[foofus-tools] Job Opening
jmk
jmk at foofus.net
Wed Jul 7 07:26:56 PDT 2010
Interested in getting paid to develop/use tools such as FgDump, PwDump
and Medusa? We're looking to hire another team member. If you have a
strong development and security background and this sounds of interest
to you, please check out the following:
https://cdw.taleo.net/careersection/10002/jobdetail.ftl?lang=en&job=82607
If anyone has any specific questions about the team and/or position,
feel free to email me and I'll do my best to answer them.
Thanks,
Joe
=========================================================================
Senior Security Engineer - MSN-ADV00003C
Job Description
CDW has become a proven partner to businesses in need of information
technology solutions. We continue to set the standard for uncompromising
client support and technical leadership, and our relationships with
Cisco, IBM, and Microsoft provide our clients with category-leading
platforms and products. Whether it's hardware, software, networking,
services, or support, we provide knowledge, skills, and expertise
through principled partnerships with our clients.
This position is part of CDW's Field Services team, specifically on the
security assessment team. This team has been in continuous operation
since 1998, and provides vulnerability assessment, penetration testing,
incident response, and compliance consulting services to CDW customers
nationwide. The team is small and elite; members are leaders in the
field: we speak at conferences, release tools in widespread usage by the
security testing community, and conduct sophisticated tests of all
aspects of IT security.
The incumbent of this position will:
* Perform enterprise-scale security assessment and penetration
testing projects for customers.
* Communicate security policy and technology issues verbally on
both a formal and informal basis to all levels of client staff,
ranging from senior executives to user representatives. Deal
with client discussions in an unstructured interview environment
and produce high-quality written technical documents.
* Work independently on multiple projects in diverse customer
environments, ensure that appropriate management is apprised of
project status, and bring projects to completion.
* Gain a clear understanding of client environment, identify
client needs, and effectively communicate solutions.
* Develop tools for internal team use.
* Develop and complete an education plan to grow your skills
consistent with client needs.
* Conduct research on security topics, and develop tools and
documentation to assist security team activities.
* Provide network security technical support and consultation to
customers and internal resources.
Qualifications
* Bachelor's degree in Computer Science, Engineering, or related
discipline; equivalent experience acceptable.
* Fluency in at least one .NET language; experience with
multi-tier web application design.
* Professional software development experience: familiarity with
mainstream development methodologies, version and change
control, requirements documentation and quality assurance.
* Five years of software, network or system security experience.
* Demonstrated experience presenting technology recommendations
from a business perspective, including architectural guidance.
* Additional programming experience in other common languages.
Java, C, perl, and python are especially desirable.
* Ability to spot problems, especially in software design and
implementation.
* Some experience with network security assessment tools and
techniques, with an emphasis on working with open-source
software
* Knowledge of x86 assembler, including some experience with
software disassembly, reverse engineering, shellcoding, or
exploit development.
* Ability to establish and maintain a high level of client trust
and confidence.
* Experience in writing technical documents and presenting complex
topics to diverse audiences.
* Willingness to travel up to 25%
=========================================================================
More information about the foofus-tools
mailing list