Jobs listings from the slack

Submit a job posting: https://goo.gl/forms/QgbCdh6rVu6rfjJz1

Disclaimer: These job listings are generally provided by our users and are not legally binding. Please discuss all employment details with the company you're applying to. Thanks!


McAfee

Listing Date: 11/6/17

Contact: erin_loeher@mcafee.com

Title: McAfee Strategic Technical Lead

Location: Chicago, IL

Description:

McAfee consultant will provide solution management and support advocacy for Customer. The consultant is there to focus on driving a deeper and broader use of McAfee products. High level tasks, include but not limited to:  
Work with Customer staff to understand customer environment, technologies, and policies  
Advises on strategic direction for security solutions across the enterprise  
Provides recommendations on product usage  
Coordinates McAfee business and security processes across the organization  
Provides assistance and validation of implementation timelines and delivery management  
Communicates clearly to executive management and manages the reporting process  
Coordinates and drives McAfee solutions and direction across business units to achieve measurable increases in product deployment, end-user knowledge, and operationalization  
Is empowered, with Customer approval, to participate in hands on deployment, configuration, and tuning tasks  
Provides up to date information on product updates and alerts  
Has direct access to:  
Top tier McAfee product specialists  
McAfee knowledge base  
Downloads and platinum portal  
McAfee incident response services  
McAfee Labs  

Salary: n/a

Education: n/a

Remote Work / Travel: Local Only

Clearance: None


McAfee

Listing Date: 11/6/17

Contact: erin_loeher@mcafee.com

Title: McAfee Endpoint Specialist

Location: Chicago, IL

Description:

McAfee consultant will be the primary point of contact for actions and questions regarding McAfee endpoint technologies  
The McAfee consultant will work with Customer-appointed personnel to deploy McAfee endpoint technologies to Customer environment in a phased pilot approach, automate ePO and upgrade McAfee Endpoint Security (“ENS”) to latest version.  
McAfee consultant will then provide oversight and assistance to customer  
McAfee consultant will attempt to reduce risk within the environment through activities that improve product coverage;  
Analyze data to focus on actionable events  
Assist with incident management  
Identify vulnerabilities or threats that introduce weaknesses in the solution design  
Make recommendations for configuration changes and lead activities related to Product deployment.  
McAfee consultant will work with Support to resolve open tickets.  

Salary: n/a

Education: n/a

Remote Work / Travel: Local on-site only

Clearance: None


Infinity Consulting Solutions

Listing Date: October 19, 2017

Contact: @icscampbell on slack / ccampbell@infinity-cs.com

Title: Cyber Security Analyst

Location: Northbrook, IL

Description:

Responsibilities:  
Seeking a highly technical penetration tester or ethical hacker with a software development background and domain experience in embedded product and software testing.  Will conduct advanced penetration tests, hacking to identify issues in embedded products and software.  Will conduct vulnerability testing, risk analyses and security assessments.

 Key Tasks: 
•    Demonstrate a deep interest in learning new technology platforms for security testing, and forensics.    
•    Keep abreast on latest security news/trends.       
•    Conduct security tests using automated tools, ad-hoc tools and manual testing 
•    Conduct penetration testing against different technological domains including, but not limited to, web products, hardware products, wireless products, software, cloud based software, smart device applications.      
•    Assess and calculate risk based on vulnerabilities and exposures discovered during testing.       
•    Create required information security documentation technical reports and formal papers on test findings, and complete requests in accordance with requirements.      
•    Handle and complete customer projects to the defined requirements in the timeframe required by customer with the highest quality and integrity of work.      
•    Meet and exceed customer's expectations with projects and other related tests and activities.

Qualifications:

Generally two years' experience in cybersecurity, software development, or ethical hacking.

Experience installing and using various OS distributions and application packages.

Hands-on experience with commercial, open source and free security solutions such as AppScan, Fortify, Maltego. Kali Linux, Nessus, OpenVAS, Qualys, Core Impact Pro, MetaSploit, nmap, nessus, ettercap, static source code analysis tools, fuzzing tools, dynamic binary testing tools.

Understanding of security issues on various operating systems, open source web and database platforms

Experience scripting in one or more of the following languages: sh, csh, perl, python, awk, ruby and programming experience in C, C++, Java.

Strong expertise in testing in two or more of the following domains: Embedded software, embedded security, industrial control systems / SCADA, medical devices, telecom and networking equipment.  

Salary: $90000.00 - $120000.00 base + performance bonus

Education: None required / CEH, CISSP, CISA, GIAC preferred

Remote Work / Travel: Flexible / No travel required

Clearance: no


Rapid 7

Listing Date: June 13, 2017

Contact: @Kalabaster on slack

Title: Cyber Potato

Location: Alexandria, VA or Belfast, Ireland

Description:

Work in Rapid7 Managed Detection and Response SOC, a 24/7 SOC with flexible hours with general shift work. This is a threat hunting and incident response roles, with a monitoring component. This is a 15% network based, and 85% host based shop. Be familiar or willing to learn about using host based forensic artifacts. Beers in the office fridge, nerf guns, weekly voluntary training sessions on voted topics, and the chance to chill with some of the smartest misfits in the biz (and also me). 

Ignore the garbage on the posted ad, these are the things that matter:

Can you speak to how you can catch bad guys? 

If someone finds malware on a system, can you do something with it that isn't just "look it up on virustotal and see if it's bad by its score" (i.e. find it out how it got there and what it did using filesystem, memory, network forensics)?

If I gave you a malicious PDF, how could you figure out how to see if it's bad (using google, etc)?

How can you prove evidence of execution on a file system?

What's shimcache and why is it useful?

What are different ways malware can establish persistence?

Can you code in python, go, or angular.js?

If I gave you a 2 GB csv of log data, can you do something useful with the data inside it, other than cry uncontrollably?

If you don't know the answer to these things, would you be able to learn it quickly if I gave you recommended reading on the subject?

Have you read and can you speak to any of these books: "Incident response and Computer Forensics, Third Edition", "Practical Malware Analysis", "The Art of Memory Forensics"?  

Salary: 25-40k (Belfast), 90k-130k (Alexandria) + 10% bonus (can go higher based off performance). Base salary in DC can go deep into 6 figures, but you have to actually know your shit for that.

Education: Not Listed

Desired Education / Certifications: None required, SANS/GIAC is preferred

Remote Work / Travel: Flexible WFH hybrid

Clearance: None