Tuesday, March 21, 2017

Need::Open IDM /ForgeRock Consultant,, Security Architecture Analyst,, && LDAP Architect/Consultant _New York , NY

Hi ,

If you have anyone with you for the following position, please send the suitable resume along with Contact Details,

Kindly share suitable resumes ASAP to sanjay.yadav@nityo.com

 

Requirement:1

Role : Open IDM /ForgeRock Consultant

Location : New York , NY

Duration: Long time

Client: TCS/Morgan Stanley

Job Description:

   Hands on solid experience with solution delivery in OpenIDM with Java/Goovy scripting, Web technologies (e.g. Angular, Backbone, Bootstrap, Handlebars JS).  

   Good knowledge/experience of LDAP, Active directory;

   Knowledge of software development lifecycle concepts (source code management, code review, testing, etc);

   Good verbal and written communication skills Skills Desired;

   Additional scripting skills in either Python or Perl;

   Experience operating in a large, silo'd enterprise;

   Experience with development collaboration systems (e.g., Jira, Gerrit, Stash);

   Experience with continuous integration systems (e.g., Jenkins)

 

Requirement:2

Role : LDAP Architect/Consultant

Location : New York , NY

Duration: Long time

Client: TCS/Morgan Stanley

Job Description:

Work in the engineering team under direction of the Engineering Lead

    Responsibilities: Engineering tasks to keep existing LDAP plant current [eg. Rollout of the next Oracle patch for this product]

    Product: Oracle DSEE 11gr1p1 - Good to have

    Deep product knowledge required [>200 Instances, Multi-masters, hubs, consumers across the globe, > 10 dedicated plants, >1 billion queries/day]

    Good communications skills, must have worked on large scale LDAP deployments before, experience with global multi-national organization would be preferred.

 

 

Requirement:3

Role : Security Architecture Analyst

Location : New York- Locals only

Duration: Long time

Client: TCS/Morgan Stanley

Job Description:

The Security Architecture (SecArch) team is part of the Technology Infrastructure Risk (TIR) organization. The mission of the SecArch team is to provide security architecture assessments of technology systems and processes to identify business risks and recommend remedial action based on established security standards or security best practices. The SecArch Generalist is an internal consultant that is working on multiple security architecture and design assessments spanning multiple classes of technologies.  It is an opportunity to get involved in multiple business units and technologies inherent to the mission of SecArch. The Integrator works with team members (Technology, Business, Suppliers, Stakeholders and Partners) globally to perform SecArch assessments. To be successful as an Integrator the candidate must have broad technology experience coupled, risk management, communication, and time management skills.

A SecArch Generalist has the following responsibilities:

1. Lead SecArch deep dives with the requestor of the assessment

2. Prioritize risks identified in relation to business risks

3. Conduct assessment and provide technology risk/requirements to the requestor. Areas covered:

a. Authentication, Authorization, Auditing

b. Application Security – Session Security, Vulnerability/Pen Testing items, Input Validation

c. Secure data transport and storage

4. Periodically review security reference architecture (security blueprints) and conduct updates/enhancements

5. Participate in various Operational and Technology Risk governance processes

6. Assist in identifying new areas and opportunities of technology investment for the firm

Skills and Experience

Soft Skills (Required)

1. Excellent communication skills: written, oral, presentation, listening

2. Ability to influence through factual reasoning

3. Time management: ability to handle multiple concurrent assessments, plan based deliverable management, strong follow up and tracking

4. Strong focus on delivery when presented with short timelines and increased involvement from senior management

5. Ability to adjust communication of technology risks vs business risks based on the audience

 

Security Architecture Skills

1. Required – In depth knowledge of application, network and platform security vulnerabilities. Ability to explain these vulnerabilities to developers

2. Required – Experience in conducting Information Security, IT Security, Audit assessments. Presenting the outcomes of the assessment and obtaining buy in.

3. Required – Strong focus on reviewing technical designs and functional requirements to identify areas of Security weakness.

4. Required – The candidate must have working experience in the following application/network security domains:

a. Authentication: SAML, SiteMinder, Kerberos, OpenId

b. Entitlements and identity management

c. Data protection, data leakage prevention and secure data transfer and storage

d. App Security - validation checking, software attack methodologies

e. Cryptography – encryption and hashing

5. Desired – Knowledge of standard network model and the risks that present at each layer, the functions of network equipment such as switches, routers, firewalls, proxies, vpn, and load-balancers, and to understand network architecture.

6. Desired - The candidate must have working knowledge of the primary operating systems (Unix, Windows, z/OS, Mac OS), the configuration and management of that platform at an enterprise scale, the security risks to that platform, and how to mitigate those risks.

7. Desired - experience in testing tools, at least one of Veracode, Fortify, OunceLabs, AppScan, WebInspect, Burp

Development Experience

1. Required – Even though the SecArch Integrator role is not a development role, the candidate must have previous background in programming, design and application architecture.

2. Required – In order to be a practical SecArch Integrator the candidate must have experience implementing complex applications in an enterprise environment.

3. Required – working knowledge of programming and scripting languages: Java, JavaScript, C#, C/C++, Perl, Python, Ruby

4. Desired – In-depth knowledge of web technologies such as Web Browsers, Web Servers, Web Services

Other Areas of Expertise

1. Frameworks, protocols and subsystems:  J2EE, .NET, Spring, RPC, SOAP,  MQSeries, JMS, RMI, JMX, Hibernate.

2. Knowledge of JSP /Servlet/EJB or ASP.NET, HTTP/HTTPS, Cookies, AJAX, JavaScript, Flex / Silverlight.

3. Database design and programming experience

4. Experience of liaising with 3rd Party Entities (exchanges, suppliers, regulators)

5. Experience in conducting and / or reviewing penetration tests, dynamic vulnerability assessments and static vulnerability assessments

6. Understanding of geographic regulations and their impact on Security assessments

7. Previous experience in Financial Services is preferred

8. CISSP or other industry qualification

9. Desired – experience working with global organizations

Educational Requirements

Bachelor's Degree with minimum 5 years relevant work experience in high-paced, enterprise environment

Recruiting Notes

Many application security candidates will have a lot of knowledge in using the testing tools identified in the job description.  This is good but if their experience is solely in uses the tools and not as a part of other responsibilities.

If a resume / CV tends to focus heavily on risk assessments at a high level (i.e. conducted risk assessments with several users) but does not detail what was involved in those risk assessments they may not be at a technical level required for this position.

Communication skills are important for this role since they will be interacting with many groups on a global scale.  Please screen for strong spoken and written communication

 

 

 



Thanks & Regards,

Sanjay Yadav

Techinical Recruiter

Desk : 609-853-0818 Ext-2167 Email: sanjay.yadav@nityo.com

www.nityo.com

--
You received this message because you are subscribed to the Google Groups "US Jobs: Requirements, Clients and Consultants" group.
To unsubscribe from this group and stop receiving emails from it, send an email to recruiters-r-us+unsubscribe@googlegroups.com.
To post to this group, send email to recruiters-r-us@googlegroups.com.
Visit this group at https://groups.google.com/group/recruiters-r-us.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment

AddThis Smart Layers

Attention

The job offers on this web site are not related with jobs724.blogspot.com and the owner of the website. These job offers indexed by RSS feed from Google Groups about Online Job offers, Software Jobs, IT Jobs, Recruiters&Consultants, USA Jobs etc. This site does not reserve any rights to, nor claims copyright to, any software names listed on these pages. All references are copyright to their respective owners. If you want to apply for any job, you need to contact with the owner of job, not with any admins of jobs724.blogspot.com. If you have any doubts about legality of content or you have another suspicions, feel free to contact us.

Find the latest software jobs, Talent from US and Canada. ASP.NET, VB.NET, C#, ADO.NET, Consultamcy, ASP.NET, VB.NET, C#, ADO.NET, Consultamcy SAP, client-server, e-commerce and web development etc., SAP APO Green Card H1B, B1, JAVA J2EE, RMI, XML, weblogic, websphere JDBC

Stay Updated!

We have indexed IT job opportunities and counting! Don't miss any chance. Subscribe us and get the latest IT jobs listings to your inbox!

Jobs Archive