::: Welcome To PPR Career :::

.NET	07.23.10
We are accepting resumes for an upcoming project requiring multiple .net resources. 6+ month(s) contract
{ more }
Sr. Enterprise SW Developer	07.17.10
Senior Enterprise IT Analyst/Developer The successful candidate will join a tight knit group of highly
{ more }
Sr. Business Analyst	07.11.10
Position Title: Business Analyst, BA, XML expereience, Busniess Process Analyss, Emphasis on communication and documentation
{ more }

Sr. Security Engineer Southeast SQL Server/C# Developer Carolina's

{ view more listings }

Candidate Information

Career Opportunities

Resources

Sr. Security Engineer
Job Code: ND117711
Southeast
07.15.10

Job Description:

We work with the best companies in the SouthEast - You should too. PPR Career is an Executive Search Firm that's redefining the recruiting process. We specialize in placing candidates in contract, contract-to-permanent, and permanent positions in technology (IT), engineering, sales, marketing and executive management. We're all about relationships. We take the time, the time to understand your skills, your work style, your employment preferences. We believe in the perfect match: you and your job. Find the job you love and you'll never have to work again.

The Network Systems and Security Engineering team is responsible for the design, deployment, and management of the network, systems automation, and information security infrastructures that support our large production and QA environments. To support our continued growth, we are seeking an intelligent, motivated, and creative Senior Security Engineer. This newly created position will report to the Manager of Network Systems and Security Engineering.

Responsibilities Include
-Lead the IT General Controls audit activities, ensuring compliance with standards such as Sarbanes-Oxley Section 404, Payment Card Industry Data Security Standards (PCI DSS), and 201 CMR 17.
-Work with technical and managerial staff to develop business-appropriate information security policies and procedures, covering the entire information lifecycle.
-Lead hands-on audits of system security, using scanning tools such as Qualys and IDS/IPS tools such as Tipping Point.
-Respond to security incidents, including identification of the extent of system compromise, engagement of appropriate parties, and hands-on forensic investigations as required.
-Develop internal training programs to assist developers with secure development guidelines, leveraging external resources such as OWASP.
-Lead disaster recovery policy development and testing, working across the business teams to ensure that appropriate procedures are in place.

Requirements:
Requirements
-Five or more years of experience as a security engineer, including leadership roles in developing IT security policies and procedures, as well as hands-on experience auditing complex operation environments.
-Hands-on experience ensuring compliance with audit standards such as SOX and PCI. Ability to work with external auditors to ensure compliance.
-Understanding of web application vulnerabilities, including those defined by OWASP and WASC. Ability to identify and recommend fixes for web application security vulnerabilities.
-Experience with Unix/Linux system hardening strategies, including understanding of industry standards such as Center for Internet Security (CIS).
-Ability to develop strong relationships with internal technical, legal, and managerial staff to guide evolution of security technologies and procedures.
-Understanding of fundamentals of state and federal law as applied to intellectual property, credit card data, and related issues.
-Relevant industry certifications such as CISSP or CISA preferred.
-Familiarity with email security and anti-spam technologies and best practices preferred, including SPF, SenderID, DKIM, CAN-SPAM, etc.

privacy

contact