Looking for Infosec/AppSec Engineer in Chicago
cyberguypr
Mod Posts: 6,928 Mod
TE minions,
We are having a hard time filling this position. We either get people who want to break into Infosec or folks wanting the consulting lifestyle which is not what we offer. Currently looking for someone to deal with:
- performing vulnerability assessments
- assisting with mitigation of vulnerabilities
- light pen testing
- risk management
- operational intelligence
- incident response + forensics
- security policy creation/maintenance
- evaluate new controls
Role is a hybrid Infosec Engineer primarily focused on AppSec but needs to be able to cover areas of expertise for other team members. Role is in the Loop, business hours, minimal travel, established company, good benefits.
If interested please ping me for details.
We are having a hard time filling this position. We either get people who want to break into Infosec or folks wanting the consulting lifestyle which is not what we offer. Currently looking for someone to deal with:
- performing vulnerability assessments
- assisting with mitigation of vulnerabilities
- light pen testing
- risk management
- operational intelligence
- incident response + forensics
- security policy creation/maintenance
- evaluate new controls
Role is a hybrid Infosec Engineer primarily focused on AppSec but needs to be able to cover areas of expertise for other team members. Role is in the Loop, business hours, minimal travel, established company, good benefits.
If interested please ping me for details.
Comments
-
UnixGuy Mod Posts: 4,570 Modwhat's 'the consulting lifestyle' ?
Solid position, wish I had this kind of experience. -
636-555-3226 Member Posts: 975 ■■■■■□□□□□I feel your pain. Very (very very) hard time filling cloud & security positions in my area. Either n00bs with no experience (but lots of desire to "make the big bucks in the hottest thing in the world") or people looking to get out of consulting & into a steady, full time job but who still want to work from home 5 days a week and make a consultants salary.
-
alias454 Member Posts: 648 ■■■■□□□□□□It always goes back to the question. How do you get experience with no experience? How did you shed your n00bishness?
As far as the InfoSec posting, are you willing to train the right individual? if no, why not? I am not suggesting me, just asking a question. Maybe your job posting isn't clear enough so you keep getting underqualified applicants. It seems to me that those items are things done daily in my current job but I'm not in "InfoSec." I'm working as a Sys Admin and have to concern myself with all tall of it.
Regards“I do not seek answers, but rather to understand the question.” -
TheFORCE Member Posts: 2,297 ■■■■■■■■□□I fill those requirements. But I'm out of state, do you offer remote telecommuniting, or work from home? I've performed all those functions in various roles. I could send you my linked in profile if you are interested in taking a look.
-
cyberguypr Mod Posts: 6,928 ModUnfortunately although some remote is possible, 100% remote is not.
We are not willing to train for the sole reason that we run a balanced team. We recently hired a person fresh out of college and another one with limited experience that are being developed into masters of all things Infosec. We have Jr. and Sr. positions and in this particular case we are hiring for the senior one. Our posting is very clear indicating this is an expert level position with at least 4 years dedicated Infosec experience, technology related degree, CISSP, and hands-on experience on several areas.
It is a fact that some people are desperate for anything Infosec related and are spraying resumes like crazy. Example: for this role we had a developer apply that had no idea what symmetric vs. asymmetric encryption was, couldn't tell a router from a switch, and couldn't differentiate XSS and CSFR. I could go on an on with examples. -
alias454 Member Posts: 648 ■■■■□□□□□□That makes sense. Those requirements seem pretty specific. Do you use recruiters at all? I am asking for somewhat selfish reasons. I want to break into Infosec as a dedicated career and feel I have a lot of the background necessary to perform well. It just seems like the barrier for entry is really high. I like doing Sys Admin work but I always gravitate towards the security aspects of what I do.“I do not seek answers, but rather to understand the question.”
-
YFZblu Member Posts: 1,462 ■■■■■■■■□□I have a love affair with the city of Chicago. Good luck in your search!
-
UnixGuy Mod Posts: 4,570 ModThat's fair, you need experienced people to lead the team, fix escalated issues and mentor those who want to break into security.
I'm still interested to know, what kind of unreasonable requests the consultants have? work from home everyday? -
Robertf969 Member Posts: 190cyberguypr wrote: »
It is a fact that some people are desperate for anything Infosec related and are spraying resumes like crazy. Example: for this role we had a developer apply that had no idea what symmetric vs. asymmetric encryption was, couldn't tell a router from a switch, and couldn't differentiate XSS and CSFR. I could go on an on with examples.
Those people applying is probably why it takes 3-4 weeks to get calls on positions I apply for. -
ratbuddy Member Posts: 665cyberguypr wrote: »Example: for this role we had a developer apply that had no idea what symmetric vs. asymmetric encryption was, couldn't tell a router from a switch, and couldn't differentiate XSS and CSFR.
Wow, sounds like a crappy dev. I've been one for just over a year, and I know all that and then some :-/ -
nelson8403 Member Posts: 220 ■■■□□□□□□□Hows it working in the city? I'm going to be in Chicago next week for SANS, maybe we can talk then, I'm not sure I'm quite ready to move back though.Bachelor of Science, IT Security
Master of Science, Information Security and Assurance
CCIE Security Progress: Written Pass (06/2016), 1st Lab Attempt (11/2016) -
TheFORCE Member Posts: 2,297 ■■■■■■■■□□NetworkNewb wrote: »Funny video on going after jobs without the experience listed
Question: How Do You Get Enough Experience to Apply for Programming Jobs? | Eli the Computer Guy
I have the experience, the worth a try comment was a response to the lack of work from home opportunity or work remote since I'm in a different state