At FDC Associates we focus solely on information security. We offer a variety of IT-GRC management services that cover the entire security life cycle. We are an established company in a growing market. Our security professionals are experienced, well-trained and have a comprehensive understanding of technology security issues. We are seeking mature, talented professionals of high integrity who have at least 10 years experience in technology auditing, network vulnerability reviews and compliance. You are motivated, innovative and willing to join a no-nonsense, high-performance team. Application process: If you believe you meet the qualifications listed below and desire to join our expanding roster of associates, please send your resume with a cover letter outlining your qualifications and salary history to [email protected]. The successful candidate will have at least 5 year's network vulnerability testing experience and 5+ years of technology security auditing and penetration testing experience. This position involves performing risk assessments, audits and penetration testing services for financial institutions, commercial and government clients. The successful candidate will be highly-motivated, self-disciplined and able to work individually and in a team environment. The ideal candidate will have security experience in several of the following areas: Prior experience with vulnerability assessment and penetration methods, required Intimate knowledge of TCP/IP protocols and networking architectures, required Windows and Unix/Linux operating systems and security, required Programming language experience in C/C++, Java, Visual Basic, Perl, Python Knowledge of database, applications, and web server design and implementation Knowledge of open security testing standards and projects, such as OWASP and OSSTMM Experience with wireless LAN security (including 802.11 standards) Experience with firewall, VPN and intrusion detection/prevention systems, required Familiarity with the certification and accreditation (C&A) security evaluations process for government agencies, such as DITSCAP, NIACAP, and FISMA standards is desired. Working knowledge of DOD 5200 required for Government contracts. Desired certifications include: CISSP, CISA, or SANS GIAC as well as an understanding of IT security standards such as ISO/IEC 27001, COBIT, and DOD 5200.