Information on job openings is provided as a courtesy in the spirit of information sharing within the information security community. Metro Atlanta ISSA does not take responsibility for content in the postings and is not involved in the hiring process.
If you are aware of job openings and would like to share them here, please send an email to:  job_postings@gaissa.org

Security Solutions Architect
1 position available
COMPANY PROFILE

HuntSource is closely partnered with a global analytics and technology company leveraging data to power decisions and uncover information that leads to progress.  This company has a premier focus on protecting its data and information and focuses heavily on embedding secure processes from the start across all areas of the organization.  With a sense of urgency, they also have a well-balanced approach to assessing risk and delivering on security goals.

SUMMARY OF THE ROLE

This position is focused on expanding security coverage for multiple business units across the organization.  The Security Solutions Architect will ensure the technology and application roadmaps are aligned while maturing security concerns and reducing risk to the enterprise.  She/he will define and document a 3-5 year security technology vision for maturation of an alliance’s security posture with their technical architects.

 

ADDITIONAL RESPONSIBILITIES
  • Responsible for defining security technology vision and roadmap across multiple domains

  • Provide a unified “voice of security” as related to architecture concerns for the alliance, and represent the security and business concerns to the Global Security team

  • Participate in leading and defining security practices for consuming both on-premise and cloud services using well thought-out, systematic approached to security and anticipation of various threat vectors

  • Partner with technical engineers to ensure they maximize use of available security services

  • Identify how to optimize consumption of security patterns by business development teams

  • Advise teams in various security capabilities, presenting principles and corporate security posture to all internal consumers

  • Define processes to enable security goal delivery and facilitate engagement, improving the overall security practice through alliance 

  • Support the Product Security teams to help deliver a secure ecosystem that facilitates the secure delivery of software engineering capabilities to market, protecting those information assets from compromise or exposure

  • Identify how to reduce risk to an application through architectural patterns and development of secure code

  • Influence technical architects to create more secure architectures, as needed

  • Help design more secure architectures incorporating secure principles and standards identified by global security, including Data Devaluation Guidance and Data Classification 

  • Provide training and communication as needed to propagate knowledge of available consumable security capabilities 

QUALIFICATIONS & DESIRED EXPERIENCE
  • BS degree (MS a plus) in Mathematics, Statistics, Computer Science or Engineering or equivalent practical experience

  • Proven track record dealing well with ambiguity, prioritizing needs and delivering measurable results in an agile, fast-paced environment using excellent documentation and verbal skills

  • Experience designing and building secure software systems

  • Senior-level experience in security architecture, application security, cloud security, network security, and/or systems security.

  • Experience with and a strong foundational understanding of secure software engineering principles, encryption technologies, audit controls, distributed architectures, cloud security controls, and/or security architecture

  • Experience with mentoring, advising or guiding teams to follow architectural or security standard methodologies

Bonus Qualifications!

  • Senior-level hands-on experience with cloud service offerings and related security controls: Google, AWS or Azure

  • Experience with security design for multi-service enterprises

  • Demonstrated understanding of IETF security protocol landscape and development practices

  • Well versed in compliance and security standards and guidelines including: SOX, NIST, CIS, ISO 27001/2, PCI DSS

  • Proven understanding of security controls and technologies including SIEM, DLP, WAF, IPS, and firewall

  • Experience with one or more of the following programming languages: C#, Java, C/C++ and/or Python

Please contact Greg Aiken at gaitken@huntsource.io or 404-769-5159

 

 

APPLICATION SECURITY ARCHITECT

APPLICATION SECURITY ARCHITECT JOB INTRODUCTION

We are looking for someone who will be self-starters, capable of multi-tasking, with experience in multiple information security management and monitoring tools. The Ideal Candidate would have worked in a fast paced, highly technical environment. As well as Possess additional certifications such as AWS Certified Security Specialty.

 

APPLICATION SECURITY ARCHITECT ROLE RESPONSIBILITIES

  • Responsible for monitoring, addressing, and reporting on information security events

  • Regularly monitor the security community for public-facing security issues, as well as to learn new tactics that can be used in testing.

  • Participate in the testing and operation of multiple Information Security systems and tools

  • Maintain security requirements for regulatory bodies such as PCI, SOX, and ISO standards

  • Implement and maintain security hardening best practices and guidelines

  • Develop reporting structure and alerts for various security related events

  • Lead and manage assigned Information Security projects

  • Build relationships with developers, stakeholders and project managers to incorporate security principles into engineering design and deployments

  • Develop, communicate, and implement technical security standards for different platforms

  • Collaborate with architects and development teams on building a secure software development life cycle

  • Provide detailed remediation guidance to business organizational units

 

APPLICATION SECURITY ARCHITECT THE IDEAL CANDIDATE

  • Bachelor’s degree in IT or Information Security

  • Minimum 8 years of proven UNIX, Windows and/or application development, including system hardening

  • At least 5 years of application security experience including, but not limited to, vulnerability assessment, intrusion detection, incident response, forensics, system audits, and support of compliance audits (e.g. PCI-DSS, SOX, ISO27001)

  • DevOps background in public and private clouds

APPLICATION SECURITY ARCHITECT CERTIFICATIONS:

  • CISSP

  • Security + or SANS GSEC

  • CEH

  • CCNA Security

 

APPLICATION SECURITY ARCHITECT SKILLS

  • Proficiency in application security concepts and protocols

  • Software development (Java, Python, C++, .NET, etc.)

  • Implementation of data encryption standards

  • Ability to design, implement, and maintain application security for cloud services platforms such as Amazon Web Services or Microsoft Azure

  • Draft and uphold CI/CD security strategy and practices in tandem with other technical team leads.

  • Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC).

  • Identify vulnerabilities in code through automated and manual assessments, and promote quick remediation.

  • Proficiency with Dockers and Containerization

  • Ideal candidates will be self-starters, capable of multi-tasking, with experience in multiple information security management and monitoring tools. Have worked in a fast paced, highly technical environment. Possess additional certifications such as AWS Certified Security Specialty.

Please contact  Samuel Slonkosky | Technical Recruiter  SSlonkosky@Resolution-Tech.com

Linkedin: https://www.linkedin.com/in/samuel-slonkosky-0716628a

 

 

Information Security Analyst

Atlanta, GA

Job Description

This position will assist the IT Security Team in achieving, monitoring and maintaining compliance with NIST 800- 171 and other security requirements. Application of a strong IT background with extensive experience in security initiatives will support a mix of implementation and audit tasks.

PRIMARY DUTIES & RESPONSIBILITIES:

  • Elicit and analyze security requirements from identified stakeholders

  • Liaison between departments and IT teams for security planning, configuration, implementation and remediation

  • Collaborates with IT team to provide subject matter expertise on security of servers, applications, and networks

  • Design, implement and evaluate Active Directory Group Policy for information security standards/baselines for common systems and applications (to include endpoints, servers, and browser applications)

  • Provides consultation on security issues, staying abreast of current malware and other potential internet security threats

  • Perform evaluation of internal systems, operations, controls, and documentation related to NIST 800-171 and recommend appropriate changes

  • Provide subject matter expertise for servers, applications, and networks

  • Manage the Event Log Management system(s), alerts, notifications, and events

  • Perform security assessments of systems using tools to monitor and audit events

  • Must be able to identify potential information system, network and internet security vulnerabilities to determine whether technical security requirements are being met and make recommendations to correct findings

  • Execute security assessment procedures to identify security control failures and recommend corrective actions

  • Perform other duties as assigned

Requisition Number

COR-10841

Location

Atlanta - GA

Requirements

MINIMUM SKILLS & REQUIREMENTS:

  • Minimum of a Bachelor's degree in Cyber Security Engineering, Computer Engineering, Computer Science, Information Systems, or similar discipline and two to five years of work related experience; or an equivalent combination of education and experience

  • Performing work in this job's occupational field requires the application of complex, technical professional disciplines requiring applied use of related concepts, practices, and methods

  • Requires an advanced level of proficiency to apply broad knowledge and experience

  • Must have proven proficiency with Microsoft Active Directory Management, Group Policy Object management, GP development, testing and implementation

  • Windows Server 2016, 2019 Administration, Windows Event Management, and Windows Advanced Firewall experience

  • Knowledge of host hardening, auditing, logging and monitoring, network security, SEIM deployments, security analytics, anomaly detections, etc.

  • Must be able to work independently and contribute immediately

  • Must possess excellent organizational, verbal/written communication and problem-solving skills

DESIRED SKILLS & REQUIREMENTS:

  • Desired certifications include one or more of the following:

    • CompTIA Security+

    • Certified Information Systems Security Professional (CISSP)

    • Certified Ethical Hacker (CEH) or Certified Information Systems Auditor (CISA)

  • Knowledge of IPSec and MPLS communications

  • Knowledge of firewalls, proxies, SIEM, IDS/IPS, data loss prevention, patch management, and vulnerability management

  • Knowledge of the following areas: Security Technology Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP)

THIS POSITION DOES NOT REQUIRE AN ACTIVE DoD CLEARANCE

 

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact srchr@scires.com opens an email client application for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

Must presently have or be eligible for a government security clearance.

https://recruiting.adp.com/srccar/public/RTI.home?d=External&c=1130807#/

 

Systems Administrator II

Atlanta, GA

Job Description

PRIMARY DUTIES & RESPONSIBILITIES:

  • Responsible for minor moves or changes to VOIP telecommunications system

  • Assist with file permission administration based on Active Directory groups

  • Assist with standing up/shutting down offices including phone and communication circuit installation

  • Monitor antivirus and malware applications to identify and resolve issues on endpoints

  • Provide user support as required

  • Assist in evaluation of vendor products for hardware, software, and other equipment for IT modernization efforts

  • Develop, implement and promotes standard IT procedures

  • Available after hours as required

Requisition Number

COR-10840

Location Atlanta - GA

Requirements

MINIMUM SKILLS & REQUIREMENTS:

At least one (1) year hands-on experience with the following:

  • AntiVirus/AntiMalware software administration and remediation

  • VOIP Telephone administration

  • Data cabling and jack termination CAT5e/CAT6, etc.

  • Windows Server file share permissions

  • Windows Server 2016, 2019 administration

DESIRED SKILLS & REQUIREMENTS:

  • Experience with switches and firewalls

  • Implementation and management of software and hardware solutions in a Windows server environment

  • Knowledge of IPSec and MPLS communications

THIS POSITION DOES NOT REQUIRE AN ACTIVE DoD CLEARANCE

 

Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.

Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.

Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.

All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.

Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact srchr@scires.com opens an email client application for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.

Must presently have or be eligible for a government security clearance.

https://recruiting.adp.com/srccar/public/RTI.home?d=External&c=1130807#/

 

Application Security Engineer (Senior & Associate Level)

4 openings

HuntSource, a technology placement firm specializing in Cyber Security, is partnering with a Fortune 100 company to help scale their AppSec team.  With four new openings, this is an exciting opportunity for qualified candidates at all levels to get their foot in the door with a talented, diverse, and collaborative AppSec group.   

Our client is considering experienced Application Security Engineers who have led or participated in code reviews, completed threat modeling, and have assessed findings from AppSec tools.  In this role, you will perform static analysis / assessments of the applications with and without scanners.

Our client is based in Atlanta and are currently considering local and non-local candidates who can effectively work remotely.  Base salary range depending on experience ($110,000 to $175,000 plus bonus) 

Requirements for an Application Security Engineer:

  • Understanding of Software Security Architecture and Design, SDLC and the ability to clearly articulate best practices for application security

  • Hands on experience in Threat Modeling, SAST, DAST, and Web application security including OWASP 10 and SANS 25

  • Preferred OOP Languages – Java a must, C, C++ (C++/CLI), C, Python would be OK

  • Static Application Security Testing (SAST) experience necessary - Experience with at least one Static Analysis tools (e.g. Fortify, Veracode, Checkmarx)

  • Dynamic Application Security Testing (DAST) helpful

  • Conducting secure code reviews 

  • Methodologies / Ideal Certifications – OWASP Top 10, SANS 25, CSSLP, GSSP – Java, GWEB, CEH

If you or anyone you know is interested in learning more, please reach out to Greg – gaitken@huntsource.io 

Position: Security Engineer, Application Security / Red Team

If interested; please contact John Leibforth at the bottom of this thread:

 

 

Position: Security Engineer, Application Security / Red Team

Salary: 160-170 K Per annual + equity and Bonus

Location: Remote

Client Type: FinTech

To succeed in this role, you will:

 

  1. Have extreme attention to detail without sacrificing execution rigor

  2. Bias towards action and own tasks end-to-end

  3. Work through hurdles and tactfully navigate the organization driving towards the objective

  4. Be a doer that can get things done and unblock tasks while building deep organizational relationships along the way

  5. Be thoughtful and analytical - ask why and challenge preconceived notions

  6. Ability to work independently with minimal supervision

  7. Own the company’s problems like they are your own

  8. Obsessive drive and passion for security and building products people use

 

Requirements:

 

  1. Working knowledge of NIST, ISO, OWASP and similar frameworks

  2. Knowledge of current threats and vulnerabilities found in financial services and crypto industries

  3. Comfortable with Git, Jira, Jenkins or similar tools

  4. Knowledgeable in scripting languages including but not limited to Python and Bash. Elixir is a plus

  5. Solid experience in threat modeling and identification techniques

  6. Ability to work with developers to resolve security issues

  7. Experience in code reviews, vulnerability detection, and root cause analysis

  8. Background in software development, software quality assurance, or similar engineering roles

  9. History working with or on security operations, security engineering, or incident response teams

  10. Hands-on experience implementing and managing static code analysis solutions such as Veracode’s SourceClear

  11. Experience using and/or managing HackerOne or similar bug bounty programs – experience only as a hacker on these platforms is sufficient

 

If you're open to chatting or know of someone in your network, I'd welcome a conversation. Feel free to reach out! Please send your most updated resume as this will make our conversation more relevant

John Robert Leibforth Jr.
Senior Information Technology Recruiter - Cyber Security
720.441.1154
John.Leibforth@hays.com

https://www.linkedin.com/in/john-leibforth-hays/