App Sec – Senior Consultant – Anywhere USA

Roznos Enterprises LogoJob Area: Information Security Consulting

Title: Senior Consultant (Intermediate-level)

Experience: 3-6 yrs in Information security

Location: Eastern US

Travel:  ( Mix of onsite and remote )

 

Security Clearance: Beneficial, But Not Required

Job Description:

AT&T Consulting Solutions is a wholly owned subsidiary of AT&T (a Fortune Global Top 10 company).

AT&T is looking for a sharp penetration tester for the position of a Senior Consultant located anywhere

in the US to be a part of a dynamic team of experienced security professionals with varied experiences.

AT&T consulting clients range from some of the largest networks in the world to small businesses

requiring security consulting expertise.

Job Duties:

Perform network penetration tests for AT&T’s customers’ Internet-accessible and internal applications

and networks. A knowledge of wireless penetration testing and web application development security

strongly desired. Secure Code Review skills a great plus! The candidate should have a deep

understanding of TCP/IP, network discovery, DNS enumeration, vulnerability scanning, exploitation

methods and privilege escalation. The candidate should also have an excellent grasp of web application

exploitation and the OWASP list. The candidate must be able to write objective, detailed reports

explaining security issues.

Requirements:

 Bachelors degree or higher, Masters Degree preferred.

 Information Security experience of a minimum of three years

 Knowledge of Linux, UNIX, Windows and other operating systems

 Knowledge of popular databases such as MSSQL, Oracle, and MySQL

 Deep Knowledge of TCP/IP, network protocols, firewall evasion, ethical hacking, routing

protocols

 Experience in evading IDS/IPS, access control lists

 Experience with Nmap, Nessus/Qualys, Metasploit, Paros, Kismet, aircrack-ng, etc.

 Ability to write customized scripts using at least two of bash, Perl, Ruby, Python

 Knowledge of C/C++, Java, C#, etc would be beneficial

 Ability to travel 50%-75%, must possess drivers’ license

 Strong report writing skills and ability to explain complex security issues to customers

 Must be a flexible team player, hard-working, excellent communication and customer-facing

skills

 Security certifications such as CISSP, CEH, SANS GSEC, etc. preferred

 PCI DSS experience preferred

Technical Skills

 Strong technical problem / resolution skills

 Mid to advanced level infrastructure or security design capabilities for environments that include 10

to 20 security devices, processes or applications.

 Mid to advanced level systems administration (UNIX/Linux, Windows, or mainframe)

 Knowledge with different application architectures and platforms, their development challenges,

their control configurations, and their inherent security strengths and weaknesses (e.g., ColdFusion,

J2EE, .Net)

 Mid to advanced level network administration (firewalls, IDS/IPS, network architecture)

 Advanced level of methods and knowledge of three or more of the following:

o Vulnerability scanning

o Penetration testing (network, system and application)

o Application Security

o Code Review

o Forensics

o Security event monitoring

 Vendor certification or demonstrable in-depth technical expertise with at least three major security

solution

o Examples Only: Symantec, McAfee, VeriSign, Juniper, Checkpoint, Cisco, Arcsite, Tripwire,

o Demonstrable experience includes being able to gather customer requirements, design a

etc.

solution, specify a build of materials, implement, tune/optimize, maintain or troubleshoot at

an architecture component level for an existing solution

Additional Requirements

 Knowledge and experience with risk and compliance assessments

 Bi-lingual candidates a plus

Advertisements
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: