solutions.
We have a broad range of Staffing solutions that help employers to increase their productivity, ensure legal compliance, improve employee retention and minimize the recruitment cost. Our in-house recruitment team and network of recruiters across the country ensure that we meet your staffing requirements on a long term basis.

About the author
Managing Director
Kaizn HR

http://kaiznhr.com/post_your_manpower.php

security,cryptography,reverse engineering,penetration testing (no replies)

cufe — Sat, 22 Sep 2012 12:46:03 -0500

I am loooking for a telecommute job in security,cryptography,reverse engineering,penetration testing.

Email cracking service (no replies)

hackmails — Thu, 19 Apr 2012 01:26:45 -0500

Hello!

We`re presenting email cracking service.

We provide:

- Your full anonymity
- Time of the cracking usually takes from 1 to 5 days (in some cases a bit longer)
- The crack is done without changing the password, so the subject of the crack, continues using his/her mailbox as nothing has changed.
- Without pre-payment, the charge is taken only after you get the evidences.
- The evidences: screenshots, reading of the message that you sent to mailbox, also any evidence you may need on your proposal. We will send the password forward to you, if you pay with the protection code (maximum validity time).
- We crack such mail domains as:
Yahoo.com - $150
Gmail.com - $100
Hotmail.com - $180
Aol.com - $180
Gmx.de - $180
Russian emails:
Mail.Ru - $80
Yandex.ru - $80
Rambler.ru - $80
Other free email service - $120
Any business email - $800

- You can order our service by:
Email:support@hackmails.net
Site:http://hackmails.net/

XSS on Giant website listed below.Anyone interested can PM me , (2 replies)

Vaibs — Thu, 06 Sep 2012 01:30:28 -0500

Report it to the owner to get What they give.
LIST:
Posting msn vulnerability to microsoft will paste your name on their Hall of fame page.

msn.com
http://vaibs.comuv.com/msnxss.jpg
http://vaibs.comuv.com/1.jpg

Yahoo will appreciate and send you T-shirts :P
yahoo.net
http://vaibs.comuv.com/1.jpg

Mozilla Pays 500$ on reporting.
mozilla.org
http://vaibs.comuv.com/mozilla.jpg

Baidu too pays .
baidu.com->http://vaibs.comuv.com/msn22.jpg

I have 2 to 4 Xss on each listed website listed above.
These were the top site i Xssed.
You can request me for other sites too.
I will find xss for on the sites ranking above 100 on alexa.
Also I will disclose it publicly to all here for these sites.

I sqlied msn.com
Reporting to microsoft will put your name on Hall of fame like Google but they dont pay.
http://vaibs.comuv.com/msn.png
Guess my name :
http://vaibs.comuv.com/MS.jpg

Paid help! (1 reply)

r0ots — Thu, 12 Jan 2012 16:37:25 -0600

Paid help!
Hired to write game plug-in ($ 150,000)

15 sites to work, $1000~$5000 per site. (no replies)

gjhg — Tue, 15 Nov 2011 04:51:13 -0600

Hi

I'm lookin' for a black hat to co-operate.
I'm runnin' casino, horse racin' and loan sites in ASIA.
I want permanant or part-time partner who got skill to hack sites that I'm askin' to.
Please reply me if u r interested in makin' money with ur skill.
Let's talk 'bout details on messanger.
GJHGGJHG@HOTMAIL.COM

APPLICATION SECURITY GURU REQUIRED - London UK - Up to £150k (1 reply)

EmmaHunwick — Sat, 24 Dec 2011 10:21:58 -0600

Are you considered to be one of the best in Application Security? If you believe so - and there are others that would support that - then I'd really like to hear from you if you are potentially interested in the job below:

APPLICATION SECURITY PRINCIPAL up to GBP£150k in London, UK

We are assisting a leading technology driven & dependent client to find an Application Security Principal to oversee the security assessment of applications and development processes/technologies within this fast moving, E-commerce environment.

You will need to be a and highly skilled Application Security expert who has a background in security and application development. Defines ongoing continuous improvements. Makes business recommendations and can present and articulate business cases for improvement/action at company-level.

" Large scale co-ordination of incident response and incident management.

" Sets technical direction for managing incidents.

" Responsible for maintaining integrity of process and approach, as well as controls, for the whole incident management process. Able to coordinate and manage major/highly sensitive investigations with potential for business wide impact/reputational damage.

" Regarded as an expert on forensics. Can use in-depth analysis methods (such as binary analysis) and can trace an attack footprint for all leading-edge attacks.

" Considered an expert in complex testing techniques across multiple domains.

" Designs test methodologies and improvements to the testing process.
Candidates should be comfortable mentoring a team of security experts, analysing complex systems, able to identify application risks and threats, and recommend appropriate countermeasures and remediation.

The role owns and operates the Secure Software Development Lifecycle, which involves interacting with development teams to ensure that production applications are implemented securely. Typical engagements involve conducting architectural/design reviews, code reviews, penetration tests, tracking new requirements and recommending improvements.

Key Skills and Attributes - Essential:
" Expert understanding of the Web Application threats.
" Expert knowledge of software development security principles and best practices
" Strong analytical and diagnostic skills
" Expert knowledge of Java, JSP, Struts, .Net, Java Patterns, Spring, HTTP SQL
" Strong understanding of three tier web applications.
" 10+ years working in the software/security industry
" Considered an expert in one or more areas of application security
" Code review knowledge or development experience
" Ability to get the job done.

If you are interested in an initial discussion then please contact me in the UK on 0044(0) 207 618 0965 or via email at emmah@propriusrecruitment.com

You may still be considered if you require a VISA to work in the UK

Cigital is hiring pen-testers (2 replies)

nEUrOO — Mon, 20 Aug 2012 10:20:55 -0500

Folks,
Cigital (www.cigital.com) is looking to hire few pen-testers in NoVa, NYC or west coast. If interested send me a mail.

We are looking for motivated people, it's best if you have experience in the field, but the most important is to show interest.

Even if the positions are mostly for web pen-testers, you might be doing many different things. In fact, I've done online games (MMORPG, etc.) pen-tests, mobile applications and few other cool stuff :)
Also if you are interested in other area such as code review and architectural analysis, you'll be able to learn a lot with us, so don't hesitate!

Jr. Application Security Engineer needed in the DC area (1 reply)

kbrydc — Tue, 06 Apr 2010 04:18:27 -0500

Target Labs is searching, on behalf of its client, for a Junior Application Security Engineer who is interested in working in the DC area.

Client: TBD
Location: Washington, DC Metro. area
Position: Jr. Application Security Engineer
Duration: 6 months to start (possibly contract-to-permanent if the right ‘fit’)
Pay rate: TBD

In sort: If you have a few years of development and a few years of secrutiy, we should talk!

Formal position description:

Jr. Application Security
The Jr. Application Security Engineer (Jr. ASE) is responsible for helping design security for all aspects of the application life cycle. The ASE ensures security risks of applications are known and evaluated for significance and effective security products and techniques are identified, implemented, and applied. Position serves as subject matter expert on production security technologies.

Essential Job Functions:
• Researches new information security technologies (in the areas of application and application infrastructure components).
• Participates in teams with security SMEs, in all application lifecycle phases, including: requirements gathering, architecture development, product/service selection and procurement, functional & QA testing, detailed technical design, technology infrastructure implementation and deployment, migration from existing services, operational process and procedure documentation, operations staff training)
• Advises and consults internal clients on appropriate application of existing security services to solve problems or enable new business opportunities.
• Recommends, customizes, implements, documents, and transitions to operations, reusable technical security service components including: application level intrusion detection systems, authentication systems, authorization systems, audit trail management systems, cryptographic systems, and others as defined by management.
• Researches and implements new security technologies as point solutions for Technology initiatives unqualified under reusable enterprise security services. Based on accumulated knowledge of project-specific security implementations, recommend new security service development ideas to the Security Technology R&D process.
• Assess applications to identify security risks using appropriate automated tools and other manual techniques. Provide viable recommendations for minimizing or eliminating identified security risks. Advise and assist with implementing recommendations where needed.
• Work with Application team and help them in closing out security issues in their application.
• Perform other duties and responsibilities as assigned.
•
Education/Experience Requirements:

• Bachelor’s of Science in Computer Science or equivalent work experience plus CISSP certification or obtainment of within 18 months of start date and a minimum of six years experience in applications engineering focusing on the delivery of secure systems.
• Experience developing in a some of the following languages: VBA, ASP, ASP.NET, Perl, C#, Java, XML, Python, Ajax, Google GWT or Yahoo YUI.
• Inner workings and security aspects of variety of Applications such as: Servers (Weblogic), Web Servers (Apache, IIS), Database Servers (Oracle, MS SQL).
• Strong knowledge of Microsoft Office products especially MS Excel, MS Word and Visio is desired.
• Preferred that the candidate have hands-on experience performing application security assessments using business-class assessment tools including static code analyzers (e.g. Fortify, Ounce), web vulnerability analyzers (e.g. AppScan, WebInspect), platform vulnerability scanners (e.g. Qualys), Nessus, as well as manual techniques for evaluating logic flaws. Manual code reviews would be nice.
• Excellent technical writing, documentation development, process mapping, and visual communication skills.
• Excellent interpersonal and verbal communication skills.
• Strong knowledge of Microsoft Office products especially MS Excel, MS Word and Visio is desired.

If you are interested in discussing these positions, please reply to this message with a convenient time and number to call for a brief conversation about what Target Labs can do for you.. Please attach a copy of your resume, in Word, to your reply.

Please send me an invitation to link on LinkedIn: http://www.linkedin.com/in/kellybcollier

Again, please also consider friends and colleagues who may benefit from receiving this announcement.

Thank you for your interest in Target Labs, I look forward to speaking with you soon.

Regards,

Kelly Collier
Account Manager
Target Labs, Inc.
Specialized IT Consulting Services
Direct: 202-422-8766 | Fax: 703-891-9091
www.targetlabs.net
The Green IT Services Firm,
100% Wind Powered, Carbon Free IT Professionals

Sr. Security Engingeer needed in the DC area (no replies)

kbrydc — Fri, 02 Apr 2010 04:10:34 -0500

Target Labs, Inc. is searching, on behalf of its client, for two Security Engineers who are interested in positions in the Washington, DC Metro. area. If you are not interested in these positions, please consider friends and colleagues who may benefit from seeing this announcement.

"One of the Top 100 Companies" Forbes

Client: TBD
Location: DC Metro. area
Position: Sr. IT Security Engineer
Duration: 6 months to start (possibly contract-to-permanent if the right ‘fit’)
Pay rate: TBD

CISSP’s preferred for both positions

Sr. Security Engineer:
AV & Malware Management (McAfee ePO)
• Vulnerability Management & Pen test (Qualys). VM Program management experience.
• IDS tuning & design (ISS Proventia)
• Written Skills
• Ability to work with people
• Detecting security vulnerabilities and issues (MS/Oracle/Solaris)
• DLP Data@ Rest, DLP Data@motion, Data@EndPoint
• Security Infr Architecture & Design (need examples)
• Exposure to different environments (Virtualization, Unix, Windows, Linux, netezza, greenplum, SANs, FCoE)
• SME on VMWare/Unix/Linux (vSphere)
• SEM: Correlation, Building a program (enVISION)
• Policy (27001, 800-53) & Standards (CIS, NIST, SCAP)
• Qualys and McAfee ePO essential

Jr. Application Security
The Jr. Application Security Engineer (Jr. ASE) is responsible for helping design security for all aspects of the application life cycle. The ASE ensures security risks of applications are known and evaluated for significance and effective security products and techniques are identified, implemented, and applied. Position serves as subject matter expert on production security technologies.

Essential Job Functions:
• Researches new information security technologies (in the areas of application and application infrastructure components).
• Participates in teams with security SMEs, in all application lifecycle phases, including: requirements gathering, architecture development, product/service selection and procurement, functional & QA testing, detailed technical design, technology infrastructure implementation and deployment, migration from existing services, operational process and procedure documentation, operations staff training)
• Advises and consults internal clients on appropriate application of existing security services to solve problems or enable new business opportunities.
• Recommends, customizes, implements, documents, and transitions to operations, reusable technical security service components including: application level intrusion detection systems, authentication systems, authorization systems, audit trail management systems, cryptographic systems, and others as defined by management.
• Researches and implements new security technologies as point solutions for Technology initiatives unqualified under reusable enterprise security services. Based on accumulated knowledge of project-specific security implementations, recommend new security service development ideas to the Security Technology R&D process.
• Assess applications to identify security risks using appropriate automated tools and other manual techniques. Provide viable recommendations for minimizing or eliminating identified security risks. Advise and assist with implementing recommendations where needed.
• Work with Application team and help them in closing out security issues in their application.
• Perform other duties and responsibilities as assigned.

Education/Experience Requirements:

• Bachelor’s of Science in Computer Science or equivalent work experience plus CISSP certification or obtainment of within 18 months of start date and a minimum of six years experience in applications engineering focusing on the delivery of secure systems.
• Development languages: VBA, ASP, ASP.NET, Perl, C#, Java, XML, Python, Ajax, Google GWT or Yahoo YUI.
• Inner workings and security aspects of variety of Application Servers (Weblogic), Web Servers (Apache, IIS), Database Servers (Oracle, MS SQL).
• Strong knowledge of Microsoft Office products especially MS Excel, MS Word and Visio is desired.
• Preferred that the candidate have hands-on experience performing application security assessments using business-class assessment tools including static code analyzers (e.g. Fortify , Ounce), web vulnerability analyzers (e.g. AppScan, WebInspect), platform vulnerability scanners (e.g. Qualys), Nessus, as well as manual techniques for evaluating logic flaws. Manual code reviews would be nice.
• Excellent technical writing, documentation development, process mapping, and visual communication skills.
• Excellent interpersonal and verbal communication skills.
• Strong knowledge of Microsoft Office products especially MS Excel, MS Word and Visio is desired.

If you are interested in discussing these positions, please send resume to Kellybcollier@gmail.com or, if you would prefer: kelly.collier@targetlabs.com, along with a telephone-number and convenient time for me to call for a brief conversation about what Target Labs can do for you. Please attach a copy of your resume, in Word, to your reply.

Please send me an invitation to link on LinkedIn: http://www.linkedin.com/in/kellybcollier

Thank you for your interest in Target Labs, I look forward to speaking with you soon.

QA Engineer - HP Application Security Center (HP Software) Alpharetta, GA (Pipeline)-392594 (1 reply)

cmcelvy — Thu, 19 Jan 2012 05:32:00 -0600

Job Description
The HP Application Security Center group (HP ASC) is in search of a full-time Quality Assurance Engineer who is available to begin immediately. HP ASC provides software and services to help enterprises protect against the loss of confidential data through the web application layer. The company's flagship product line, WebInspect, assesses the security of an organization's applications and web services, the most vulnerable yet least secure IT infrastructure component. Software developers, quality assurance professionals, corporate security auditors and security practitioners use WebInspect products throughout the application lifecycle to identify security vulnerabilities that would otherwise go undetected by traditional measures such as automated application testing tools, network firewalls, intrusion detection systems, or manual code reviews.

The ideal candidate for this position is someone who has a strong web application security background and an interest in performing technical quality assurance on commercial grade applications, and component and network-based enterprise applications. A solid knowledge of HTTP and HTTPS protocols is required. The ideal candidate will have a web application development background. The position will include building test cases, configuring test environments, tracking defects, and performing regression testing in an independent environment. The ideal candidate must thrive in a fast-paced, hard-working development team and have a passion for keeping up to date on the latest technologies. Mercury test tool experience is a plus.

Qualifications
- Internet security background (including Web application security).
- Experience With Web Technologies (Javascript, HTML, PHP, ASP, JSP, Ruby, Python,XML, Flash, Silverlight …)
- Solid knowledge of HTTP and HTTPS protocols.
- Experience with SQL Server and/or SQL Express.
- Experience providing quality assurance in a Microsoft environment (.NET, Windows 2003, Windows XP, IIS.) is a plus.
- Experience using the Mercury Interactive test tools is a plus.
- Strong communication skills, both written and verbal.
- Independent, self-motivated worker requiring little supervision.
- Strong problem solving skills.
- Degree in computer science, computer information systems or related field of study.

To apply online, visit https://hp.taleo.net/careersection/2/jobdetail.ftl?lang=en&job=1909227
Job Code: 392594

*Disclaimer: Taleo shall not be liable for the content or any errors or omissions in the information provided in the Comments section, and conclusions drawn from such information are the responsibility of the user.

TCP/IP (3 replies)

vanflyhigh — Wed, 24 Feb 2010 16:44:30 -0600

how to setup TCP/IP of a CCTV Recorder?

Ollydbg/IDA PRO *.dll for game hack analysys JOB (no replies)

tigerclavv — Fri, 05 Feb 2010 14:22:56 -0600

It's eimple.
Not that hard.

First one might take some time.
However, after that, it might be easier than first one.

Just wanna get some analysis report how they work.

Ollydbg screen capture and explanation should be enough.

just part time job.
work from home
thanks.

need a quote for vps service (1 reply)

jlw — Thu, 14 Jan 2010 07:35:01 -0600

need vps for windows2003, need 1-3 months. quote to e-mail: log8656@gmail.com
or add me on log8656@hotmail.com

looking for a ddos tester (no replies)

jlw — Thu, 14 Jan 2010 06:21:51 -0600

wrok at home, attrictive bornes. if u interest, pm... or add me on msn log8656@hotmail.com

Sr. Application Security Engineer Opportunity (Santa Clara, CA) (no replies)

jsaunders — Mon, 11 Jan 2010 15:27:36 -0600

Sr. Application Security Engineer - Build/Enhance our Application Security Controls and Processes

For the application security focused software engineer who enjoys a wide variety of work and owning projects from start to finish, this Sr. Applications Security Engineer role with LiveOps is a great fit. We are a leader in the outsourced contact center market providing both the technology (contact center in the cloud) and virtual workforce that enables companies to scale their contact center support as needed. With us, you’ll play the vital role of ensuring that not only our applications, but also our products, meet the highest security standards. This is a high profile position reporting directly to the company’s CISO, and you will enjoy working with the latest technologies and seeing your ideas quickly implemented as we use Scrum methodology. Bring your passion for security and best practice security mindset to LiveOps and thrive in our team environment.

Based out of our Santa Clara, CA headquarters, your primary mission will be to ensure the security of LiveOps applications and products by designing secure products and architectures, performing secure code reviews, leading penetration testing and vulnerability assessments, helping define secure coding standards, and more. Current and superior Perl and Java development skills are crucial to this role, as well as having strong and focused application security experience including strong knowledge of security best practices. Experience with Ruby scripting/programming and Scrum would also be highly beneficial in your coding responsibilities although these are not required. As the owner of applications security for our company you will be responsible for handling projects from the initial information gathering stage, through to implementation and ongoing monitoring. One of your initial projects will be to build our authentication systems so any previous experience you have with projects involving the authentication of users would be highly valuable. You will be working with our engineering, development and product teams on technical security issues and documenting your work for future reference thus your ability to communicate effectively and strong documentation skills will be important. If you are excited by the prospect of driving on major security projects, working with interesting technology, and growing your career with an industry leader, then apply today and join a great team!

About LiveOps:

LiveOps is revolutionizing the world of work, starting with the virtual call center. Our company has a world-class management team that includes leaders from Genesys, eBay, Salesforce.com, Siebel, and Tellme - and an amazing and enthusiastic engineering team that includes original founders and engineers from Netscape/Mosaic, AOL, eBay and Microsoft. We have built the most advanced on-demand call center platform anywhere to help companies make their existing call centers more virtual. We've not only established the future of distributed work, we've made it a reality today.

A privately held company backed by Menlo Ventures and Benchmark Capital, LiveOps has been consistently growing revenue rapidly and is led by one of the top visionaries in Silicon Valley Maynard Webb, the former COO of eBay. Come join one of the most exciting companies in the Bay Area and be part of a world class team building the next eBay and Salesforce.com.

We are financially and strategically backed by Menlo Ventures, Benchmark and CMEA. We have been profitable since 2006 with a solid financial track record, and on a sound growth path to becoming a major player in the contact center space.

Related Keywords:
security analyst, security consultant, enterprise security, application security, source code analysis, runtime protection, scope, scoping, application security product, vulnerability, source code audit, build environment, software build, Java, Ruby, Perl, Unix, Linux, CISSP, CISA, CPP, authentication system, authenticate, clients, secure code, enterprise, Saas, best practices

To apply for this position or refer someone you know, please use our online interview system managed by Accolo.

Apply Online Now: http://hiring.accolo.com/job.htm?id=233921496

Once you have completed the interview, your information will be forwarded to the hiring authority for decisions on next steps.

Quote needed (2 replies)

lukethedrifter — Thu, 31 Dec 2009 23:59:12 -0600

Trying to create a global flowchart for first time VPS startups for programmers at my plant. Need quote for someone to just compile a list of steps to secure a linux distro. So far, here is what I got. If you can improve on it, please tell price.

yum upgrade
add new user
remove root access from ssh
installed apf firewall
installed brute force detection
install rkhunter
install mod_security
move tmp to different partition, noexec nosuid
disable non-root access to unsafe binaries (no user can run wget)

good job if you want (6 replies)

hackmuzi — Wed, 04 Nov 2009 14:48:42 -0600

Hi,

I am looking for investigators/ hackers for projects on the Internet.

Looking for people who are able to hack/ track and investigate certain websites, selling counterfeit/ infringing products online and able to reveal evidence/ information on the person(s)/ group behind the specific websites.

Able to work from home.

No special skills required, as long as you can track them down ;-)

Please email me if you are interested, looking for people asap!

email at: hackmuzi@hotmail.com

Thanks.

muzi

Product Security Engineer (no replies)

rfly — Mon, 14 Sep 2009 18:01:29 -0500

Salesforce.com has positions available for qualified software security professionals. Email rfly (at) salesforce [dot] com if you are interested.

This role will provide security support for salesforce.com's cloud computing service. You'll work closely with the technology organization to educate our team on secure application development and help in creating innovative security solutions for our product. Additionally, you will play a key role providing both strategic and tactical security advice and help in developing technology solutions which promote securing our customer's data and users.

Responsibilities include identifying and understanding the development practices, networks and infrastructure that make salesforce.com successful and then recommending and/or building solutions and mitigations to help resolve risks to that success. Guide the Salesforce.com technology organization's security by participating in design reviews, Threat Modeling, and in depth security penetration testing of our code and systems. These responsibilities extend to providing input on application design, secure coding practices, log forensics, log design and application code security. The ideal candidate will have in-depth experience protecting against web and web services security vulnerabilities including cross-site scripting, sql injection, DoS attacks, XML/SOAP and API attacks, email security flaws and more. Also included is performing cutting edge research on new attacks, writing white papers and presenting on those findings to internal audiences. In addition this individual will hold responsibilities for evaluating or building application security tools for internal consumption and driving usage of these tools.

Job Requirements:
BS degree or equivalent experience

Minimum of 5 years working in application security

Ability to demonstrate strategic thinking

Extensive problem solving and analytical skills

Experience working in 24x7xforever support for security in production systems

Extensive knowledge of the OWASP Top 10 and CWE Top 25

Extensive programming and application development experience in multiple languages such as Java, C, and scripting languages

h (2 replies)

Anonymous User — Fri, 12 Feb 2010 23:34:40 -0600

Professionals are seeking for competent hackers for work in a team (1 reply)

dht — Sun, 09 Aug 2009 13:41:32 -0500

Professionals are seeking for competent hackers for work in a team/
If you consider yourself to be a competent worker, if you are sure of your abilities or you just want to try yourself out we are always glad to talk to you.

What is aquired:
- Breaking of European and American(USA) Internet-shops
- Leaking of DB

What you will get:
- Good work conditions
- High salary(Good payments)
- Serious partners

All additional information is in pm.

If you work hard and with a serious approach, we garantee timely payments.
If you are interested in this topic, leave your contacts in pm.
I'll contact and talk to everyone.

Network Reverse Eng./Forensics position in NoVa - clearance required (4 replies)

CPI — Thu, 18 Jun 2009 09:26:04 -0500

The hiring company specializes in instant intelligence across the enterprise, enabling right-time responses to threats or opportunities. With their solutions, data is processed and analyzed as it is received from all incoming sources, reducing the time required To Detect and Respond - to seize hidden opportunities and eliminate imminent and unforeseen risks.

Software Developer (III) position (Network Reverse Eng./Forensics)

* Clearance requirements: TS/SCI with lifestyle or full-scope polygraph required (Must be current)
* Applied knowledge/experience performing C/C++ programming
* Coding experience on Intel and AMD platforms.
* Understanding of end-to-end software development & delivery cycle, documentation development.
* Computer/network hacker techniques/methods to include application and mitigation techniques.
* Experience using intrusion detection programs, firewalls and standard operating systems features such as Kaspersky,Norton/Symantec,McAFee, Zone Alarm,and AVG-AV.
* Applied knowledge of Hardware/Firmware reverse engineering techniques.
* Experience in network programming and supporting network software.
* Expertise in network communication protocols.
* Applied knowledge/experience with Network Security Appliances (e.g. Snort, Bluecoat, Cisco ASA, etc).
* Familiarity with Cisco IOS and JUNOS.
* Compensation: BOM (Based On Merit)

The Software Developer (III) position (Network Reverse Eng. / Forensics) will create customized low-level solutions at government location located in Northern Virginia. This position requires a strong background in networks and network security.

If you are not interested in this position...can you refer me to a person who might be interested? I would be glad to pay you for a referral fee, if they get hired. Please let me know if you are interested in hearing more.

NY, NJ, MD, DC, VA, GA, IL - work along side the brightest (no replies)

Guthrie — Wed, 17 Jun 2009 14:48:30 -0500

Software Security Consultant needed immediately

This hiring company has positions available for graduating college students, graduate students and experienced hires. Work with and be part of a passionate and energetic team that is backed by a world-class experts from academia and industry. Requires working closely with company's customers.

Responsibilities of a Software Security Consultant vary but are not limited to:

* Scanning customer source code, auditing results with development and/or security teams and offering plans for remediation of vulnerabilities.
* Installing and configuring company products onsite for customers
* Communicating technical application security concepts to customer staff including developers, architects, and managers.
* Training customer staff on application security and company's products.
* Assessing and scoping of customer's application security needs.
* Contributing to project planning and other project deliverables.
* Customizing the implementation of companies production and test products.
* Collaborating with Product Management and Engineering to enhance products.
* Represent company's technical, business, and professional values to customers, partners, and peers.
* Work is conducted mostly at customer sites; extensive travel is required.

Technical Qualifications

* The ideal candidate should have: A Technical Bachelor's degree is required.
* 5+ years experience in role of software or security consulting.
* 5+ years experience in software development using Java, Microsoft .NET (C# or VB), or C/C++.
* Experience using build tools (e.g. ant, make, maven, msbuild, nant, etc.).
* Experience in developing and/or deploying web applications is strongly desired.
* Experience with multiple operating systems is strongly desired.
* Fundamental understanding of software, computer, and network architectures.
* Experience in the enterprise security or application security is a plus.
* CISSP, CISA, CCP MCP/MCSE and SANS certifications are a plus.

Characteristics

* The ideal candidate will: Be highly motivated, competitive, entrepreneurial and attracted to challenging opportunities.
* Have demonstrated the ability to work in a fast-paced environment where organizational skills are essential and will have strong problem solving, analytical, interpersonal, and ownership skills.
* Possess excellent collaboration skills with a wide variety of internal team members.
* Be an intelligent, self-starting, self-confident individual with integrity and accountability.
* Possess strong written and verbal communication skills as well as presentation skills.
* Qualify for a security clearance.
PM me if interested.

security expert (JOB) (2 replies)

federicobucchi — Mon, 04 Jan 2010 12:56:30 -0600

Traduci testo o pagina web

hi,
important Italian Company looking for expert security about operating system, server and security websites (like hacker).

E 'offered work as a freelancer or company under contract.

For information,

send an email to: b.federico @ gmail.com
also attached your resume

otherwise contact me on

msn: b.federico @ gmail.com
skype: federico.bucchi

Hack for the Government! (3 replies)

lwible — Sun, 07 Jun 2009 10:32:12 -0500

Huge Government Account in the Kansas City area (or Denver area) has 2 immediate positions available for CISSP's. Must have experience with developing or redefining security standards for database & application development.

Requirements - CISSP. CEH & CASS preferred.

These are Direct Hire positions that need to be filled immediately. They will not pay for relocation. Excellent benefits are available!

Email me at lwible@adaptivesg.com for details - please include your resume in a MS Word Doc.

IDS Analyst- Swing Shift, Arlington, VA (no replies)

becmilten — Tue, 02 Jun 2009 12:36:11 -0500

Apptis is an innovative, forward-thinking information technology services and solutions provider. We take great pride in supplying, designing, and supporting technology solutions to the government and commercial marketplace. Our steadfast goal is to deliver inspired solutions that are agile, cost effective, and reliable. To learn more about working at Apptis, visit our Web site at www.apptis.com.

IDS Analyst- Swing Shift 3-11 and an average of 1 weekend per month.
Must be able to obtain a DOD Secret clearance. Must have a good knowledge of principles and techniques applied in securing operating systems with proficiency specifically in both UNIX and Windows. Must have some experience in shell scripting and the use of regular expressions for parsing through data for pertinent information relating to security events.

Must have a good understanding of network operations, installation and network monitoring procedures. Experience with various types of Intrusion Detection Systems (IDS) and knowledge of best practices regarding IDS architecture and signature development. Knowledge of CERT procedures and NOC operations.

Participates as a member of the Enterprise IDS team and receives direction from the team leader.

All Operating System installations, hardening, administration, upgrades and patching

COTS and open-source IDS installations, administration, upgrades and patching

Ensuring IDS uptime, availability and the integrity of the IDS systems

Documenting processes and procedures of all infrastructure operations
An in-depth knowledge of TCP/IP

Desirable Qualifications:

Experience with Security Information Management Solutions

Must also be able to:

Demonstrate an ability to work independently with minimal supervision

Demonstrate an ability to handle concurrent projects and assignments

Continue to expand area of knowledge in Network Security technologies and best practices

Focus under pressure and respond appropriately to critical situations or incidents

For immediate consideration, please submit your resume to our career page at: www.apptis.com/careers.sec. - Reference req # VA VA 290406. U.S. Citizenship is required for most positions.

An Equal Opportunity Employer. M/F/D/V.

Senior Security Engineer @ WEB 2.0 company in London (UK) (2 replies)

camalyn — Thu, 28 May 2009 12:19:11 -0500

Hello ~

I am working with a WEB 2.0 company in London (UK) that are looking to recruit a permanent senior security engineer that has basic experience of *nix from a security perspective, xss and sql injection.

If anybody might be interested in discussing with me, please drop me a line using james@security.camalyn.org

Thanks, JAMES

Video Algorithm Architect - Toronto, Canada (3 replies)

khristine — Mon, 23 Nov 2009 22:39:26 -0600

If your interest is cutting edge video algorithms and if you want to see
your invention implemented, this is a fantastic opportunity for you.

Job Description:
Working in a team of video algorithm experts, you will build next generation
implementation of cutting-edge video compression codecs. You will develop
new methods to improve video compression in an existing line of shipping
ASICs as well as provide guidance on further ASIC implementations for future
products.

Requirements:
As a successful candidate, you will have a strong mathematical and
algorithmic background and be comfortable with digital video concepts as
well meet as the following requirements:

MSc or PhD in Computer Engineering or Computer Science or equivalent
Strong interest in video processing
5+ years experience in video compression algorithms
In-depth understanding of MPEG2 and MPEG4 video algorithms

To Apply:
If you are interested in applying for this position, please email your
resume to recruiting@klanderson.com

Rapid7 Info Sec Engineer - El Segundo, CA (no replies)

mrb — Wed, 08 Apr 2009 12:36:55 -0500

Hi, I lead the Vuln R&D team at Rapid7 and we have a job opening (see below). No going through recruiters, no battling with HR, you just contact me directly. Simple !

Thanks,
-marc

Job Title: Info Sec Engineer
Position based in: El Segundo, CA

Rapid7 provides network security software and related research. We develop NeXpose, a unified vulnerability management solution that is primarily sold to large companies and government agencies as a standalone Linux/Windows application or as a pre-configured appliance.

The Vulnerability R&D Team is responsible for the core feature of NeXpose: its ability to scan hosts and networks to remotely detect all kinds of security vulnerabilities, e.g.: remote arbitrary code execution, weak SSH password, unapplied security update, world-readable /etc/shadow, authentication bypass, infection by well-known backdoor, predictable TCP ISN, insecure configuration of a network server, XSS on a web page, obsolete operating system version, SQL injection, directory traversal in an FTP server, JSP source code disclosure, memory exhaustion denial of service in an RPC service, unused built-in account not disabled, privilege escalation, etc.

Rapid7 is looking for a Software Engineer to become part of this Vulnerability R&D Team. Requirements:

o Minimum 2+ years of professional software development experience, preferably in an IT security field.
o Demonstrated interests in the computer and network security field, low-level and internals aspects of technologies, and vulnerability research and exploitation.
o Excellent coding skills in Java, C, or C++.
o Perl, Python, shell scripting, Jess (Java expert system shell) a plus.
o Good foundation in networking, have developed networking code, knowledge of the design of at least some common network protocols (IP, TCP, UDP, ICMP, HTTP, FTP, etc).
o Experience in a Unix/Linux environment.
o Ability to understand technical subjects and technologies you might not be familiar with.
o Experience in working in a team of 5-10 developers on a medium-to- large-scale project (100k-1M lines of code) project a plus.
o Skills in resource organization, project/task prioritization and schedule development.

Please contact Marc Bevand

Looking for Security Associate Consultants (3 replies)

recruiter25 — Tue, 03 Mar 2009 16:21:06 -0600

Hi, we are looking for Security Associate Consultants at Cigital. This is an entry level position, mostly for fresh out of college students. Cigital is a Software Security Consulting firm. Please check out our website at www.cigital.com.
if you are interested, please contact me at timam@cigital.com
Following is the job description:

At Cigital, people are our biggest asset. We select our people carefully; we train them, mentor them and enable them to succeed with our customers. Cigital offers a competitive benefits and salary package with an opportunity to work in an exciting, fast-paced environment.

Associate Consultant Responsibilities
The Associate Consultant is responsible for applying software engineering skills to assist teams in the completion of client engagements. Typical tasks span activities in the software development lifecycle including requirements analysis, development, testing, debugging, and analysis of software. Associates will employ sound communication skills interacting with clients to understand problems and provide solutions. Associates will often be responsible for writing analysis results in sections of final reports as part of deliverables to clients.

Cigital Associate Consultants Apprenticeship Program
As the entry role into our organization, Associate Consultants enroll into a fast paced apprenticeship program to learn what it takes to become a practicing software engineer and a consultant to other software engineers. Associates work directly with more senior consultants in a mentorship model to learn on the job.
The objectives for the Associate Consultant apprenticeship program include teaching the new employ to:
• Critically analyze software for discover security and quality risks
• Apply proprietary risk management techniques to make intelligent choices about addressing software risks that affect everyday business
• Use practical software engineering practices to build more robust, secure software
• Build expertise in cutting edge technologies used by the leading companies in industries such as financial, healthcare, telecommunications, defense, and so on.
• Perform as a consultant and trusted advisor to other software engineers for doing all of the above

Qualifications
Associate Consultants require strength in the following skills for success:
• Consulting skills – ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action
• Team-oriented skills – ability to collaborate with project team members, take direction from the project lead and execute tasks consistently
• Communication skills – strong capabilities writing and presenting technical ideas as well as interacting with teams
• Demeanor – enthusiasm and commitment with professional interpersonal skill and an entrepreneurial drive

Associate Consultant Education and Experience
• BS in Computer Science, Computer Engineering, or equivalent.
• Training in Software Engineering and Object Oriented Analysis and Design
• 2-5 years of programming experience (or equivalent) in Java, .NET, C#, VB, C++, and/or C++, preferably in a web-based or client-server development environment
• Familiarity with database management systems like Oracle, MS SQL Server, and MySQL
Experience with the following is beneficial:
• Software Quality Assurance, Software Security Fundamentals, Source Code Analysis, Test Automation, Penetration Testing
• Security tools such as Fortify, Coverity, Watchfire, Spidynamics, Tamper Data, Fiddler, Cookie editors, and so on
• Service Oriented Architecture (SOA), Web Application, and Web Services development
• Technologies such as JavaEE, Hibernate, Spring, Struts, Servlets, Log4J, JSP, JAAS, XML, AJAX, JavaScript, JavaSE, ACEGI, EJB, .NET, C#, VB, C++, Perl, Unix scripting
• In-depth usage and administration of Windows, Linux, and other Unix operating systems
• Java Security Features, .NET Security Model, Cryptography, Digital Certificates
• Configuration and deployment of web applications using IBM WebSphere, BEA WebLogic, JBoss, Apache Tomcat, and IIS