Jobs listings from the slack

Submit a job posting: https://goo.gl/forms/QgbCdh6rVu6rfjJz1

Disclaimer: These job listings are generally provided by our users and are not legally binding. Please discuss all employment details with the company you're applying to. Thanks!


Texas Health Resources

Listing Date: 1/5/2018

Contact: See Link or dm m0use in slack

Title: CyberSecurity Analyst III

Location: Arlington, Texas

Description:


http://jobs.texashealth.org/ShowJob/Id/1460021/Cybersecurity-Analyst-III/

Salary: Market

Desired Education / Certifications:

Bachelors

Remote Work / Travel: 2 days per week remote AFTER 90 days must live in Texas

Clearance: No


Rackspace

Listing Date: 12/13/17

Contact: @Paradoxical (netsec slack -- for referral)

Title: Google Deployment Engineer

Location: Remote, US

Description:

In this role you will:

Work with a talented team to build the foundation of Managed GCP at Rackspace

Automate infrastructure builds and deployments for customer environments utilizing GCP and associated services

Develop tools and processes to improve customer and Racker lives

Educate customers and Rackers on best practices in terms of redundant architecture and application deployment workflows

Salary: ?

Desired Education / Certifications:

Proficiency in Python or Go

Experience working in a containerized environment (Docker/LXC) with Kubernetes exposure

One or more of the following certifications: Google Certified Professional Cloud Architect or Google Certified Professional Data Engineer

Relevant technical certifications in Google Compute Platform, RedHat, MySQL, and other related technologies

Experience working with Service Oriented or Microservices Architectures

Remote Work / Travel: Remote US

Clearance: No


Rapid 7

Listing Date: Dec 6, 2017

Contact: @Kalabaster on slack

Title: Potato Engineer

Location: DC Metro

Description:



Work supporting the Rapid7 Managed Detection and Response SOC, a 24/7 SOC with flexible hours with general shift work. Do like data? We like data. We like getting this data and enriching it, correlating it, and transforming it into something that doesn't make security analysts and threat hunters want to cry themselves to sleep. 

You will be building infrastructure and code to support your own developed toolsets (or integrate POC'd code developed by analysts) to enable the finding of evil in small to large (20,000+ endpoint) environments. Beers in the office fridge, nerf guns, weekly voluntary training sessions on voted topics, and the chance to chill with some of the smartest misfits in the biz (and also me). 

Do you want to Build services and applications to enable efficiencies for service delivery teams? 

Do you believe there is a better way to do incident detection and response, vulnerability management, and application security? 

Can you work on standing up and maintaining well documented Rest API frameworks that analysts can query with their own duct-taped together scripts.

Can you make JSON great again?

Can you appreciate the need to take in ALL THE DATA (so analysts don't have blind spots), then turn that data into info, and then make sure that only the things that matter keep getting served up and drop the other stuff.

Can you Go, JS, Python, play in the cloud, play with JSON, and play with databases all at once, or want to learn how to?

Can you handle do all of the stack on the front end to make these million data points into not just something pretty, but something with consistent and considerable value to other technically minded individuals?

Can you handle analysts handing off POC (broken, sad, but effective/working) code and saying "plz maek enterprize pretty".


Formal Listing: 

Role and Responsibilities

Extend or create tools to support build/release/deploy/configuration/monitoring of a microservice based platform
Select technical infrastructure solutions (database, web/API components, automation) to meet the goals of the application
Contribute to broader engineering initiatives
Provide documentation and training for tooling
Troubleshoot development and production cloud issues
Manage VPC, DNS, load balancers, instances and containerized applications
Linux system administration
Job Qualifications

Experience with container orchestration tools (such as Docker Swarm, Kubernetes, Nomad, etc)
Experience with infrastructure-as-code tools (such as CloudFormation, Terraform, etc.)
Experience with configuration management tools (such as Chef, Puppet, Ansible, etc.)
Experience with service discovery tools (such as Consul, ZooKeeper, etcd)
Experience with Jenkins (Job DSL/groovy in particular)
Experience with Python (development or deployment support)
Experience training and mentoring across teams
Experience with deploying and maintaining relational, document, and node based database technologies
Desire to constantly expand technology skill set
Job Pluses

Experience with NodeJS and Go
Experience with continuous integration/continuous delivery
Experience with information security
Experience with developing infrastructure as a pipeline
Experience developing solutions across global boundaries


Salary: It's wide, plus a chunky bonus

Desired Education / Certifications: School of Hard Knocks

Remote Work / Travel: Flexible WFH hybrid

Clearance: None


Rapid 7

Listing Date: June 13, 2017

Contact: @Kalabaster on slack

Title: Cyber Potato

Location: Alexandria, VA or Dublin, Ireland

Description:

Work in Rapid7 Managed Detection and Response SOC, a 24/7 SOC with flexible hours with general shift work. This is a threat hunting and incident response roles, with a monitoring component. This is a 15% network based, and 85% host based shop. Be familiar or willing to learn about using host based forensic artifacts. Beers in the office fridge, nerf guns, weekly voluntary training sessions on voted topics, and the chance to chill with some of the smartest misfits in the biz (and also me). 

Ignore the garbage on the posted ad, these are the things that matter:

Can you speak to how you can catch bad guys? 

If someone finds malware on a system, can you do something with it that isn't just "look it up on virustotal and see if it's bad by its score" (i.e. find it out how it got there and what it did using filesystem, memory, network forensics)?

If I gave you a malicious PDF, how could you figure out how to see if it's bad (using google, etc)?

How can you prove evidence of execution on a file system?

What's shimcache and why is it useful?

What are different ways malware can establish persistence?

Can you code in python, go, or angular.js?

If I gave you a 2 GB csv of log data, can you do something useful with the data inside it, other than cry uncontrollably?

If you don't know the answer to these things, would you be able to learn it quickly if I gave you recommended reading on the subject?

Have you read and can you speak to any of these books: "Incident response and Computer Forensics, Third Edition", "Practical Malware Analysis", "The Art of Memory Forensics"?

Salary: 25-40k (Belfast), 90k-130k (Alexandria) + 10% bonus (can go higher based off performance). Base salary in DC can go deep into 6 figures, but you have to actually know your shit for that.

Education: Not Listed

Desired Education / Certifications: None required, SANS/GIAC is preferred

Remote Work / Travel: Flexible WFH hybrid

Clearance: None


McAfee

Listing Date: 11/6/17

Contact: erin_loeher@mcafee.com

Title: McAfee Strategic Technical Lead

Location: Chicago, IL

Description:

McAfee consultant will provide solution management and support advocacy for Customer. The consultant is there to focus on driving a deeper and broader use of McAfee products. High level tasks, include but not limited to:
Work with Customer staff to understand customer environment, technologies, and policies
Advises on strategic direction for security solutions across the enterprise
Provides recommendations on product usage
Coordinates McAfee business and security processes across the organization
Provides assistance and validation of implementation timelines and delivery management
Communicates clearly to executive management and manages the reporting process
Coordinates and drives McAfee solutions and direction across business units to achieve measurable increases in product deployment, end-user knowledge, and operationalization
Is empowered, with Customer approval, to participate in hands on deployment, configuration, and tuning tasks
Provides up to date information on product updates and alerts
Has direct access to:
Top tier McAfee product specialists
McAfee knowledge base
Downloads and platinum portal
McAfee incident response services
McAfee Labs

Salary: n/a

Education: n/a

Remote Work / Travel: Local Only

Clearance: None


McAfee

Listing Date: 11/6/17

Contact: erin_loeher@mcafee.com

Title: McAfee Endpoint Specialist

Location: Chicago, IL

Description:

McAfee consultant will be the primary point of contact for actions and questions regarding McAfee endpoint technologies 
The McAfee consultant will work with Customer-appointed personnel to deploy McAfee endpoint technologies to Customer environment in a phased pilot approach, automate ePO and upgrade McAfee Endpoint Security (“ENS”) to latest version.
McAfee consultant will then provide oversight and assistance to customer
McAfee consultant will attempt to reduce risk within the environment through activities that improve product coverage;
Analyze data to focus on actionable events
Assist with incident management
Identify vulnerabilities or threats that introduce weaknesses in the solution design
Make recommendations for configuration changes and lead activities related to Product deployment. 
McAfee consultant will work with Support to resolve open tickets.

Salary: n/a

Education: n/a

Remote Work / Travel: Local on-site only

Clearance: None


Infinity Consulting Solutions

Listing Date: October 19, 2017

Contact: @icscampbell on slack / ccampbell@infinity-cs.com

Title: Cyber Security Analyst

Location: Northbrook, IL

Description:

Responsibilities:
Seeking a highly technical penetration tester or ethical hacker with a software development background and domain experience in embedded product and software testing.  Will conduct advanced penetration tests, hacking to identify issues in embedded products and software.  Will conduct vulnerability testing, risk analyses and security assessments.
                         
 Key Tasks: 
•	Demonstrate a deep interest in learning new technology platforms for security testing, and forensics.    
•	Keep abreast on latest security news/trends.       
•	Conduct security tests using automated tools, ad-hoc tools and manual testing 
•	Conduct penetration testing against different technological domains including, but not limited to, web products, hardware products, wireless products, software, cloud based software, smart device applications.      
•	Assess and calculate risk based on vulnerabilities and exposures discovered during testing.       
•	Create required information security documentation technical reports and formal papers on test findings, and complete requests in accordance with requirements.      
•	Handle and complete customer projects to the defined requirements in the timeframe required by customer with the highest quality and integrity of work.      
•	Meet and exceed customer's expectations with projects and other related tests and activities.

Qualifications:
 
Generally two years' experience in cybersecurity, software development, or ethical hacking.
 
Experience installing and using various OS distributions and application packages.
 
Hands-on experience with commercial, open source and free security solutions such as AppScan, Fortify, Maltego. Kali Linux, Nessus, OpenVAS, Qualys, Core Impact Pro, MetaSploit, nmap, nessus, ettercap, static source code analysis tools, fuzzing tools, dynamic binary testing tools.
 
Understanding of security issues on various operating systems, open source web and database platforms
 
Experience scripting in one or more of the following languages: sh, csh, perl, python, awk, ruby and programming experience in C, C++, Java.
 
Strong expertise in testing in two or more of the following domains: Embedded software, embedded security, industrial control systems / SCADA, medical devices, telecom and networking equipment.

Salary: $90000.00 - $120000.00 base + performance bonus

Education: None required / CEH, CISSP, CISA, GIAC preferred

Remote Work / Travel: Flexible / No travel required

Clearance: no