Paid Advertising is
ha.ckers sla.cking
Ever wanted to work as a "chief hacker" "security evangelist"? This is a place to post jobs or ask for work. Over time as I hear about job offers, we can consolidate them into this board. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Sr. Security Engingeer needed in the DC area
Posted by: kbrydc
Date: April 02, 2010 04:10AM

Target Labs, Inc. is searching, on behalf of its client, for two Security Engineers who are interested in positions in the Washington, DC Metro. area. If you are not interested in these positions, please consider friends and colleagues who may benefit from seeing this announcement.

"One of the Top 100 Companies" Forbes

Client: TBD
Location: DC Metro. area
Position: Sr. IT Security Engineer
Duration: 6 months to start (possibly contract-to-permanent if the right ‘fit’)
Pay rate: TBD

CISSP’s preferred for both positions

Sr. Security Engineer:
AV & Malware Management (McAfee ePO)
• Vulnerability Management & Pen test (Qualys). VM Program management experience.
• IDS tuning & design (ISS Proventia)
• Written Skills
• Ability to work with people
• Detecting security vulnerabilities and issues (MS/Oracle/Solaris)
• DLP Data@ Rest, DLP Data@motion, Data@EndPoint
• Security Infr Architecture & Design (need examples)
• Exposure to different environments (Virtualization, Unix, Windows, Linux, netezza, greenplum, SANs, FCoE)
• SME on VMWare/Unix/Linux (vSphere)
• SEM: Correlation, Building a program (enVISION)
• Policy (27001, 800-53) & Standards (CIS, NIST, SCAP)
• Qualys and McAfee ePO essential

Jr. Application Security
The Jr. Application Security Engineer (Jr. ASE) is responsible for helping design security for all aspects of the application life cycle. The ASE ensures security risks of applications are known and evaluated for significance and effective security products and techniques are identified, implemented, and applied. Position serves as subject matter expert on production security technologies.

Essential Job Functions:
• Researches new information security technologies (in the areas of application and application infrastructure components).
• Participates in teams with security SMEs, in all application lifecycle phases, including: requirements gathering, architecture development, product/service selection and procurement, functional & QA testing, detailed technical design, technology infrastructure implementation and deployment, migration from existing services, operational process and procedure documentation, operations staff training)
• Advises and consults internal clients on appropriate application of existing security services to solve problems or enable new business opportunities.
• Recommends, customizes, implements, documents, and transitions to operations, reusable technical security service components including: application level intrusion detection systems, authentication systems, authorization systems, audit trail management systems, cryptographic systems, and others as defined by management.
• Researches and implements new security technologies as point solutions for Technology initiatives unqualified under reusable enterprise security services. Based on accumulated knowledge of project-specific security implementations, recommend new security service development ideas to the Security Technology R&D process.
• Assess applications to identify security risks using appropriate automated tools and other manual techniques. Provide viable recommendations for minimizing or eliminating identified security risks. Advise and assist with implementing recommendations where needed.
• Work with Application team and help them in closing out security issues in their application.
• Perform other duties and responsibilities as assigned.

Education/Experience Requirements:

• Bachelor’s of Science in Computer Science or equivalent work experience plus CISSP certification or obtainment of within 18 months of start date and a minimum of six years experience in applications engineering focusing on the delivery of secure systems.
• Development languages: VBA, ASP, ASP.NET, Perl, C#, Java, XML, Python, Ajax, Google GWT or Yahoo YUI.
• Inner workings and security aspects of variety of Application Servers (Weblogic), Web Servers (Apache, IIS), Database Servers (Oracle, MS SQL).
• Strong knowledge of Microsoft Office products especially MS Excel, MS Word and Visio is desired.
• Preferred that the candidate have hands-on experience performing application security assessments using business-class assessment tools including static code analyzers (e.g. Fortify , Ounce), web vulnerability analyzers (e.g. AppScan, WebInspect), platform vulnerability scanners (e.g. Qualys), Nessus, as well as manual techniques for evaluating logic flaws. Manual code reviews would be nice.
• Excellent technical writing, documentation development, process mapping, and visual communication skills.
• Excellent interpersonal and verbal communication skills.
• Strong knowledge of Microsoft Office products especially MS Excel, MS Word and Visio is desired.

If you are interested in discussing these positions, please send resume to or, if you would prefer:, along with a telephone-number and convenient time for me to call for a brief conversation about what Target Labs can do for you. Please attach a copy of your resume, in Word, to your reply.

Please send me an invitation to link on LinkedIn:

Thank you for your interest in Target Labs, I look forward to speaking with you soon.

Options: ReplyQuote

Sorry, only registered users may post in this forum.