Network Security Testing Architect USC or GCH – T

Network Security Testing Sr. Analyst, Tampa, FL, or Dallas, Texas Contract to Hire, Penetration Testing, Strong experience in Networking/ Firewalls/ Server Administration/ Encryption, vulnerability & compliance scans, CISSP/ CEH/ GCIH/ MCSE/ CCNP/ RHCE/ GPEN/ GWAPT/ MPCE certifications+
  • Location: Tampa, Florida
  • Type: Contract To Hire
  • Job #4092

Network Security Testing Architect, Tampa, FL, Contract to Hire, Penetration Testing, Strong experience in Networking/ Firewalls/ Server Administration/ Encryption, vulnerability & compliance scans, CISSP/ CEH/ GCIH/ MCSE/ CCNP/ RHCE/ GPEN/ GWAPT/ MPCE certifications+

• DURATION: Temp to hire; NO sponsorship available
• INTERVIEW PROCESS: conduct phone interview first, then onsite interview for the right person

ACTUAL Position Title: Network Security Penetration Tester

Overview:
The ideal candidate would be a Security Professional who would have in addition to regular Security Professional abilities, both of the following skill sets:
• Professional Level experience in one of the following disciplines: Networking, Firewalls, Server Administration, Encryption, Databases, Development
• SOC experience which may include IDS/Sourcefire, Wireshark, or Packet level forensics analysis experience.
The candidate will be comfortable researching and understanding a wide-variety of existing and emerging technology, have the ability to participate in the aggressive testing schedule of the Cyber Security Assessment Team (CSAT) and appropriately contribute to the daily workload of a highly skilled and diverse group of security assessment testers.

Position Requirements:
The candidate is required to possess hands-on, expert-level technical proficiency and technical certifications specific to a critical skill.
All CSAT testers must possess more than one of the following certifications: Certified Information Security Professionals (CISSP), SANS GIAC Certified Incident Handler (GCIH), Microsoft Certified Solutions Expert (MCSE), Certified Cisco Network Professional (CCNP), Red Hat Certified Expert (RHCE), GIAC Certified Penetration Tester (GPEN), GIAC Certified Web Application Penetration Tester (GWAPT), Offensive-Security Certified Professional (OSCP), Metasploit Pro Certified Engineer (MPCE), and Certified Ethical Hacker (CEH).

Candidate will conduct automated and manual tests of information systems, to include review of previous vulnerability scans, compliance scans/results, penetration testing. Candidate will use a variety of techniques to perform tests and assessments, such as threat modeling, threat simulation and social engineering. The candidate should be comfortable researching and understanding a wide variety of information systems and emerging technologies.
The candidate will develop test plans, operation schedules, perform tests and prepare after-action reports for information systems. Candidates will also document tests in accordance with client’s Information Security Policies and CSAT standard operating procedures.
CSAT security projects range in complexity and duration. Projects are ongoing, based on NPOV, threat modeling throughout the year. The level of effort and number of security assessors varies depending on the criticality of the system, technology, and schedule. Testing is conducted worldwide, the ability to travel in CONUS and internationally is required.

Skills description:
In addition to completing the tasks listed above, the candidate shall:
• Have a broad knowledge of security methodologies, solutions and best practices, and have expert level knowledge of one or more domains.
• Have a broad knowledge of the technical and non-technical tactics, techniques and procedures used by adversaries to exploit information systems. Candidates should be able to conduct advanced tests that simulate malicious users.
• Have experience with multiple open source and commercial testing tools. A non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap.
• Advanced understanding of the strengths and weaknesses of security tools. Ability to select the right tool for the job. Ability to configure and troubleshoot tools if necessary.
• Be comfortable using, configuring, troubleshooting, and administrating both UNIX based and Microsoft operating systems. Candidate should also have extensive systems engineering experience with at least one of these OSs.
• Candidate should understand the security guidelines published by the National Institute of Standards (800-53) (800-115).
• Have the ability to think critically and creatively. Capable of synthesizing and analyzing large amounts of data related to complex systems. Ability to articulate thoughts and findings in a concise and comprehensive manner. Candidate should also have a strong professional bearing.

Example of Software Used for Testing
Tool Name and Use:
• AppDetective Pro, Database Scanner
• ORE Impact, Penetration Testing
• GFI Languard OS, Vulnerability Scanning
• IBM Rational AppScan, Web Vulnerability Scanning
• Nessus, OS Vulnerability Scanning
• Security Expressions, Configuration/Policy scanner
• HP WebInspect, Web Vulnerability Scanning
• Solarwinds Engineers Toolset Networking
• Amap, Application Mapper
• Cain, Network Sniffer/Password Recovery
• Hping2, Network Traffic Utility
• Nbtscan, Netbios Scanner
• Netcat, Network Utility
• Nmbscan, Netbios Scanner
• Paros, Web Proxy/Scanner
• pwdump3e, Password Extraction Utility
• THC-Hydra, Brute Force Password Cracker
• UnicornScan, Stateless Scanner
• Xprobe2, OS Fingerprinting
• Nipper, Network Device Configuration Parser
• MySQL, Administrator Database Administration
• MBSA Security Analyzer
• DumpACL, Policy/Configuration Auditing
• DumpSec, Policy/Configuration Auditing
• Hyena, Policy/Configuration Auditing
• L0phtCrack, Password Cracker
• RegTools, Registry Enumeration
• Secedit, Security Editor Tool

Why work with me when you see the same position advertised with others?

  • I am a senior staffing professional not a junior recruiter who doesn't know what they are doing yet. I can answer your questions immediately. I know your skill set.
  • Resume won't get lost in the "black hole"
  • Feedback and follow through
  • Resume review, create relevancy
  • Better information on the company culture
  • Inside information on the hiring manager, team, the ideal profile, etc.
  • The best Interview preparation you will ever experience

Email me if you have any questions: kathleen.griffiths@sg.com or InMail me on LI or message me http://www.linkedin.com/in/kathleengriffiths/

Attach a resume file. Accepted file types are DOC, DOCX, PDF, HTML, and TXT.

We are uploading your application. It may take a few moments to read your resume. Please wait!

Submit Resume

Why work with me?

Experienced staffing professional, knows client corporate culture/hiring manager, resume and interview preparation, most ethical person in the business, but only works with like-minded people . . .

Full contact information on LI Profile http://www.linkedin.com/in/kathleengriffiths/ reach out anytime