简历投递: 2105852390@qq.com 请标明是 ITILXFgogoat推荐

工作地点: 上海

职位: 咨询   

公司: 某全球四大咨询公司

Advisory- Risk - Cyber Security - Senior

Client responsibilities

·     Participatein Information Security and Data Privacy engagements

·     Workeffectively as a team member, sharingresponsibility, providing support, maintaining communication and updatingsenior team members on progress

·     Helpprepare reports and schedules that will be delivered to clients and otherparties

·     Developand maintain productiveworking relationships with client personnel

·     Buildstrong internal relationships within Ernst & Young Advisory Services andwith other service lines across the organization

People responsibilities

·     Conductperformance reviews andcontribute to performance feedback for staff

·     Contributeto people-related initiatives including team building, identification oftraining needs, career development planning, etc

·       Understand and follow workplace policies andprocedures

Technical skills requirements

·          Enterpriserisk services with a specific focus on IT, and related industry standards

·          CommonIT governance and control industry frameworks, including CObIT, RiskIT, ValIT,IT industry frameworks such as ITIL and CMM

·          ITassurance and compliance

·          Abroad appreciation of business processes, data structures, IT applications andinfrastructure, IT processes, and governance and internal control principles

·          InfrastructureInformation systems security assessment, design, architecture, implementation,management and reporting

n        Strongtechnical or security skills related to a broad range of operating systems,databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewallsand IDS systems

·  Experiencewith programming languages such as Java, C, C++, C#, asp, and .NET

l Familiarity with security and risk standardssuch as ISO 2701-2, PCI DSS, NIST, ITIL, COBIT

l Experience of security testing methods andtechniques including network, operating and application system configurationreview and internal/external penetration testing

l Experience of manual attack and penetrationtesting above and beyond the running of automated tools

l Experience in developing custom scripts orprograms (used for port scanning and vulnerability identification)

·           Applications

n An understanding of web based applicationvulnerabilities and experience in application security review and testing

n An understanding of mobile applicationvulnerabilities and experience in mobile application security review andtesting

n Familiarity with security standards referencesuch as OWASP, SANS, NIST

n Understanding of secure development practiceand framework

Qualifications

u      Bachelor'sDegree in Computer Science, Information Technology or related disciplines.

u      Aminimum of 3 years relevant experience in Information Technology with at least2 years demonstrable experience in penetration testing to systeminfrastructure, web or mobile application systems is a must.

u       Sound knowledge and experience in usingdifferent hacking tools to perform foot printing, enumeration and exploitationof system infrastructure, web and mobile applications.

欢迎招聘咨询顾问、IT精英人才等请加微信：gogoat 或加全国IT求职招聘群：146999050

     不想错过高端求职信息？关注我们的微信吧！微信公众号：ITILXF （）
                                 
         

     圈子决定你的未来，关注IT高端精英圈，人脉+知识+资讯，尽在你掌握！

简历投递: 2105852390@qq.com 请标明是 ITILXFgogoat推荐

工作地点: 上海

职位: 咨询   

公司: 某全球四大咨询公司

Advisory- Risk - Cyber Security - Senior

Client responsibilities

·     Participatein Information Security and Data Privacy engagements

·     Workeffectively as a team member, sharingresponsibility, providing support, maintaining communication and updatingsenior team members on progress

·     Helpprepare reports and schedules that will be delivered to clients and otherparties

·     Developand maintain productiveworking relationships with client personnel

·     Buildstrong internal relationships within Ernst & Young Advisory Services andwith other service lines across the organization

People responsibilities

·     Conductperformance reviews andcontribute to performance feedback for staff

·     Contributeto people-related initiatives including team building, identification oftraining needs, career development planning, etc

·       Understand and follow workplace policies andprocedures

Technical skills requirements

·          Enterpriserisk services with a specific focus on IT, and related industry standards

·          CommonIT governance and control industry frameworks, including CObIT, RiskIT, ValIT,IT industry frameworks such as ITIL and CMM

·          ITassurance and compliance

·          Abroad appreciation of business processes, data structures, IT applications andinfrastructure, IT processes, and governance and internal control principles

·          InfrastructureInformation systems security assessment, design, architecture, implementation,management and reporting

n        Strongtechnical or security skills related to a broad range of operating systems,databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewallsand IDS systems

·  Experiencewith programming languages such as Java, C, C++, C#, asp, and .NET

l Familiarity with security and risk standardssuch as ISO 2701-2, PCI DSS, NIST, ITIL, COBIT

l Experience of security testing methods andtechniques including network, operating and application system configurationreview and internal/external penetration testing

l Experience of manual attack and penetrationtesting above and beyond the running of automated tools

l Experience in developing custom scripts orprograms (used for port scanning and vulnerability identification)

·           Applications

n An understanding of web based applicationvulnerabilities and experience in application security review and testing

n An understanding of mobile applicationvulnerabilities and experience in mobile application security review andtesting

n Familiarity with security standards referencesuch as OWASP, SANS, NIST

n Understanding of secure development practiceand framework

Qualifications

u      Bachelor'sDegree in Computer Science, Information Technology or related disciplines.

u      Aminimum of 3 years relevant experience in Information Technology with at least2 years demonstrable experience in penetration testing to systeminfrastructure, web or mobile application systems is a must.

u       Sound knowledge and experience in usingdifferent hacking tools to perform foot printing, enumeration and exploitationof system infrastructure, web and mobile applications.

欢迎招聘咨询顾问、IT精英人才等请加微信：gogoat 或加全国IT求职招聘群：146999050

     不想错过高端求职信息？关注我们的微信吧！微信公众号：ITILXF （）
                                 
         

     圈子决定你的未来，关注IT高端精英圈，人脉+知识+资讯，尽在你掌握！