*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Penetration Testing and Vulnerabilities Engineer. Candidate will increase the security posture against all threats that put organizational operations, assets or individuals at risk. The Security Penetration Tester will engage in targeted testing consisting of threat intelligence gathering, network & web application penetration testing, Cloud security testing, physical security testing, mobile device security testing, and more. The Security Penetration Testing Team primarily performs non-covert informed white-box tests. The position will also involve interaction with multiple other Security teams such as Cyber Defense, Security Assurance, etc. and various IT teams to coordinate future security penetration tests and re-test past identified findings that have been remediated. Responsibilities: The ideal candidate will have extensive experience in more than one of the following: Open-Source Intelligence, Network Penetration Testing, Web Application Testing, Mobile Application and Device Testing, as well as a deep knowledge of scanning tools and vulnerability enumeration. Experience testing database Servers using custom Scripting and automation in at least one proficient programming language is required. This candidate must be driven, an excellent communicator, enthusiastic, a good mentor and have the desire to stay ahead of todays emerging threats and attack techniques . Assist the Security Penetration Testing Team to perform testing based on organizationally defined scope with strict adherence to the agreed-upon rules of engagement. Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Verify vulnerability false positives Perform security risk assessment, threat analysis and threat modelling. Perform independent reviews of security, network, and applications. Plan/Design/Execute security related activities and create artifacts. Stay on-time, on-budget, and within scope of testing activities. Develop clear detailed reports and recommendations based on concrete evidence. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Adhere to the best practices and work for delivering secured and quality products. Consult with technical experts and system owners on all aspects of Information Security and Compliance. Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture. Support security objectives and remediation efforts relating to Security Testing. Supports and successfully completes Audits. Cross-train the other Security Penetration Testers. Cross-train other teams within Security Services and IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations Participate in Lessons Learned process to provide information to help improve practices, methodologies, tools, and other technologies. Stay current on Threat Intelligence, emerging technology trends, and the overall threat landscape. Advise IT on current and emerging threats, their attack vectors, and how to mitigate them. Provide leadership, share knowledge and mentor team members. Support Security Penetration Testing Team management and activities and be a team player. Perform other duties as assigned. Qualifications: Strong enthusiasm to stay up-to-date on Threat Intelligence and learn new vulnerability and exploits on a regular basis Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Exceptional tactical planning skills based on long-term strategic goals. Exceptional verbal/written communication skills to be able to articulate ideas clearly and concisely. Excellent listening skills. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Ability to facilitate meetings and conversations. Ability to work with business users, understand their needs and translate those needs to the final project deliverables. Nice to have experience working on critical infrastructure in a regulated environment. Technical Skills: Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong proficiency in intelligence gathering. Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) is a plus. Experience with using ServiceNow is a plus. BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years experience of Penetration testing 6+ Years experience in Information Assurance or Information Security environment. Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.
23/04/2025
Full time
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Penetration Testing and Vulnerabilities Engineer. Candidate will increase the security posture against all threats that put organizational operations, assets or individuals at risk. The Security Penetration Tester will engage in targeted testing consisting of threat intelligence gathering, network & web application penetration testing, Cloud security testing, physical security testing, mobile device security testing, and more. The Security Penetration Testing Team primarily performs non-covert informed white-box tests. The position will also involve interaction with multiple other Security teams such as Cyber Defense, Security Assurance, etc. and various IT teams to coordinate future security penetration tests and re-test past identified findings that have been remediated. Responsibilities: The ideal candidate will have extensive experience in more than one of the following: Open-Source Intelligence, Network Penetration Testing, Web Application Testing, Mobile Application and Device Testing, as well as a deep knowledge of scanning tools and vulnerability enumeration. Experience testing database Servers using custom Scripting and automation in at least one proficient programming language is required. This candidate must be driven, an excellent communicator, enthusiastic, a good mentor and have the desire to stay ahead of todays emerging threats and attack techniques . Assist the Security Penetration Testing Team to perform testing based on organizationally defined scope with strict adherence to the agreed-upon rules of engagement. Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Verify vulnerability false positives Perform security risk assessment, threat analysis and threat modelling. Perform independent reviews of security, network, and applications. Plan/Design/Execute security related activities and create artifacts. Stay on-time, on-budget, and within scope of testing activities. Develop clear detailed reports and recommendations based on concrete evidence. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Adhere to the best practices and work for delivering secured and quality products. Consult with technical experts and system owners on all aspects of Information Security and Compliance. Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture. Support security objectives and remediation efforts relating to Security Testing. Supports and successfully completes Audits. Cross-train the other Security Penetration Testers. Cross-train other teams within Security Services and IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations Participate in Lessons Learned process to provide information to help improve practices, methodologies, tools, and other technologies. Stay current on Threat Intelligence, emerging technology trends, and the overall threat landscape. Advise IT on current and emerging threats, their attack vectors, and how to mitigate them. Provide leadership, share knowledge and mentor team members. Support Security Penetration Testing Team management and activities and be a team player. Perform other duties as assigned. Qualifications: Strong enthusiasm to stay up-to-date on Threat Intelligence and learn new vulnerability and exploits on a regular basis Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Exceptional tactical planning skills based on long-term strategic goals. Exceptional verbal/written communication skills to be able to articulate ideas clearly and concisely. Excellent listening skills. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Ability to facilitate meetings and conversations. Ability to work with business users, understand their needs and translate those needs to the final project deliverables. Nice to have experience working on critical infrastructure in a regulated environment. Technical Skills: Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong proficiency in intelligence gathering. Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) is a plus. Experience with using ServiceNow is a plus. BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years experience of Penetration testing 6+ Years experience in Information Assurance or Information Security environment. Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Middleware Engineer with Apigee and OpenShift experience. Candidate will provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Candidate will provide technical expertise to Middleware staff, as well as manage day to day activities when called upon. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals. Qualifications: Excellent problem solving skills. Ability to work independently. Ability to multi-task and work with management to prioritize tasks. Demonstrate strong confidence in abilities and knowledge. Ability to work well in crisis situations. Ability to work under minimal supervision Flexibility to be on call as per team' schedule Good written and oral communication skills. Demonstrate accountability and Transparency Ability to collaborate, cross train and maintain healthy team environment Technical Skills: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Cloud certification a plus.
23/04/2025
Full time
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Middleware Engineer with Apigee and OpenShift experience. Candidate will provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Candidate will provide technical expertise to Middleware staff, as well as manage day to day activities when called upon. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals. Qualifications: Excellent problem solving skills. Ability to work independently. Ability to multi-task and work with management to prioritize tasks. Demonstrate strong confidence in abilities and knowledge. Ability to work well in crisis situations. Ability to work under minimal supervision Flexibility to be on call as per team' schedule Good written and oral communication skills. Demonstrate accountability and Transparency Ability to collaborate, cross train and maintain healthy team environment Technical Skills: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Cloud certification a plus.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
23/04/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
22/04/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Financial Institution is currently seeking a Senior Identity and Access Management Engineer with strong ForgeRock experience. Candidate will be responsible for access control and all associated programs. Applications supporting these programs include ForgeRock, SailPoint and Duo. This position has an emphasis on integrating internal applications with ForgeRock Identity suite using OAuth methodologies and custom scopes, coordinating directly with application development teams and enterprise architecture. Team Members collaborate daily for IAM System design and implementation, as well as assist with operational and customer support of the workforce in Identity and Access related functions. Team members assist with evaluating and supplementing our compliance readiness posture, assisting with the evaluation of control execution, process efficiency, and evidence gathering for internal and external auditors. Responsibilities To perform this job successfully, an individual must be able to perform each primary duty satisfactorily. Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned Qualifications The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security. Assist in communicating security policies and procedures to users. Assist internal and external customers with multi-platform security access issues and requests. Assist in identifying or developing tools or methods to track and monitor risk Support management with special projects and other duties as assigned. Microsoft Active Directory and LDAP Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Basic knowledge of Linux operating system administration. Basic knowledge of Windows server and desktop operating systems Basic knowledge of Amazon Web Services (AWS) Basic knowledge of Controls, Risk Ranking/mapping, Remediation items and general IT audit Preferred (nice to have) Sailpoint Identity IQ administration or experience E-GRC/Archer ServiceNow Mainframe architecture CA-ACF2 Mainframe access control facilities Directory services, LDAP, and their inherent security (Active Directory, CA Directory). Bachelors degree in Computer Science, Engineering, or other related field, or equivalent experience 7+ Years Identity Access Management (IAM) experience preferred Hands-on IT or security operations experience Industry recognized certifications (CISSP, ITIL, etc)
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Middleware Engineer with Apigee and OpenShift experience. Candidate will provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Candidate will provide technical expertise to Middleware staff, as well as manage day to day activities when called upon. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals. Qualifications: Excellent problem solving skills. Ability to work independently. Ability to multi-task and work with management to prioritize tasks. Demonstrate strong confidence in abilities and knowledge. Ability to work well in crisis situations. Ability to work under minimal supervision Flexibility to be on call as per team' schedule Good written and oral communication skills. Demonstrate accountability and Transparency Ability to collaborate, cross train and maintain healthy team environment Technical Skills: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Cloud certification a plus.
22/04/2025
Full time
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Middleware Engineer with Apigee and OpenShift experience. Candidate will provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Candidate will provide technical expertise to Middleware staff, as well as manage day to day activities when called upon. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals. Qualifications: Excellent problem solving skills. Ability to work independently. Ability to multi-task and work with management to prioritize tasks. Demonstrate strong confidence in abilities and knowledge. Ability to work well in crisis situations. Ability to work under minimal supervision Flexibility to be on call as per team' schedule Good written and oral communication skills. Demonstrate accountability and Transparency Ability to collaborate, cross train and maintain healthy team environment Technical Skills: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Cloud certification a plus.
Request Technology - Craig Johnson
Chicago, Illinois
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Firm is currently seeking a Senior Cloud Hosting Services Engineer with strong Azure experience. Candidate will be the IT Infrastructure team's cloud SME. Candidate will demonstrate their knowledge and hands-on experience with Azure cloud tools/technologies The Sr. Cloud Engineer reports to the Manager of Infrastructure Services. The ideal candidate will have extensive experience with Microsoft Azure, including PaaS and IaaS, and a strong understanding of Azure security best practices. Proficiency in creating and managing ARM and Bicep templates and supporting DevOps teams is essential. This role will involve designing, implementing, and maintaining cloud-based solutions to meet our business needs. Responsibilities: Design, implement, and manage scalable, secure, and reliable cloud infrastructure on Microsoft Azure. Develop and maintain Infrastructure as Code (IaC) using ARM and Bicep templates. Develop skill set across three domains (Infrastructure, Containers, and Networking) to better support the client. Ensure adherence to Azure security best practices and compliance requirements. Collaborate with DevOps teams to support CI/CD pipelines and automation processes. Monitor and optimize cloud resources for performance, cost, and scalability. Troubleshoot and resolve issues related to cloud infrastructure and services. Implement and manage Azure PaaS and IaaS solution, including on-premises server, storage, and database systems, among others. Independently and collaboratively lead client engagement workstreams focused on project, improvement, optimization, and transformation of processes. Communicate effectively and appropriately with both technical and non-technical audiences. Qualifications: Bachelor's degree in Computer Science, Engineering, or related field. 8+ years professional experience with multiple cloud platforms and technologies, including PaaS and IaaS. Ability to provide technical guidance and support to DevOps teams. Extensive experience with ARM/Bicep templates and Azure security best practices. Experience with distributed computing, complex architecture design, leading large-scale projects, and mentoring junior team members. Familiarity with managed Kubernetes services like Azure Kubernetes Service (AKS) and Azure Container Apps. Skilled in creating and managing Azure hub and spoke networks, using Network Virtual Appliances (NVAs), Route Tables (UDRs), applying Network Security Groups (NSGs), and ExpressRoute circuits. Proven experience with the Microsoft Cloud Adoption Framework and Azure Well-Architected Framework. Managing Infrastructure as Code (IaC) templates through Azure DevOps (or similar toolset), including use of Git, work items, branching, pull requests, and pipelines. Experience with monitoring, optimizing cloud resources, and creating custom Azure Policies. Preferred Qualifications: Master's degree in Computer Science, Engineering, or a related field. Experience in AI/Data-related project support with DevOps teams. Demonstrated experience with Security and IT Governance, including federated Identity and Access Management (IAM) solutions, including MFA, as well as Cloud Access Security Broker tools, to govern secure access to resources. Familiarity with other Infrastructure as Code (IaC) tools such as Terraform or Ansible. Other public cloud experience (AWS, Google, etc.). Azure VMware Solution (AVS) experience.
22/04/2025
Full time
*We are unable to sponsor for this permanent Full time role* *Position is bonus eligible* Prestigious Enterprise Firm is currently seeking a Senior Cloud Hosting Services Engineer with strong Azure experience. Candidate will be the IT Infrastructure team's cloud SME. Candidate will demonstrate their knowledge and hands-on experience with Azure cloud tools/technologies The Sr. Cloud Engineer reports to the Manager of Infrastructure Services. The ideal candidate will have extensive experience with Microsoft Azure, including PaaS and IaaS, and a strong understanding of Azure security best practices. Proficiency in creating and managing ARM and Bicep templates and supporting DevOps teams is essential. This role will involve designing, implementing, and maintaining cloud-based solutions to meet our business needs. Responsibilities: Design, implement, and manage scalable, secure, and reliable cloud infrastructure on Microsoft Azure. Develop and maintain Infrastructure as Code (IaC) using ARM and Bicep templates. Develop skill set across three domains (Infrastructure, Containers, and Networking) to better support the client. Ensure adherence to Azure security best practices and compliance requirements. Collaborate with DevOps teams to support CI/CD pipelines and automation processes. Monitor and optimize cloud resources for performance, cost, and scalability. Troubleshoot and resolve issues related to cloud infrastructure and services. Implement and manage Azure PaaS and IaaS solution, including on-premises server, storage, and database systems, among others. Independently and collaboratively lead client engagement workstreams focused on project, improvement, optimization, and transformation of processes. Communicate effectively and appropriately with both technical and non-technical audiences. Qualifications: Bachelor's degree in Computer Science, Engineering, or related field. 8+ years professional experience with multiple cloud platforms and technologies, including PaaS and IaaS. Ability to provide technical guidance and support to DevOps teams. Extensive experience with ARM/Bicep templates and Azure security best practices. Experience with distributed computing, complex architecture design, leading large-scale projects, and mentoring junior team members. Familiarity with managed Kubernetes services like Azure Kubernetes Service (AKS) and Azure Container Apps. Skilled in creating and managing Azure hub and spoke networks, using Network Virtual Appliances (NVAs), Route Tables (UDRs), applying Network Security Groups (NSGs), and ExpressRoute circuits. Proven experience with the Microsoft Cloud Adoption Framework and Azure Well-Architected Framework. Managing Infrastructure as Code (IaC) templates through Azure DevOps (or similar toolset), including use of Git, work items, branching, pull requests, and pipelines. Experience with monitoring, optimizing cloud resources, and creating custom Azure Policies. Preferred Qualifications: Master's degree in Computer Science, Engineering, or a related field. Experience in AI/Data-related project support with DevOps teams. Demonstrated experience with Security and IT Governance, including federated Identity and Access Management (IAM) solutions, including MFA, as well as Cloud Access Security Broker tools, to govern secure access to resources. Familiarity with other Infrastructure as Code (IaC) tools such as Terraform or Ansible. Other public cloud experience (AWS, Google, etc.). Azure VMware Solution (AVS) experience.
Request Technology - Craig Johnson
Chicago, Illinois
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Penetration Testing and Vulnerabilities Engineer. Candidate will increase the security posture against all threats that put organizational operations, assets or individuals at risk. The Security Penetration Tester will engage in targeted testing consisting of threat intelligence gathering, network & web application penetration testing, Cloud security testing, physical security testing, mobile device security testing, and more. The Security Penetration Testing Team primarily performs non-covert informed white-box tests. The position will also involve interaction with multiple other Security teams such as Cyber Defense, Security Assurance, etc. and various IT teams to coordinate future security penetration tests and re-test past identified findings that have been remediated. Responsibilities: The ideal candidate will have extensive experience in more than one of the following: Open-Source Intelligence, Network Penetration Testing, Web Application Testing, Mobile Application and Device Testing, as well as a deep knowledge of scanning tools and vulnerability enumeration. Experience testing database Servers using custom Scripting and automation in at least one proficient programming language is required. This candidate must be driven, an excellent communicator, enthusiastic, a good mentor and have the desire to stay ahead of todays emerging threats and attack techniques . Assist the Security Penetration Testing Team to perform testing based on organizationally defined scope with strict adherence to the agreed-upon rules of engagement. Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Verify vulnerability false positives Perform security risk assessment, threat analysis and threat modelling. Perform independent reviews of security, network, and applications. Plan/Design/Execute security related activities and create artifacts. Stay on-time, on-budget, and within scope of testing activities. Develop clear detailed reports and recommendations based on concrete evidence. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Adhere to the best practices and work for delivering secured and quality products. Consult with technical experts and system owners on all aspects of Information Security and Compliance. Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture. Support security objectives and remediation efforts relating to Security Testing. Supports and successfully completes Audits. Cross-train the other Security Penetration Testers. Cross-train other teams within Security Services and IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations Participate in Lessons Learned process to provide information to help improve practices, methodologies, tools, and other technologies. Stay current on Threat Intelligence, emerging technology trends, and the overall threat landscape. Advise IT on current and emerging threats, their attack vectors, and how to mitigate them. Provide leadership, share knowledge and mentor team members. Support Security Penetration Testing Team management and activities and be a team player. Perform other duties as assigned. Qualifications: Strong enthusiasm to stay up-to-date on Threat Intelligence and learn new vulnerability and exploits on a regular basis Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Exceptional tactical planning skills based on long-term strategic goals. Exceptional verbal/written communication skills to be able to articulate ideas clearly and concisely. Excellent listening skills. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Ability to facilitate meetings and conversations. Ability to work with business users, understand their needs and translate those needs to the final project deliverables. Nice to have experience working on critical infrastructure in a regulated environment. Technical Skills: Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong proficiency in intelligence gathering. Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) is a plus. Experience with using ServiceNow is a plus. BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years experience of Penetration testing 6+ Years experience in Information Assurance or Information Security environment. Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.
22/04/2025
Full time
*Position is bonus eligible* Prestigious Financial Institution is currently seeking a Lead Penetration Testing and Vulnerabilities Engineer. Candidate will increase the security posture against all threats that put organizational operations, assets or individuals at risk. The Security Penetration Tester will engage in targeted testing consisting of threat intelligence gathering, network & web application penetration testing, Cloud security testing, physical security testing, mobile device security testing, and more. The Security Penetration Testing Team primarily performs non-covert informed white-box tests. The position will also involve interaction with multiple other Security teams such as Cyber Defense, Security Assurance, etc. and various IT teams to coordinate future security penetration tests and re-test past identified findings that have been remediated. Responsibilities: The ideal candidate will have extensive experience in more than one of the following: Open-Source Intelligence, Network Penetration Testing, Web Application Testing, Mobile Application and Device Testing, as well as a deep knowledge of scanning tools and vulnerability enumeration. Experience testing database Servers using custom Scripting and automation in at least one proficient programming language is required. This candidate must be driven, an excellent communicator, enthusiastic, a good mentor and have the desire to stay ahead of todays emerging threats and attack techniques . Assist the Security Penetration Testing Team to perform testing based on organizationally defined scope with strict adherence to the agreed-upon rules of engagement. Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Verify vulnerability false positives Perform security risk assessment, threat analysis and threat modelling. Perform independent reviews of security, network, and applications. Plan/Design/Execute security related activities and create artifacts. Stay on-time, on-budget, and within scope of testing activities. Develop clear detailed reports and recommendations based on concrete evidence. Debrief users and provide remediation strategy on findings. Ensure alignment of security controls in testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Adhere to the best practices and work for delivering secured and quality products. Consult with technical experts and system owners on all aspects of Information Security and Compliance. Work closely with Production Support staff, Incidence Response, and IT infrastructure to increase organizational security posture. Support security objectives and remediation efforts relating to Security Testing. Supports and successfully completes Audits. Cross-train the other Security Penetration Testers. Cross-train other teams within Security Services and IT departments to provide subject matter knowledge of a specific adversarial threat/risk, or to assist with remediation path recommendations Participate in Lessons Learned process to provide information to help improve practices, methodologies, tools, and other technologies. Stay current on Threat Intelligence, emerging technology trends, and the overall threat landscape. Advise IT on current and emerging threats, their attack vectors, and how to mitigate them. Provide leadership, share knowledge and mentor team members. Support Security Penetration Testing Team management and activities and be a team player. Perform other duties as assigned. Qualifications: Strong enthusiasm to stay up-to-date on Threat Intelligence and learn new vulnerability and exploits on a regular basis Exceptional analytical, problem solving and troubleshooting skills with the ability to exercise good judgment while developing creative solutions. Exceptional tactical planning skills based on long-term strategic goals. Exceptional verbal/written communication skills to be able to articulate ideas clearly and concisely. Excellent listening skills. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Good applicable knowledge of policy and procedure development, systems analysis, Information Assurance (IA) policy, vulnerability management, and risk management Good understanding of regulatory standards including CSF, NIST, PCI, SSAE 16, SAS 70, HIPPA, FIPS 199, COBIT 5 and others as needed. Strong knowledge of cryptography (symmetric, asymmetric, hashing) and its various applications. Strong knowledge of common enterprise infrastructure technology stacks and network configurations. Exhibit ability to understand and probe/exploit a diverse range of Network and Internet Protocols. Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Ability to facilitate meetings and conversations. Ability to work with business users, understand their needs and translate those needs to the final project deliverables. Nice to have experience working on critical infrastructure in a regulated environment. Technical Skills: Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong proficiency in intelligence gathering. Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls. Proficient in creating content with Microsoft Office (Word, Excel, PowerPoint, Visio). Proficient in basic document management in a Microsoft SharePoint environment. Experience with dedicated document management tools (eg, DMS, PolicyTech) is a plus. Experience with using ServiceNow is a plus. BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years experience of Penetration testing 6+ Years experience in Information Assurance or Information Security environment. Security-related certifications (OSCP, OSWE, OSCE, GPEN, GXPN, GWAPT, ARTE, etc.) highly desired.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Apigee Middleware Engineer. This lead will be the subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments (Apigee, Nginx, Apache in containers is a must). Responsibilities: Apigee Platform Expertise: Deep and thorough knowledge of Apigee platforms (Edge Cloud, OPDK, Hybrid, X). Proficiency in Apigee Proxy development, CI/CD integration, and networking requirements. Extensive knowledge of Apigee architecture, including both on-premise and cloud form factors. Implementation and Operation: At least 5 years of experience in implementing and operating Apigee platforms. Demonstrated experience in designing and executing Apigee implementations. Deep understanding of Apigee components like nginx Routers, and Kubernetes. Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT s, Password rotations and Certificate renewals Qualifications: Bachelor's degree in a related area Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies APIGEE, NGINX Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Apigee Platform Expertise: Deep and thorough knowledge of Apigee platforms (Edge Cloud, OPDK, Hybrid, X). Proficiency in Apigee Proxy development, CI/CD integration, and networking requirements. Extensive knowledge of Apigee architecture, including both on-premise and cloud form factors. At least 5 years of experience in implementing and operating Apigee platforms. Demonstrated experience in designing and executing Apigee implementations. Deep understanding of Apigee components like nginx Routers, and Kubernetes. J2EE application services in containers and Legacy systems Systems administration and change management practices Message-oriented Middleware (tools such as Kafka, MQ) Scripting and coding CI/CD tools - Strong on Ansible, Terraform and Cloud Formation Cloud native applications Technologies used to support microservices (like RKE)
22/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Apigee Middleware Engineer. This lead will be the subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments (Apigee, Nginx, Apache in containers is a must). Responsibilities: Apigee Platform Expertise: Deep and thorough knowledge of Apigee platforms (Edge Cloud, OPDK, Hybrid, X). Proficiency in Apigee Proxy development, CI/CD integration, and networking requirements. Extensive knowledge of Apigee architecture, including both on-premise and cloud form factors. Implementation and Operation: At least 5 years of experience in implementing and operating Apigee platforms. Demonstrated experience in designing and executing Apigee implementations. Deep understanding of Apigee components like nginx Routers, and Kubernetes. Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT s, Password rotations and Certificate renewals Qualifications: Bachelor's degree in a related area Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies APIGEE, NGINX Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Apigee Platform Expertise: Deep and thorough knowledge of Apigee platforms (Edge Cloud, OPDK, Hybrid, X). Proficiency in Apigee Proxy development, CI/CD integration, and networking requirements. Extensive knowledge of Apigee architecture, including both on-premise and cloud form factors. At least 5 years of experience in implementing and operating Apigee platforms. Demonstrated experience in designing and executing Apigee implementations. Deep understanding of Apigee components like nginx Routers, and Kubernetes. J2EE application services in containers and Legacy systems Systems administration and change management practices Message-oriented Middleware (tools such as Kafka, MQ) Scripting and coding CI/CD tools - Strong on Ansible, Terraform and Cloud Formation Cloud native applications Technologies used to support microservices (like RKE)
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: Chicago, IL Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
22/04/2025
Full time
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: Chicago, IL Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: DALLAS Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
22/04/2025
Full time
Lead Associate Principal, Software Engineering Middleware SALARY: $150k - 170k plus 15% bonus LOCATION: DALLAS Open to h1b transfer, 3 days onsite and 2 days remote Looking for a candidate that is strong in Middleware integration Proxy/reverse Proxy. Oriented Middleware working with apigee, nginx, Apache in containers a must. system administration j2ee application services in containers message Kafka MQ cicd strong ansible terraform cloud formation sftp pki infrastructure multi platform unix linux windows aws Provide subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments. Responsibilities: Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Advise on industry best practices as it relates to new product selection. Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals Qualifications: Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Education and/or Experience: Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Lead, Middleware Software Engineering. This lead will be the subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments (Apigee, Nginx, Apache in containers is a must). Responsibilities: Apigee Platform Expertise: Deep and thorough knowledge of Apigee platforms (Edge Cloud, OPDK, Hybrid, X). Proficiency in Apigee Proxy development, CI/CD integration, and networking requirements. Extensive knowledge of Apigee architecture, including both on-premise and cloud form factors. Implementation and Operation: At least 5 years of experience in implementing and operating Apigee platforms. Demonstrated experience in designing and executing Apigee implementations. Deep understanding of Apigee components like nginx Routers, and Kubernetes. Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT s, Password rotations and Certificate renewals Qualifications: Bachelor's degree in a related area Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies APIGEE, NGINX Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications
22/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Lead, Middleware Software Engineering. This lead will be the subject matter expertise for implementation and ongoing support of Middleware integration technologies in production, non-production Legacy and container-based environments (Apigee, Nginx, Apache in containers is a must). Responsibilities: Apigee Platform Expertise: Deep and thorough knowledge of Apigee platforms (Edge Cloud, OPDK, Hybrid, X). Proficiency in Apigee Proxy development, CI/CD integration, and networking requirements. Extensive knowledge of Apigee architecture, including both on-premise and cloud form factors. Implementation and Operation: At least 5 years of experience in implementing and operating Apigee platforms. Demonstrated experience in designing and executing Apigee implementations. Deep understanding of Apigee components like nginx Routers, and Kubernetes. Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT s, Password rotations and Certificate renewals Qualifications: Bachelor's degree in a related area Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies APIGEE, NGINX Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools ( Strong on Ansible, Terraform and Cloud Formation) Cloud native applications
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Lead Penetration & Vulnerability Tester. This Lead will focus on network, web applications, cloud, mobile applications, and devices penetration testing. The lead will do White Box penetration testing and working with as many of the testing tools as possible (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket) Responsibilities: Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of company's infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Ensure alignment of security controls in company's testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years' experience of Penetration testing 6+ Years' experience in Information Assurance or Information Security environment. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
22/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Lead Penetration & Vulnerability Tester. This Lead will focus on network, web applications, cloud, mobile applications, and devices penetration testing. The lead will do White Box penetration testing and working with as many of the testing tools as possible (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket) Responsibilities: Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of company's infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Ensure alignment of security controls in company's testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years' experience of Penetration testing 6+ Years' experience in Information Assurance or Information Security environment. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
*We are unable to sponsor as this is a permanent Full time role* *Hybrid, 3 days onsite, 2 days remote* A prestigious company is looking for a Azure Cloud Hosting Services Engineer. This engineer will focus extensively on PAAS and IAAS Azure platforms, IaC, ARM/Bicep templates, Azure Kubernetes Service, Azure Container APPS, Azure DevOps, Azure Vmware, etc. Responsibilities: Design, implement, and manage scalable, secure, and reliable cloud infrastructure on Microsoft Azure. Develop and maintain Infrastructure as Code (IaC) using ARM and Bicep templates. Develop skill set across three domains (Infrastructure, Containers, and Networking) to better support the client. Ensure adherence to Azure security best practices and compliance requirements. Collaborate with DevOps teams to support CI/CD pipelines and automation processes. Monitor and optimize cloud resources for performance, cost, and scalability. Troubleshoot and resolve issues related to cloud infrastructure and services. Implement and manage Azure PaaS and IaaS solution, including on-premises server, storage, and database systems, among others. Independently and collaboratively lead client engagement workstreams focused on project, improvement, optimization, and transformation of processes. Communicate effectively and appropriately with both technical and non-technical audiences. Participate in weekly rotating 24/7 on-call support schedule with other team members. Qualifications: Bachelor's degree in Computer Science, Engineering, or related field. 8+ years professional experience with multiple cloud platforms and technologies, including PaaS and IaaS (with multiple of those years being Azure-specific). Extensive experience with ARM/Bicep templates and Azure security best practices. Familiarity with managed Kubernetes services like Azure Kubernetes Service (AKS) and Azure Container Apps. Skilled in creating and managing Azure hub and spoke networks, using Network Virtual Appliances (NVAs), Route Tables (UDRs), applying Network Security Groups (NSGs), and ExpressRoute circuits. Proven experience with the Microsoft Cloud Adoption Framework and Azure Well-Architected Framework. Managing Infrastructure as Code (IaC) templates through Azure DevOps (or similar toolset), including use of Git, work items, branching, pull requests, and pipelines. Experience with monitoring, optimizing cloud resources, and creating custom Azure Policies.
22/04/2025
Full time
*We are unable to sponsor as this is a permanent Full time role* *Hybrid, 3 days onsite, 2 days remote* A prestigious company is looking for a Azure Cloud Hosting Services Engineer. This engineer will focus extensively on PAAS and IAAS Azure platforms, IaC, ARM/Bicep templates, Azure Kubernetes Service, Azure Container APPS, Azure DevOps, Azure Vmware, etc. Responsibilities: Design, implement, and manage scalable, secure, and reliable cloud infrastructure on Microsoft Azure. Develop and maintain Infrastructure as Code (IaC) using ARM and Bicep templates. Develop skill set across three domains (Infrastructure, Containers, and Networking) to better support the client. Ensure adherence to Azure security best practices and compliance requirements. Collaborate with DevOps teams to support CI/CD pipelines and automation processes. Monitor and optimize cloud resources for performance, cost, and scalability. Troubleshoot and resolve issues related to cloud infrastructure and services. Implement and manage Azure PaaS and IaaS solution, including on-premises server, storage, and database systems, among others. Independently and collaboratively lead client engagement workstreams focused on project, improvement, optimization, and transformation of processes. Communicate effectively and appropriately with both technical and non-technical audiences. Participate in weekly rotating 24/7 on-call support schedule with other team members. Qualifications: Bachelor's degree in Computer Science, Engineering, or related field. 8+ years professional experience with multiple cloud platforms and technologies, including PaaS and IaaS (with multiple of those years being Azure-specific). Extensive experience with ARM/Bicep templates and Azure security best practices. Familiarity with managed Kubernetes services like Azure Kubernetes Service (AKS) and Azure Container Apps. Skilled in creating and managing Azure hub and spoke networks, using Network Virtual Appliances (NVAs), Route Tables (UDRs), applying Network Security Groups (NSGs), and ExpressRoute circuits. Proven experience with the Microsoft Cloud Adoption Framework and Azure Well-Architected Framework. Managing Infrastructure as Code (IaC) templates through Azure DevOps (or similar toolset), including use of Git, work items, branching, pull requests, and pipelines. Experience with monitoring, optimizing cloud resources, and creating custom Azure Policies.
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Lead Penetration & Vulnerability Tester. This Lead will focus on network, web applications, cloud, mobile applications, and devices penetration testing. The lead will do White Box penetration testing and working with as many of the testing tools as possible (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket) Responsibilities: Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of company's infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Ensure alignment of security controls in company's testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years' experience of Penetration testing 6+ Years' experience in Information Assurance or Information Security environment. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
22/04/2025
Full time
*Hybrid, 3 days onsite, 2 days remote* *We are unable to sponsor as this is a permanent Full time role* A prestigious company is looking for a Lead Penetration & Vulnerability Tester. This Lead will focus on network, web applications, cloud, mobile applications, and devices penetration testing. The lead will do White Box penetration testing and working with as many of the testing tools as possible (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket) Responsibilities: Conduct various Security Penetration Testing Team activities such as: Intelligence Gathering, Network/Operating System/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Testing, Cloud Security Testing, etc. Conduct ad-hoc white-box penetration testing work of company's infrastructure that is still currently in Development, or in need of pre-Production penetration testing Coordinate with IT owners to re-test and validate remediated Security Penetration Testing Team findings Execute Open Source Intelligence Collection and Analysis Techniques (OSINT); leverage available resources and develop custom tools. Understand vulnerabilities and develop relevant exploits for use during Security Penetration Testing Team activities. Ensure alignment of security controls in company's testing program and supporting services and related policies and procedures with applicable regulations and industry standard best practices. Assist management with the improvement of policies and procedures to support Security Testing activities as well as other security duties which may arise. Participate in developing a security roadmap, adopt security best practices, and implement new ideas and innovations according to the industry trends. Qualifications: BS in Computer Science, Information Management, Information Security or other comparable technical degree from an accredited college/university is desired but not required 3+ Years' experience of Penetration testing 6+ Years' experience in Information Assurance or Information Security environment. Excellent focused domain areas of expertise as well as a good breadth of experience across Network/Application Penetration Testing, Web Application Penetration Testing, Mobile Application Penetration Testing, Infrastructure Development, Open Source Intelligence, and more. Proven due diligence and research ability via open-source avenues and technology. Strong familiarity with enterprise technologies; strong technical background and understanding of security-related technologies; prefer operational experience as an administrator, engineer, or developer and direct experience testing in commercial cloud environments (AWS, Azure, IaaS/PaaS/SaaS). Exhibit ability to understand and modify code in a diverse range of programming languages and frameworks; must have direct practical experience with one or more high level programming language. Strong proficiency in Network, Web Application, Cloud, and Mobile Device security testing Demonstrated exploit and vulnerability experience Strong experience with custom Scripting (Python, Powershell, Bash, etc.) and process automation. Strong experience with database security testing (MSSQL, DB2, MySQL, etc.). Strong proficiency with common penetration testing tools (Kali, Metasploit, Nmap, Qualys, Nessus, Nexpose, Burp Suite, Wireshark, Recon-NG, Ettercap/Bettercap, Hashcat, Bloodhound, Sublist3r, Rubeus, Mimikatz, CrackMapExec, Exploitdb, Impacket, etc.). Track record of vulnerability research and CVE assignments Experience with Mainframes, Windows, Unix, MacOS, Cisco, platforms and controls.
Lead Middleware Engineer Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote Qualifications Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Responsibilities Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals
22/04/2025
Full time
Lead Middleware Engineer Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote Qualifications Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Responsibilities Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals
Lead Middleware Engineer Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote Qualifications Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Responsibilities Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals
22/04/2025
Full time
Lead Middleware Engineer Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote Qualifications Bachelor's degree in a related area 7-10 years of related experience with Minimum 7 years experience working in a distributed multi-platform environment. Minimum 3 supporting Middleware technologies Expert understanding of: Proxy/Reverse Proxy-oriented Middleware (tools such as Apigee, Nginx, Apache in containers is a must) Systems administration and change management practices J2EE application services in containers and Legacy systems Message-oriented Middleware (tools such as Kafka, MQ) Internet/Web based technologies ITLT Best Practices Scripting and coding Network technologies CI/CD tools (Strong on Ansible, Terraform and Cloud Formation) Cloud native applications Technologies used to support microservices (like RKE) File transfer protocols including SFTP Encryption technologies (SSL/TLS, PKI Infrastructure management) Security controls as applied to software technologies. Responsibilities Install, configure and maintain 3rd party software components classified as Middleware on multiple operating system platforms. Use subject matter expertise with products to advise on design and assist with development of applications using these tools. Configure production, development and testing environments and ensure the availability of these application services Write complex automation scripts using common automation tools, such as Jenkins and Ansible Provide performance tuning of components and services Design disaster recovery solutions for Middleware technologies to comply with business continuity objectives Resolve configuration related problems Resolve complex support issues in both production and non-production environments. Assist production support and development staff in debugging Middleware application defects. Create procedural and troubleshooting documentation related to Middleware products Participate in or lead moderately or high complex projects. Properly secure Middleware technologies Manage day to day activities of the Middleware staff when called upon to do so. Management of Vulnerabilities, SORT's, Password rotations and Certificate renewals
Lead Software Engineer - Kafka Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 10+ years of experience in infrastructure Middleware administration and engineering In-depth expertise in Kafka administration, including cluster management, performance tuning, and security. Strong proficiency in IaC tools, specifically Ansible, Terraform and bash Scripting. Extensive experience with cloud automation and provisioning on AWS and Azure. Proficiency in CI/CD tools, including GitHub, Artifactory, Harness and Jenkins. Strong Scripting skills in languages like Python and Bash. Responsibilities Design, implement and manage highly available and scalable Kafka clusters. Monitor Kafka performance, troubleshoot issues and optimize configurations. Develop and maintain IaC using Ansible and Terraform for infrastructure provisioning and configuration Management. Create and maintain reusable IaC modules. Design and implement cloud-based infrastructure solutions on AWS and Azure. Automate cloud resource provisioning, scaling and management using cloud-native tools and services. Deploy and Manage containerized applications using Kubernetes and Rancher Troubleshoot container-related issues and optimize container performance. Design, implement and maintain CI/CD pipelines using tools like GitHub, Artifactory, Harness and Jenkins.
22/04/2025
Full time
Lead Software Engineer - Kafka Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 10+ years of experience in infrastructure Middleware administration and engineering In-depth expertise in Kafka administration, including cluster management, performance tuning, and security. Strong proficiency in IaC tools, specifically Ansible, Terraform and bash Scripting. Extensive experience with cloud automation and provisioning on AWS and Azure. Proficiency in CI/CD tools, including GitHub, Artifactory, Harness and Jenkins. Strong Scripting skills in languages like Python and Bash. Responsibilities Design, implement and manage highly available and scalable Kafka clusters. Monitor Kafka performance, troubleshoot issues and optimize configurations. Develop and maintain IaC using Ansible and Terraform for infrastructure provisioning and configuration Management. Create and maintain reusable IaC modules. Design and implement cloud-based infrastructure solutions on AWS and Azure. Automate cloud resource provisioning, scaling and management using cloud-native tools and services. Deploy and Manage containerized applications using Kubernetes and Rancher Troubleshoot container-related issues and optimize container performance. Design, implement and maintain CI/CD pipelines using tools like GitHub, Artifactory, Harness and Jenkins.
Lead Software Engineer - Kafka Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 10+ years of experience in infrastructure Middleware administration and engineering In-depth expertise in Kafka administration, including cluster management, performance tuning, and security. Strong proficiency in IaC tools, specifically Ansible, Terraform and bash Scripting. Extensive experience with cloud automation and provisioning on AWS and Azure. Proficiency in CI/CD tools, including GitHub, Artifactory, Harness and Jenkins. Strong Scripting skills in languages like Python and Bash. Responsibilities Design, implement and manage highly available and scalable Kafka clusters. Monitor Kafka performance, troubleshoot issues and optimize configurations. Develop and maintain IaC using Ansible and Terraform for infrastructure provisioning and configuration Management. Create and maintain reusable IaC modules. Design and implement cloud-based infrastructure solutions on AWS and Azure. Automate cloud resource provisioning, scaling and management using cloud-native tools and services. Deploy and Manage containerized applications using Kubernetes and Rancher Troubleshoot container-related issues and optimize container performance. Design, implement and maintain CI/CD pipelines using tools like GitHub, Artifactory, Harness and Jenkins.
22/04/2025
Full time
Lead Software Engineer - Kafka Salary: Open + Bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 10+ years of experience in infrastructure Middleware administration and engineering In-depth expertise in Kafka administration, including cluster management, performance tuning, and security. Strong proficiency in IaC tools, specifically Ansible, Terraform and bash Scripting. Extensive experience with cloud automation and provisioning on AWS and Azure. Proficiency in CI/CD tools, including GitHub, Artifactory, Harness and Jenkins. Strong Scripting skills in languages like Python and Bash. Responsibilities Design, implement and manage highly available and scalable Kafka clusters. Monitor Kafka performance, troubleshoot issues and optimize configurations. Develop and maintain IaC using Ansible and Terraform for infrastructure provisioning and configuration Management. Create and maintain reusable IaC modules. Design and implement cloud-based infrastructure solutions on AWS and Azure. Automate cloud resource provisioning, scaling and management using cloud-native tools and services. Deploy and Manage containerized applications using Kubernetes and Rancher Troubleshoot container-related issues and optimize container performance. Design, implement and maintain CI/CD pipelines using tools like GitHub, Artifactory, Harness and Jenkins.
Network Engineering Manager Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's Degree Advanced knowledge of routing protocols, switching, Firewalls (BGP, MPLS, ISIS) 4+ years' experience hands on support and troubleshooting of networks 2+ years' experience with design and implementation of moderate/complex networks 2+ years' experience successfully managing/leading technical teams. Experience delivering Infrastructure as code, using and integrating DEVOPS tooling (Ansible, Terraform, Jenkins, Python or Github). Experience building cloud infrastructure in AWS Responsibilities Oversee management of team members from HR, mentoring and career development. Design, implement, oversee and support services for customers and partners. Ensure compliance with Network, IT, Security and Governance standards (NIST-CSF, COBIT) Enhance network performance and availability. Document, research, publish, maintain company policies and procedures. Collaborate with project teams to improve network deployments and operations. Work with management and partners to refine processes and reduce inefficiencies.
22/04/2025
Full time
Network Engineering Manager Salary: Open + Bonus Location: Chicago, IL Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's Degree Advanced knowledge of routing protocols, switching, Firewalls (BGP, MPLS, ISIS) 4+ years' experience hands on support and troubleshooting of networks 2+ years' experience with design and implementation of moderate/complex networks 2+ years' experience successfully managing/leading technical teams. Experience delivering Infrastructure as code, using and integrating DEVOPS tooling (Ansible, Terraform, Jenkins, Python or Github). Experience building cloud infrastructure in AWS Responsibilities Oversee management of team members from HR, mentoring and career development. Design, implement, oversee and support services for customers and partners. Ensure compliance with Network, IT, Security and Governance standards (NIST-CSF, COBIT) Enhance network performance and availability. Document, research, publish, maintain company policies and procedures. Collaborate with project teams to improve network deployments and operations. Work with management and partners to refine processes and reduce inefficiencies.
Senior IAM Engineer - ForgeRock Salary: $150k-$160k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 7+ Years Identity Access Management (IAM) experience Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security.
22/04/2025
Full time
Senior IAM Engineer - ForgeRock Salary: $150k-$160k + bonus Location: Chicago, IL or Dallas, TX Hybrid: 3 days onsite, 2 days remote *We are unable to provide sponsorship for this role* Qualifications Bachelor's degree 7+ Years Identity Access Management (IAM) experience Microsoft Active Directory and LDAP Experience working in and developing solutions for a highly regulated environment or organization that leverages a security framework (such as NIST, COBIT, etc). Experience supporting the ForgeRock Identity Platform including Identity Gateway, Access Manager, and Directory Server. Experience with Multi-Factor authentication protocols and systems (Entrust, Duo, or similar). Experience with Single-Sign on protocols (OIDC, OAuth2.0, SAML, SWA, etc) and systems (Okta, Ping, Siteminder, or similar). Development experience: Java, Javascript, Groovy Development experience: Python and Shell Scripting Solid understanding of Encryption and Network protocols (SSL, IPV4, HTTP) Responsibilities Administration and configuration of our IAM products and processes with an emphasis on ForgeRock Identity products. Developing custom integration, workflows and rules between tools using Agile methodologies. Planning, implementation, enforcement and review of security policies, procedures, and controls specific to Identity Access Management. Processing access requests and issue tickets for internal and external customers Leading troubleshooting and resolution of system issues that might contribute to enterprise Production problems. Managing project work through all phases (design, build, test, cutover). Report on controls, evidence gathering and control execution. Work collaboratively across IT and Business departments to implement technical solutions Under limited direction from management, monitor, evaluate and maintain systems and procedures to enforce best practices for user access authorization and control. Research, recommend, and implement changes to procedures and systems to enhance systems security.
