[Owasp-salt_lake] Please post the following

Jeremy Cloward jeremy.cloward at gmail.com
Wed Sep 17 20:11:08 UTC 2014


Hey everyone , I just got pinged directly by google , I'm not looking but I anyone is thinking something in that direction , lemme know , she wants referrals 

Jeremy Cloward

Sent from my iPhone, sorry for any typos.....


> On Sep 17, 2014, at 10:45 AM, Michelle Garretson <michelle.garretson at progfinance.com> wrote:
> 
> Thanks for posting this job posting.
> 
> 
> Hi there, we are currently looking for a Sr. IT Security Analyst and I was hoping there was a way to get this posted to your community? 
> 
> Here is the job description and link to our position/website - 
> 
> Thanks so much!
> 
> https://progressive.recruiterbox.com/jobs/fk0lnv/
> 
> Progressive is blazing a path at the intersection of Finance and Technology and we have an exciting new opening for a Infrastructure Engineer in our Utah office.
> 
>  
> 
> The Security Analyst reports to the Chief Information Officer. The Security Analyst is responsible for information security policy development and maintenance; design of security policy, education, training, and awareness activities; monitoring compliance with company IT security policy and applicable law; and coordinating investigation and reporting of security incidents.
> 
> KEY EXPERIENCES AND ATTRIBUTES:
> 
> The successful candidate will understand that security is best implemented in a fashion that makes it unable to be detected or does not become obtrusive. However, they understand that security is increasingly important and must not be compromised in the era of digital openness, social media, and connectedness. The successful candidate perseveres to find an appropriate solution, meeting business requirements and creating a transparent security solution. More fundamentally, the ideal candidate must also be an accomplished process and business analyst to understand how to construct a secure environment without interfering with business value.
> 
> The candidate should also have relevant experience as a trusted technology advisor to senior business, technology leaders and key decision makers. In particular, the candidate should have hands-on experience or demonstrated knowledge in, but not limited to code scanning toolsets, PCI compliance, risk management, OWASP tools and methodologies, HTTP and web programming, client server technologies, common security requirements withinASP.NET and JavaScript applications, standard SDLC practices, network hardening, physical security, and internal as well as external attack prevention and mitigation.
> 
> ESSENTIAL ROLE RESPONSIBILITIES
> 
> Performing application vulnerability assessments
> 
> Performing risk assessment reviews
> 
> Performing network penetration tests
> 
> Performing security controls and code review across a variety of programming languages and
> 
> technology implementations
> 
> Performing assessments of SDLC processes
> 
> Developing testing scripts and procedures
> 
> Other security-related projects that may be assigned according skills
> 
> Contributing to the IT business continuity and disaster recovery program
> 
> Maintain a professional, optimistic, and energetic presence that instills confidence for the team
> 
> Communicate clearly and support an environment for clear communication, cooperation,
> 
> collaboration, and conflict resolution
> 
> Foster constructive conflict, open dialog, and feedback
> 
> Assist the Chief Information Officer with prioritization efforts and sprint planning
> 
> All other duties as required
> 
> PROFESSIONAL PREREQUISITES
> 
> Strong ethics and understanding of ethics in business and information security
> 
> Demonstrated experience in interfacing with third party information security providers
> 
> Demonstrated knowledge of regulatory and statutory compliance requirements and widely
> 
> accepted security and governance frameworks
> 
> Web application certifications (GIAC's GWEB or GWAPT, ISC2's CSSLP)
> 
> Exceptional English language written and oral communication skills
> 
> Three or more years work experience in application security
> 
> Five or more years work experience in IT or software development
> 
> Four or more years working in a small team environment
> 
> Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
> 
> Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect,
> 
> Accunetix, NTO Spider, Burpsuite Pro)
> 
> Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
> 
> Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
> 
> Experience with web application development (e.g., JavaScript, HTML5, ASP.NET, ASP, PHP,
> 
> J2EE, JSP)
> 
> Ability to complete tasks and deliver professionally written reports for clients
> 
> Ability to present findings to technical staff and executives
> 
> Possess current security certifications (e.g., CISSP, CEH)
> 
> Bachelors degree in Computer Engineering, Computer Science, or Information Systems
> 
> Management or equivalent experience is required
> 
> Experience with project management or business analysis tools like JIRA, Balsamiq, Green
> 
> Hopper,etc.
> 
> Demonstrated ability to self-motivate and be flexible within a fast-paced environment
> 
> Team player with a proactive bias and optimistic outlook
> 
> PF is the leading consumer financing company in the United States.  PF blends the use of innovative technology with a simple to use application process to drive revenue for thousands of retailers.  Retailers love our product and our people -- we are growing the business rapidly and we need more great people to join the team.  Want to find out more?   
> 
> 
> -- 
> 
> Michelle Garretson
> IT Recruiter
> 
> c: 248-408-9801 | e: michelle.garretson at progfinance.com
> 
> CONFIDENTIALITY NOTICE: This e-mail and any attachments are
> confidential. If you are not an intended recipient, please contact the sender to report the error and delete all copies of this message from your system.
> _______________________________________________
> Owasp-salt_lake mailing list
> Owasp-salt_lake at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-salt_lake
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-salt_lake/attachments/20140917/cd42cd2f/attachment-0001.html>


More information about the Owasp-salt_lake mailing list