CISSP

Data Security Analyst State of Colorado denver RMF NIST JOB

February 1, 2020 by Leave a Comment

check out the course:
http://convocourses.com

Check out the job:
Job Details:
Job title: Data Security Analyst (0000076025)
Location: Denver, #Colorado(80203)
Estimated Duration: 01/13/2020 – 09/30/2020

Job Description:
Reports to the Director of Security Risk and Compliance or Delegate to perform activities for the oversight of the risk and compliance program.
Perform activities to reduce vulnerabilities for the overall enterprise risk management program.
Performs duties to facilitate confidentiality, integrity, and availability of systems to protect data from unauthorized users.
May require a bachelor’s degree in area of specialty and at least 5 years or more of risk management, experience working in a complex environment, and assessment of internal controls.
Has knowledge of commonly-used concepts, practices, and procedures in accordance with the #NIST #RMF (risk management framework).
The specialized individual must have previous experience with implementing an enterprise risk management (ERM) framework and applicable certifications such as CISSP, CISA, or CISM.
In addition, experience working with a Governance Risk and Compliance tool is highly desired, but not a must-have.
This individual should be a self-starter, able to provide consultative advice and able to work autonomously.

WEBINAR: GSA, DHS, NIST on personal mobile security, THU 11/10 (CPEs)

November 8, 2016 by Bruce Brown Leave a Comment

Securing and managing agency mobile apps.
WEBINAR, THU 11/10, Complimentary, CPEs

This important video webinar will explore how mobile apps
rapidly expand in agency networks and how agency experts
limit security risks while they manage mobile Web devices
to drive agency productivity and mission achievement.

REGISTRATION AND INFO
https://goto.webcasts.com/starthere.jsp?ei=1123951&sti=emc

ALTERNATE REGISTRATION LINK: www.FedInsider.com

WEBINAR TOPIC
The Framework for Mobile Security in Government

DATE: THU 11/10
TIME: 2:00 PM ET / 11:00 AM PT
DURATION: 1 hour
CPE: 1 CPE from the George Washington University,
Center for Excellence in Public Leadership
COST: Complimentary

SPEAKERS
– JON JOHNSON, Enterprise Mobility Team Manager, GSA

– VINCENT SRITAPAN, Program Manager, Cyber Security
Division, DHS Science and Technology (S&T) Directorate

– JOSHUA FRANKLIN, Information Security Engineer, NIST

– JOHNNY OVERCAST, Director of Government Sales, Samsung
Electronics America

– TOM TEMIN, Host and Managing Editor, The Federal Drive,
Federal News Radio 1500 AM

PRESENTED BY: WTOP, Federal News Radio, FedInsider News,
and The George Washington University Center for
Excellence in Public Leadership

*** OTHER GOVT-INDUSTRY CPE CREDIT EVENTS IN THE SERIES ***
Visit www.fedinsider.com

CART services provided for captioning for all webinars.

Looking forward to meeting you online!

Peg Hosky, President

Email: peg@hosky.com
Phone: 202-237-0300
www.FedInsider.com
LinkedIn: www.linkedin.com/in/peghosky
Twitter: @peghosky

FedInsider News
3811 Massachusetts Avenue NW
Washington DC 20016
F10-171912

Full time position as: Vendor Risk Manager

March 30, 2016 by Bruce Brown Leave a Comment

Position: Vendor Risk Manage.

Location: Montvale, NJ

Employment Type : Full Time.

Technical/Functional Skills – MUST HAVE SKILLS:-

FISAP vendor risk assessment program execution.
ISO 27002 Domain audit/assessments.
Critical Vendor Risk Assessments .
Vendor Risk Management Program Leadership.
CISA, CISSP, or other Risk certification preferred.

Technical/Functional Skills -Good To HAVE SKILLS:-

Project management; people management;

client relationship management; excellent oral and written English communications

skilled with MS-PowerPoint; MS-Word; MS-Excel.

Driven to achieve high delivery quality and effectiveness.

Roles & Responsibilities:-

· Annual vendor risk assessment compliance program leadership.
· Vendor Risk Assessment Planning & Scheduling.
· Vendor reconnaissance and updates with owners.
· Questionnaire updates and initiation .
· Manage offshore resource(s), and their activities, results.
· Assessment Quality Assurance.
· Establish and track/validate program metrics.
· Vendor interactions and Issues management.
· High Risk Vendor Assessments & Interactions .
· Process Improvement .
· VRM Best Practices Alignment.

· Weekly, Quarterly, Ad-Hoc Reporting.

Thanks And Regards,

Ajit Rai

Ventures Unlimited Inc.
309 Fellowship Road, East Gate Center, Suite 200
Mount Laurel , New Jersey 08054.
Desk: 856-842-1988 Ext 230

Information Systems Security Officer in Herndon, VA

March 21, 2016 by Bruce Brown Leave a Comment

Information Systems Security Officer

US Citizenship Required – Public Trust or Secret Clearance Tier III

Location: Herndon, VA

Duration: 1 year

Summary• Advises key technical personnel of system regarding design, engineering and compliance requirements
• Advises key stakeholders of security posture and risks associated with the system
• Reviews configurations changes for the system and the impact of changes
• Creates, manages and facilitates NIST based security documentation and controls
• Identifies, manages and facilitates remediation of security weaknesses

Job Responsibilities/ Duties:
• Develop, consult, implement controls and documentation for the security of the system. This includes: outlining system operating environment, overall mission, physical diagrams, hardware and software inventories, configuration management, type of data processed, user organizations, security classifications, operating modes, interconnections to other systems/networks, security personnel, and other associated responsibilities.
• Oversee, develop, improve and maintain the overall security posture of the system; that includes: Information System Security Plans, Risk Ratings, Contingency Plans, Security Assessments, and Contingency Plan Tests and other associated documentation.
• Participate in the development or revision of security controls of the system and local operating procedures that are based upon regulatory, policy and industry requirements.
• Act as a consultant to system owners for the security of the system and system documentation. For example, security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans
• Provide expertise in classified and unclassified ratings to customers.
• Work closely with technical teams for successful Certification & Accreditation of the system that leads to ATO
• Attend ISSO training courses and sessions as required
• Perform interpretations of monthly vulnerability scan results of assigned systems

Required Training:
Senior Level IT Security Certifications (CCDP, CCNP Security, CISSP, CISM, etc.)
Education/Equivalent Training Required: Bachelor’s Degree or equivalent experience will be evaluated
Unique/Additional /Experience (Position Specifics):
Expert knowledge of FISMA and NIST Special Publications
Experience implementing, assessing and managing security controls for federal IT systems
Expert knowledge of IT security best practices
Expert knowledge of current IT security threats
Broad knowledge of IT technologies and operations
Ability to develop good working relationships with customers, colleagues and other stakeholders.
Excellent verbal and written communication skills
Ability to handle and prioritize multiple simultaneous systems, projects and other assignments.
Experience leading information security teams
Knowledge of HIPAA, FedRAMP, PCI, ISO and other standards
Location(s): District of Columbia (Metro Area),
Department: IT Security
Keywords: Certification and Accreditation, C&A, A&A, SA&A, FISMA, compliance, information assurance, ISSO, AISO, ISO, IASO and ISSM
Comments: US Citizen, US Government Suitability Determination and DoE Q Security Clearance is a Plus

Thanks & Regards,

Kartik Jain

Technical Recruiter

Direct : 908-765-0002 Ext: 388

Immediate hire for SECURITY ANALYST in Columbia, SC, 29210

March 3, 2016 by Bruce Brown Leave a Comment

Position Title	SECURITY ANALYST (INFORMATION SECURITY COMPLIANCE)
Position Id	6521-1
Agency	Department of Administration
Duration	4 Months
Work Location	Admin – 4430 Broad River Rd., Columbia, SC, 29210

SCOPE OF THE PROJECT:
THE DIVISION OF INFORMATION SECURITY IS TASKED WITH ENSURING COMPLIANCE WITH STATE GUIDELINES. THIS POSITION WILL BE PERFORMING THOSE SERVICES INCLUDING:
• SUPPORTING AGENCIES DURING THEIR DEVELOPMENT OF THE INFORMATION SECURITY PROGRAM WITH DIRECT TACTICAL IMPLEMENTATION ASSISTANCE.
• DEVELOPING AND TRACKING AGENCY INFORMATION SECURITY IMPLEMENTATION PLANS
• INTERVIEWING ADMINISTRATORS, MANAGERS, AND THIRD PARTIES TO AID IN DEVELOPMENT OF PROGRAM ARTIFACTS
• ENSURING HIGH-LEVEL ASSESSMENTS OF AGENCIES INFOSEC WORK TO ENSURE PROGRESS IS MADE
• PROVIDING HIGH-LEVEL ANALYSIS OF PROCESS AND PROCEDURES WORK TO ENSURE COMPLIANCE WITH STATE STANDARDSDAILY DUTIES / RESPONSIBILITIES:
THIS IMPLEMENTATION ASSISTANCE WOULD INCLUDE, BUT IS NOT LIMITED TO:
• INTERVIEWING BUSINESS AND TECHNICAL OWNERS TO DETERMINE POLICIES AND PROCEDURES USED FOR EACH AGENCY PROCESS
• DEVELOPING AND TRACKING INFOSEC IMPLEMENTATION PLAN PROGRESS
• DOCUMENTING INFORMATION GATHERED DURING BOTH INTERVIEWS AND DOCUMENT REVIEWS TO ASSIST WITH DEVELOPING FORMAL PROCESS AND PROCEDURES
• ASSESSING AGENCY DOCUMENTATION TO ENSURE ADEQUATE APPROACHES ARE USED TO COMPLY WITH CONTROLS
• FACILITATING AGENCY STATUS REPORTING
• COLLABORATING WITH AGENCIES TO PROVIDE RECOMMENDATIONS FOR COMPLIANCEREQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• HAVE COMPLETED AN INFORMATION SECURITY PLAN OR SYSTEM SECURITY PLAN WORKBOOK
• PRIOR EXPERIENCE WORKING WITH FISMA STANDARDS
• MUST HAVE A STRONG WORKING KNOWLEDGE OF NIST 800-53
• PRIOR EXPERIENCE POA&M OR CAP
• STRONG COMMUNICATION EXPERIENCE

PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
• SIMULTANEOUSLY MANAGE MULTIPLE INFOSEC WORK EFFORTS
• STRONG SCHEDULE MANAGEMENT AND RESOURCE PLANNING SKILLS
• ABILITY TO WORK AT A HIGH-VOLUME AND FAST PACE
• STRONG COLLABORATOR AND STRONG ABILITY TO MEET DEADLINES
• MANAGE REGULATORY COMPLIANCE PROJECTS
• ABILITY TO IDENTIFY, MAP, AND RE-EINGINEER BUSINESS PROCESSES

REQUIRED EDUCATION/CERTIFICATIONS:
10+ YEARS OF EXPERIENCE IN INFORMATION SECURITY AND COMPLIANCE EXPERIENCE

REQUIRED CERTIFICATIONS: CISA OR CISSP OR CISM OR GSLC OR EQUIVALENT.

Thanks & Regards

Adam Smith

Associate Recruiter

Phone:908-765-0002 Extn:-277

Fax: 609-228-4044

adams@tscti.com

www.tscti.com

Senior Network Security Engineer

February 23, 2016 by Bruce Brown Leave a Comment

If you are a Senior or Lead level Network Security Engineer with a comprehensive understanding of network architecture, please read on!

Located in the heart of the Silicon Valley, we are a rapidly growing software organization that has created a robust product suite focused on cyber security and vulnerability management. Due to recent growth and on-boarding of new clients, we have an immediate need to hire a full-time Senior Network Security Engineer to join our Professional Services team that covers North America. Our ideal candidate is someone that is located in the San Francisco Bay Area, but we are also very open to someone working remotely anywhere in the United States. Our Professional Services Team is responsible for product deployments with customers, training customers on our product suite, providing value-added services and consultative advice, and designing solutions for our clients. As a Senior member on our team, you will be looked on to lead projects and implementations while mentoring some of the more mid-level PS Engineers on the team.

Top Reasons to Work with Us

1. Opportunity to work remotely with minimal travel requirements!
2. Excellent Compensation Plan – Salary + Bonus + Full Benefits + Equity
3. Ability to work with a cutting edge Cyber Security product suite!

What You Will Be Doing

In this role, you will provide a wide range of Profession Services solutions to our clients from coast-to-coast. This role will require a strong understanding of network architecture and design because a lot of the day-to-day will encompass solving the customers problems by building network models that emulate the customers network. Once you have modeled the customers network, you will be checking for vulnerabilities and customizing our product suite to make sure it is fully optimized for the client’s environment. You will be interacting with clients over the phone, via Web Ex, Skype, and other virual tools. There could be a little bit of travel involved with the role, but it would be minimal (up to 10%). You will be leading clients through the onboarding process and providing value added services to help automate processed and help with integration / implementation activities. You will need to be able to create scripts on your own (Python / Perl) to create automated processes and customize our products to fit client specifications. As a Senior member of the team, you will need to be comfortable leading client meetings and managing projects from planning to completion.

What You Need for this Position

7+ years of experience in a professional Network Security engineering capacity
3+ years of experience in a Professional Services / Client-facing role
Comprehensive understanding of network architecture with a focus on Layer 3 networking
Strong background and hands-on experience with firewalls (CISCO, Juniper, Check Point)
Experience with vulnerability scanners and vulnerability management tools
Ability to create network models based on a client’s existing network
Scripting skills in Python or Perl
Experience leading customer projects, providing consultative advice to clients, and lead client training sessions
Intermediate – Advanced Linux experience (administration, configuration, etc..) – our products are all Linux based (CentOS)
Bonus Points for Penetration Testing experience or experience with MySQL queries
Professional Certifications highly desired (CISSP, CCNP, CCIE, etc..)

What’s In It for You

Competitive Salary ($120,000 – $150,000 DOE)
Excellent Bonus Potential (20%)
Comprehensive Benefits Package
401k
Paid Time Off
Flexible Work Hours & Opportunity to Telecommute

So, if you are a Senior Network Security Engineer looking for new challenges and a great growth opportunity, please apply today!

Applicants must be authorized to work in the U.S.