Description
Sacramento, CA, 95816
12+ Month Project
PROJECT SCOPE/TASKS
The scope of this project encompasses the following tasks:
1. Provide security analyses and recommendations for implementing administrative, physical and technical controls in support of project initiatives;
2. Review and guide technical security project implementation efforts;
3. Identify potential security concerns and possible mitigation recommendations during identification, design, testing, and implementation phases;
4. Identify, develop and implement best practices or other common or appropriate industry practices for security controls and processes, where appropriate;
5. Identify potential opportunities for improving security for the organization;
6. Provide clear and concise technical documentation, assessments, status reports and other written artifacts as required; and
7. Attend project, staff, and management meetings as required.
Senior Technical Specialist:
1. Must have 10+ years of experience defining, developing and implementing security processes;
2. Must have 10+ years of experience designing, developing, and implementing enterprise security services;
3. Must have 10+ years of experience in network security architecture;
4. Must have 6+ years of experience with security frameworks (eg, ISO 27002, NIST, etc.);
5. Must have 6+ years of experience running security tools and related software;
6. Must have 6+ years of technical security experience in applying information security and privacy best practices;
7. Must hold a SANS/GIAC Web Application Penetration Tester (GWAPT) certification;
8. Must have 6+ years of experience implementing the risk management and information security management frameworks adopted by the State of California and CalPERS;
9. Must have 6+ years in security incident response planning, detection and analysis, containment, eradication, recovery, and post incident activity.
Technical Specialist:
1. Must have 4+ years of experience defining, developing and implementing security processes;
2. Must have 4+ years of experience designing, developing, and implementing secure JavaScript processes;
3. Must have 4+ years of experience in designing, developing, and implementing secure SQL processes, queries and stored procedures;
4. Must have 4+ years of experience with security frameworks (eg, ISO 27002, NIST, etc.);
5. Must have 4+ years of experience running security tools and related software;
6. Must have 4+ years of technical security experience in applying information security and privacy best practices;
7. Must hold a SANS/GIAC Web Application Penetration Tester (GWAPT) certification;
8. Must have 4+ years of experience implementing the risk management and information security management frameworks adopted by the State of California and CalPERS;
9. Must have 4+ years of experience creating exploits for testing OWASP Top 10 Web Application Security Risks.