Tag Archives: IDS

secureDenver2016

Attend the (ISC)² SecureDenver Event on June 17

Threat Intelligence – From Haystacks to Needles
Information Security, as a function, sits at a great confluence of raw unfiltered data; perhaps more data about the enterprise than any other function of the organization. From state-based data such as vulnerability scan results, to event-based data such as IDS logs, we are collecting more and more information about the enterprise every passing day.
The next step is to make sense of this treasure trove of data. To find the nuggets of truth and transform them into useful information.
Date: June 17, 2016

Registration: 8:00 a.m.

Time: 9:00 a.m.5:00 p.m.
Venue: Marriott Denver South
10345 Park Meadows
Littleton, Colorado 80124
USA
Registration Fee: $99
For full program, speaker information, and registration,
click here.
IT Admin Technical Lead location Lackland AFB, San Antonio TX

Full Time Position Need IT Admin Technical Lead location Lackland AFB, San Antonio TX

Position:                              IT Admin
Duration:                             Full Time
Location-                             Lackland AFB, San Antonio, TXSecurity Clearance: Active Top Secret clearance or higher
PRIMARY DUTIES:
–  Conduct network security monitoring and intrusion detection analysis for the NIPRNet and SIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas:
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
Thanks & Regards,
Harpal Singh
Technical Recruiter
22nd Century Technologies Inc.(TSCTI)
Need Information Security Admin in Cedar rapids IA

Need Information Security Admin in Cedar rapids IA

Title                                       Sr Information Security Administrator 1(12438)
Location:                             Cedar Rapids, IA
Duration:                            6 Months+
PLEASE NOTE:
-candidates must be US Citizens
-submittal limit is 3 per supplier
-HS Diploma/Equivalent plus at least 5 years related experience REQUIRED
Job Description:
This position will be responsible for configuring, implementing, and fine-tuning McAfee Network IDS and Checkpoint Firewall appliances.
Must be able to independently drive hardware and software configuration, as well as identify, troubleshoot, resolve, and debrief any issues encountered. Must be able to help identify and map network data streams to ensure appropriate network visibility. Must be able to configure and administer Network Gigamons to appropriately capture traffic. Must be able to understand and tune network IDS alerts to reduce false positive alerts to acceptable level, in order for alerts to be actionable. Must be able to document configuration, implementation steps, and work processes relevant to the Network IDS and Checkpoint Firewalls.
Skills:
-Network traffic and routing understanding to ensure appropriate detective control coverage.
-Gigamon hardware and software configuration and management to ensure traffic is appropriately captured and available to network IDS sensors.
-McAfee NIDS hardware and software experience to ensure appropriate configuration to best alert on malicious or unusual traffic patterns.
-Ability to fine-tune McAfee configuration to reduce false-positives and produce accurate, actionable intelligence.
-Ability to configure and manage McAfee EPO to structure and process Network alerts to best increase understanding of security events on the network.
-Checkpoint Firewall hardware and software experience to ensure appropriate configuration before shipping firewalls to remote locations for implementation.
-Ability to manage logistics with the replacing and/or upgrade of Checkpoint Firewalls, including contacting remote data centers, arranging firewall implementation schedule and insuring firewall replacements/upgrades complete within project timeline.
-Experience with Checkpoint Smart Dashboard
-Ability to create technical documentation
Must be a team player willing to engage and work with other team members, including those working remotely. Must be able to professionally frame risk management decisions, and work with leadership to determine best course of actions for securely moving the project forward. Must be able to professionally communicate security concerns and positions to non-security and/or non-technical audience.
Thanks & Regards,
Parmender Singh
Technical Recruiter
Cybersecurity Engineer IDS IPS Specialist

Cybersecurity Engineer IDS/IPS Specialist

Cybersecurity Engineer IDS/IPS Specialist

Harrisburg, PA/REMOTE work

12+ month contract- possible temp to perm



Responsibilities

 Configuration, management, and maintenance of globally located Juniper SRX and Netscreen firewalls.
 Act as an externally facing point of contact to coordinate security response from networking vendors.
 Review new platforms, designs, and services to ensure sound network security practices are considered.
 Assess the impact of current network security advisories and publications.
 Participate in a periodic on-call rotation to support a 24-hour, seven-day operation.





Minimum qualifications


 BS degree in Computer Science, Electrical Engineering, or related field or equivalent practical experience.
 8+ years of experience in the configuration and management of Juniper firewalls.
 Deep level of understanding of both Junos and ScreenOS operating systems.
 JNCIP-SEC Certification
 Proven written/documentation and verbal communication skills.
 Experience with TCP/IP, IPv6, Multicast, VRRP, HSRP, DHCP, TACACS+, RADIUS, SNMP and syslog protocols.
 Knowledge of network-based and system-level attacks and mitigation methods.
 Familiarity with common network security industry practices, forums, and institutions.
 Understanding of Internet backbone routing.





Preferred qualifications


 Network certifications - JNCIE, CCIE
 Security certifications - JNCIE-SEC, CISSP, CEH, Security+

Job Opening In COLUMBIA, SC

Position Title:                    Linux Administrator
Position Id:                         6406-1
Duration:                             5 Months
Work Location:                 COLUMBIA, SC 29210
SCOPE OF THE PROJECT:
SOC SECURITY AND LINUX SUPPORT ENGINEER
Support the Division of Information Security (DIS) Security Operations Center (SOC) daily operations with installation, configuration, administration, monitoring and troubleshooting security sensors, log sources, and supporting systems.DAILY DUTIES / RESPONSIBILITIES:
MANAGE AND ADMINISTER A LARGE NUMBER OF LINUX SERVERS AND OPEN-SOURCE SOFTWARE PACKAGES.
MANAGE OPEN-SOURCE PATCH MANAGEMENT AND STATUS MONITORING SYSTEMS.INSTALL AND CONFIGURE SECURITY SENSORS COMPRISED OF OPEN-SOURCE CENTOS LINUX PLATFORMS AS WELL AS IBM/QRADAR FLOW COLLECTOR AND EVENT COLLECTOR APPLIANCES.
WORK WITH STATE ENTITIES TO INTEGRATE NEW LOG SOURCES INTO SOC MONITORING AS WELL AS MAINATIN AND MONITOR EXISTING LOG SOURCES.

REQUIRED EDUCATION/CERTIFICATIONS:
Bachelor’s degree, or 4 years of experience in Linux system administration.

Category
Name
Last Used
Last Used by Candidate (Year)
Experience
Candidate Exp. (in years)
Network Security
information security principles and practices
Within 6 Months
2 – 4 Years
Network Security
IT Security
Within 6 Months
2 – 4 Years
Network Security
Security Information Event Management (SIEM) systems development / configuration
Within 6 Months
2 – 4 Years
Networking & Directories
Experience with UNIX, Windows, Linux, MacOS, Cisco, Juniper, web apps, databases, strong authentication, operating systems and network security protocols and procedures.
Currently Using
4 – 6 Years
Networking & Directories
Information Security
Within 6 Months
2 – 4 Years
Operating Systems/APIs
Linux
Currently Using
4 – 6 Years
Programming Languages
BASH SCRIPTING
Within 6 Months
2 – 4 Years
Programming Languages
Perl
Within 6 Months
2 – 4 Years
Programming Languages
Python
Within 6 Months
2 – 4 Years
Programming Languages
Relevant programming languages and scripting tools.
Within 6 Months
2 – 4 Years
Protocols
Knowledge of networking protocols, including TCP/IP, HTTP, NTP, DNS, MLLP, NDM
Currently Using
4 – 6 Years
Protocols
TCP/IP
Currently Using
4 – 6 Years
Specialties
Experience in developing and maintaining documentation for policies, procedures, and best practices
Within 1 Year
2 – 4 Years
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
  • Expert level ability to administer Linux and open-source systems.
  • Skilled in scripting languages such as Bash, Perl or Python.
  • Understanding of computer and network operating system fundamentals on diverse platforms (e.g. Unix, Linux, Windows, Mac/OS, Cisco, Juniper, etc.)
  • Knowledge of network protocols and ability to perform TCP/IP packet analysis
  • Excellent written and oral communication skills
    PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):
    Cyber awareness and understanding.
    Knowledge of information security topics related to computers, networks, and software
    Experience with Security Information Event Management (SIEM) and Intrusion Detection Systems (IDS) configuration, tuning, and operation.
    Understanding of information security event correlation.
    Experience with authoring of policies, standards, or procedures.