Post Tue Oct 21, 2008 2:44 pm

Senior Consultant | Assessment and Compliance Services

HALOCK Security Labs is a professional services organization focused 100% on information security. HALOCK is a hybrid services firm capable of addressing both the strategic and technical security needs of our clients.  We are in partnership with our clients to help them protect critical information assets and meet compliance needs as well as international security standards best practices. HALOCK has four core teams including Assessment & Compliance, Governance & Strategy, Network & System Security, and Secure Application Services.  Our full-time consultants and engineers may be a part of one or more teams depending on their skills and interests.

HALOCK is able to offer comprehensive security training to its clients through its sister company, Campus 9.  HALOCK leverages this training engine for its clients as well as for internal use including Certified Ethical Hacker training.
Senior Consultant | Assessment and Compliance Services:
HALOCK prides itself on its ability to perform in-depth security assessments across a wide range of technical environments. Tired of the plain vanilla “checklist” audit? Looking to demonstrate your assessment skills with a world-class technical support team? HALOCK has a unique, challenging and motivated environment for you to further develop your career.
Due to client demand, we are continuing to expand our Assessment and Compliance Services team.  Each client engagement is assigned a dedicated and capable support group (fellow assessors, security engineers, tech writers, QC, etc.).  You will be expected to drive each assessment project utilizing your skills and abilities to satisfy the desired outcome.

Job Responsibilities:

*  Perform Vulnerability Scanning using a variety of scanning tools such as QualysGuard
*  Conduct Penetration Testing using variety of testing tools such as Acunetix, QualysGuard, CoreImpact, Metasploit, BackTrack, open source packages, and manual testing
*  Perform additional penetration testing activities such as wireless penetration and Social Engineering
*  Conduct source code review for security flaws using tools such as Ounce Labs and manual methods
*  Perform hands-on Review of Operating System, Platform, and Network Device Hardening. Should be able to compare configurations to hardening guides and checklists across a variety of platforms, including Windows, Linux/Unix, Cisco, Checkpoint, and common firewalls, IIS, Apache, common web hosting platforms, SQL, Oracle, common database servers, Wireless devices and access points, Network topology, architecture, and design
*  Assist with Gap Assessments against common standards, including PCI DSS, ISO 27001/27002, CobiT, FFIEC Guidelines
*  Participate in project scoping and sales support as requested by Program Management
*  Support, maintain, and develop HALOCK’s Assessment Framework such as assessment workpapers, methodologies, and approaches
Support the community through approved blogs, publications, and speaking engagements

The ideal candidate will meet the following criteria:
*  Adhere to HALOCK’s code of conduct (
*  Bachelor's degree in Information Security, Information Technology, Computer Science, Engineering or related discipline preferred
*  At least 4 years experience in performing assessments
*  Strong organizational, communication, listening, and technical writing skills
*  Basic to intermediary project management competencies such as following process and protocol for project delivery, ability to identify project risks, project multitasking, and ability to self manage when appropriate
*  Ability to execute assessments as defined in proposals within assigned budgets and due dates
*  Previous consulting experience and ability to deliver under pressure
*  Desired certifications include PCI QSA, C|EH, CISSP and/or CISA, technical certifications such as MCSE/CCNA
*  High motivation, integrity, and commitment to self development

careers (at)
Last edited by RLTDSecurity on Tue Oct 21, 2008 2:46 pm, edited 1 time in total.