Technical Security
CSI Consulting - Toronto, ON

This job posting is no longer available on Indeed. Find similar jobs: Technical Security jobs - CSI Consulting jobs

Urgent Position for Technical Security

Please find below Job Description:

Title: Technical Security
Location: Edmonton
Type: Contract

Technical Security Specialist:

The Technical Security Specialist will help Departments in assessing, selecting,
Implementing and verifying the effectiveness of security controls. The
Technical Security Specialist may be engaged at different stages of the lifecycle
of information technology systems.
Services provided by the Technical Security Specialist include developing or
reviewing the application or technology architecture for information
Technology systems from a security perspective.
These services may also include application development services to review
software code to ensure that it is not susceptible to common security
weaknesses. The Technical Security Specialist may also provide expertise to
remediate code with security vulnerabilities. Any software development and
code review conducted by the Technical Security Specialist should follow
practices documented in the Open Web Application Security Project (OWASP)
“Guide to Building Secure Web Applications and Web Services” or other
guides identified by the CISO.
Page 10Security Consulting Services
PQR CORP 382
The Technical Security Specialist may also conduct vulnerability and
penetration testing activities and provide a hands-on assessment of applications
and systems to identify potential weaknesses.
A vulnerability assessment shows the system’s security posture with respect to
specific vulnerabilities. The focus of vulnerability assessment exercises is to
perform a thorough examination of the IT environment and identify the weak
points. The vulnerability assessment interprets and compares results against the
various business processes to determine whether the perceived vulnerability is
indeed valid, is a false positive or whether other security controls address the
perceived vulnerability.
The goal of penetration testing is to determine if the protective controls of a
given IT system can be bypassed by actively exploiting identified weaknesses.
Penetration testing provides evidence (sometimes to an unbelieving audience)
that vulnerabilities can be exploitable.
Some activities related to vulnerability and penetration testing include:

  • Discovery services to identify hosts and ports open on a network;
  • Network enumeration services to identify specific services, versions

and patch levels;

  • Network vulnerability scanning to identify potential vulnerabilities in

network services;

  • Application vulnerability scanning to identify potential vulnerabilities in

web and application services;

  • Network penetration testing to simulate real attacks on network

services;

  • Web application penetration services to simulate real attacks on web

and application services;

  • Internal network enumeration services to gather information about the

about the
configuration of the internal network (domain controllers, trusted
hosts, authentication policies, etc.);

  • Security services configuration assessment will review effectiveness of

organizational security controls;

  • Security response capability testing to assess an organizations response

to a real attack.
Mandatory Requirements
A Technical Security Specialist resource must meet the following
requirements:

  • 5+ years demonstrated experience in directly assessing the effectiveness

of technical security controls through ethical hacking or penetration
testing;
Page 11Security Consulting Services
PQR CORP 382

  • 5+ years demonstrated experience in secure software lifecycle

development processes;

  • Formal training from a recognized and reputable source (e.g. SANS,

CERT, ISF) on ethical hacking and secure software lifecycle
development processes;

  • CISSP or CISM.

Intrested??? Please email me your resume


Indeed - 7 months ago - save job - block
Recommended Jobs
Database Developer / Analyst
Canaccord Financial - Toronto, ON
Canaccord Financial - 7 hours ago

Security Analyst
eHealth Ontario - Toronto, ON
eHealth Ontario - 5 days ago

DNSS Network/Security Performance and Protoco...
Bell - Toronto, ON
Bell Canada - 12 days ago