Security Assurance Analyst

Eagle is currently seeking a Security Assurance Analyst for a six (6) month contract opportunity, scheduled to begin immediately.

Key Responsibilities of a Security Assurance Analyst

  • Required to understand, evaluate, and recommend all aspects of the holistic security features of an online bank, end to end, from the client web browser, across the Internet, through the web servers & database servers, to the back-end bank transactions, including all EFT types.

Skills and Qualifications of a Security Assurance Analyst

  • Sysadmin skills (for Unix or UNIX + windows) with experience in a 100+ asset environment, including familiarity with local/OS/software firewalls including Windows firewall, iptables, ipf, pf, or similar;
  • Familiar with all aspects of operating system and application logging, including centralized logging, syslog, web logs, process auditing, and file integrity monitoring;
  • Knows the difference between an SSD and HDD, understands bare metal, VMs, and containers. DBA skills/experience, familiar with two of: oracle, MySQL, ms-sqlserver, postgres, SAP, DB2 in the context of transaction/audit logs, end-to-end security between servers as well as clients & servers, db & table access permissions, DRP (backups/restores/redundancy), Sql injection, query performance tuning;
  • Network Administrator skills, familiar with OSI Layer 3-7, cloud services VPCs, vlans, private vlans, secure vlans, trunking, switching, routing, firewalls, reject/deny vs. drop, reverse tunnels, and solicited vs. unsolicited ingress & egress;
  • Development skills, proficient in two of: python, php, JavaScript, Perl. Also proficient in shell scripting, and optionally would be proficient in ruby, lua, c, c++, c#, and/or assembly;
  • Penetration Tester familiar with PCI compliance, webapp pentesting, network scanning vs. agent based vulnerability management, policy compliance, ddos resiliency testing, and all modern tools involved in service exploitation (kali, MSF, r7, core impact, Qualys, Nessus, Nmap, burp, more);
  • Familiar with and able to recommend implementation and use of encryption technologies in all of the above, including db tables, file systems, client/server certificates, db network queries & results, data at rest, data in transit, IPsec/L3 vpn's, HTTPS, TLS1.2 and SSH;
  • Experienced with Web Application security assessment with a focus in RESTful and SOAP API calls;
  • At the minimum, completely master Wireshark, Burp suite and Fiddler.

Don’t miss out on this opportunity, apply online today!

Eagle is an equal opportunity employer and will provide accommodations during the recruitment process upon request. We thank all applicants for their interest; however, only candidates under consideration will be contacted. Please note that your application does not signify the beginning of employment with Eagle and that employment with Eagle will only commence when placed on an assignment as a temporary employee of Eagle.

 

  • Posted On: December 04, 2018
  • Job Type: Contract
  • Job ID: 58357
  • Location: Edmonton AB