Pages

Wednesday, July 16, 2014

Job Opportunti​y in IT Security

Bishop Fox is a rapidly growing global information security consulting firm, serving as trusted advisors to the Fortune 1000, financial institutions, and high-tech startups. Our mission is to secure our clients and their business. Our core practices include Enterprise Security and Assessment & Penetration Testing.
At Bishop Fox, we pride ourselves on an awesome culture with a keen focus on quality. We work hard, but have fun, too. Because we believe great people make great teams, we select our teammates carefully. Some of us are hackers and some of us are engineers – but we’re all consultants with a passion for protecting our clients that brings us together.

We are seeking candidates for our Assessment & Penetration Testing practice in Atlanta, Phoenix, and San Francisco.

Activities:
Perform assessment services, which may include: network security testing, application penetration testing, source code review, wireless assessments, host-based reviews, and threat modeling.
Maintain up-to-date knowledge of threats, countermeasures, security tools, testing techniques, and security research.
Participate in project team activities, which include communicating with clients, performing analysis, authoring reports, presenting to clients, reporting status, and tracking hours.

Requirements:
Penetration testing experience.
Experience developing custom vulnerability checks and scripts; an understanding of the underlying concepts, methods, and techniques employed by vulnerability scanners.
Professional or significant software development experience.
Thorough understanding of software vulnerabilities.
Understanding of advanced cryptographic concepts.
Strong programming skills or fluency with network protocols or system administration.
We are also seeking candidates for our Enterprise Security practice in Phoenix and San Francisco.

Activities:
Analyze process security, including: change control assessments, operational security reviews, technical and business impact analyses, risk determination, and cost-benefit analyses.
Create and maintain security frameworks, policies, standards, guidelines, and procedures.
Understand client’s complex business environment, information technology management processes, and risk management approaches as they relate to industry security frameworks, policies, standards, and best practices.
Technical controls design and implementation.
Security program maturity analysis.
Compliance implementation and preparation for external audits.

Requirements:
Strong writing and communications skills.
Excited about constantly learning new technologies.
Ability to switch between abstract concepts and specific examples of how those concepts are implemented.
Understand the creation, management, and oversight of information security programs, business continuity planning, disaster recovery planning, and change management.
Ability to design an assessment framework, request documentation, conduct review of documentation, and meet with stakeholders independent of daily supervision.

Background/Experience:
Experience with COBIT, SOX, ISO27001, HIPAA, and/or PCI

Please contact: Nick Jeswald
https://www.linkedin.com/pub/nick-jeswald/7/475/303