[Owasp-nashville] FW: Outstanding Job Opening for Security Engineer

Joyce Harder joyce at recruitingtechnology.com
Fri Sep 28 11:02:24 EDT 2007


Dear Owasp Members,

 

I am contacting you hoping that you may know someone within the security
community you'd like to help by informing him/her of an outstanding job
prospect.

 

Our client, a leading developer of Information Security Solutions, is
seeking an experienced Security Engineer. As an integrated member of the
development team, the 

Security Engineer will contribute to the resolution of product security
issues throughout the development lifecycle. Technical areas include
cryptography, network vulnerabilities, physical (electronic) security,
defensive coding and electromagnetic emanations. The opening is in the
Ft. Lauderdale area and comes with a very attractive compensation
package. The job description is below.

 

Interested candidates are invited to send me their resume along with the
following information.

 

1)       Date of availability

 

2)       Current base salary

 

3)       Desired base salary range

 

4)       Are you willing to relocate to the Ft. Lauderdale area?

 

5)       Are you able to legally work in the US?

 

6)       Reason for entertaining a new position

 

7)       All available phone numbers

 

8)       Please briefly describe your experience and proficiency with
the following. 

 

a)       Cryptography

b)       Network vulnerabilities

c)       Electronic security

d)       Defensive coding

e)       Electromagnetic emanations

f)         FIPS-140-2 and CC

g)       The National Security Agency's Functional Security Requirements
Specification

h)       The National Institute of Standards and Technology
Cryptographic Module Validation Program

i)         Product release engineering practices

 

I'll look forward to hearing from you.

 

Warmest regards,

 

Joyce Harder

Senior Recruiter

Recruiting Technology International, Inc.

843-884-5944

 

Job Summary:

 

As an integrated member of the development team, the security engineer
will contribute on product security issues throughout the development
lifecycle; and the technical areas include; cryptography, network
vulnerabilities, physical (electronic) security, defensive coding and
electromagnetic emanations.

 

The security engineer is required to collaborate with 3rd party
companies and subcontractors in order to obtain the required product
certifications, which include; FIPS, Common Criteria, CAPS and other
government's standards.  The security engineer must liaise with
evaluation laboratories and provide them with the technical information
they need on the product and to make credible justifications on
technical security positions.  The security engineer is responsible for
managing the evaluation and certification process as well as the
relationship between the engineering team and the evaluating body.

 

Essential/Primary Duties and Responsibilities:

*	Primary company contact for the latest information security
practices including authentication, encryption, and key management;
*	Collaborate in the creation of product functional specifications
for new products to ensure security requirements are addressed;
*	Lead the Federal Information Processing Standards (FIPS) 140 and
Common Criteria (CC) security certification process for the company's
new and existing products with the objective of obtaining certification;
*	Provide training to the developers on how to create FIPS 140 and
CC certifiable designs;
*	Escalate security design decisions and certification issues to
management;
*	Initiate security enhancements on existing products which
positively affect the product's marketability;
*	Keep abreast of emerging security technologies as required by
the business.

Required Skills:

*	Security evaluation experience, preferably with FIPS-140-2
and/or CC;
*	Strong communication, presentation, and negotiation skills;
*	Ability to work in a fast paced environment with minimal direct
supervision.

 

Desired Skills:

*	Experience with National Security Agency's Functional Security
Requirements Specification;
*	Experience with National Institute of Standards and Technology
Cryptographic Module Validation Program;
*	Understanding and experience with product release engineering
practices.

 

Education Required:

*	BSEE, BSCS, or equivalent experience required. MSEE or MSCS
preferred;

 

Applicants selected for this position will be subject to a Government
Security Investigation and must meet eligibility requirements for access
to classified information.  US citizenship is required.




 

 



More information about the Owasp-nashville mailing list