• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs

Center for Internet Security (CIS)

Remote Position: Security Engineer/ Architect: Greenwood Village, CO

April 5, 2016 by Bruce Brown Leave a Comment

Job Title: Security Engineer/ Architect (50% Remote)
Location: Greenwood Village, CO
Duration: 12+ Months Contract (Very High possibility of Extension/ Conversion)

Job Description:
KP’s Cyber Security team is looking to expand, mature, and execute the Enterprise Technology Security Hardening Service.  The goal of the Security Hardening Service is to develop security-hardening standards for platforms, applications, networks and protocols.  These hardening standards serve as the gold image requiring compliance for all implementation of a particular technology or a protocol.  The hardening standards take into account the entire lifecycle of a technology or a protocol, and include hardening requirements and/or security recommendations for each phase in the lifecycle from a people, process and technology perspective. These baselines are produced and maintained for applications, networks, and platforms to ensure consistent implementation of technical security controls across KP’s technology landscape. This position is focused towards providing expert level security guidance for producing and maintaining security certifications for KP’s IT landscape based on identification and analysis of security control gaps, industry security best practices, regulatory guidance, and KP’s IS Policies. The position will also involve building a security strategy for the service to ensure the service is extensible to accommodate the changing IT landscape for near term future (e.g. cloud, mobile, big data etc.).

Top 3-5 Daily Responsibilities:

  • Perform Security Hardening Service Design including process, methodology, and any tools that would be required to ensure hardening standards are developed using a repeatable methodology.
  • Formally document the artifacts for various phases of security architecture engagements, and obtain sign-off from all stakeholders.

Top 3-5 Required Skills:

  • BS in IT-related or engineering degree and 4 years of experience  in IT industry, OR Associates/ equivalent collegiate certificate in an IT-related or engineering degree program and six years of experience in IT industry.
  • At least two years of experience in general endpoint configuration management and/or computer engineering, with one year of specialized experience in the following platform OS’s:   (requirements can be broken up among different people)
  • Windows Professional
  • Windows Server
  • Linux (RedHat & Suse)
  • Unix (Solaris)
  • At least one year specialized experience in interpreting and applying a system of cyber security controls to endpoints, such as NIST 800-53, Defense Information Systems Agency Security Technical Implementation Guides (DISA STIGs), or Center for Internet Security (CIS) Security Benchmarks.
  • Demonstrated understanding of cloud computing and mobile computing concepts and how to apply them.

Desired Skills:

  • At least one year’s specialized experience in configuring security settings and setting Enterprise security policy for the following operating systems:  (requirements can be broken up among different people)
  • RedHat Enterprise Linux 7.1, 6.x and 5.x
  • Suse Linux 11 and 12
  • Solaris 10 and 11
  • IBM AIX 5.x, 6.x and 7.x
  • MacOS 10.x
  • Experience in working in one of the following cloud architecture environments:
  • AWS
  • Azure
  • Experience in working with and managing mobile devices in an Enterprise environment.
  • Advanced GIAC certification and/or CISSP

Soft Skills:

  • Very strong communication skills

If you are qualified, available, interested and planning to make a change, or know of a friend who might have the required qualifications and interest, you can contact me on desk: 415-915-1164 even if we have spoken recently about a different position. If you do respond via e-mail please include the Best time to call and phone number so I can reach you.

Thank you,

Anuj S. Verma
Executive – Resourcing
Pyramid Consulting, Inc.
Email:
anuj.verma@pyramidci.com

Filed Under: cyberspace workforce, DIARMF Jobs, Information Assurance Jobs, risk jobs Tagged With: 800-53, Center for Internet Security (CIS), CO, disa, Greenwood Village, Linux, nist, redhat, STIG, SuSe, unix, Windows Professional, Windows Services

Primary Sidebar

search


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Cybersecurity Jobs Resume Marketing: Book 1 Find Cybersecurity jobs
  • Security Control Assessor (SCA) Methods table top exercise
  • Cybersecurity Pro opinion about Tiktok
  • Las Vegas teleworking
  • STIGS in the RMF Process

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce HBSS IA implement implementation info assurance information assurance information security ISSO it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book

Copyright © 2023 · Author Pro on Genesis Framework · WordPress · Log in