• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs
  • Log in

it jobs in usa

Convocourses contacts CISSP study Q&A

November 6, 2021 by Bruce Brown Leave a Comment

Sign up for free at http://convocourses.com for deeper dives.  

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Filed Under: convocourses, roles Tagged With: CISSP, convocourses, Convocourses contacts CISSP study Q&A, it jobs in usa, q&a

Is there racism for black men in information technology

November 6, 2021 by Bruce Brown Leave a Comment

Sign up for free at http://convocourses.com for deeper dives.  

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Filed Under: convocourses, IT Security Jobs, risk jobs, telework jobs Tagged With: black man in IT, information technology, Is there racism for black men in information technology, it jobs in usa

Become a better ISSO and cybersecurity analyst Q&A

November 6, 2021 by Bruce Brown Leave a Comment

Sign up for free at http://convocourses.com for deeper dives.  

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Filed Under: certification & accreditation, convocourses, Risk Management For DoD IT Tagged With: Become a better ISSO and cybersecurity analyst Q&A, cybersecurity, cybersecurity analyst, ISSO and cybersecurity analyst, it jobs in usa

False positive versus false negative

July 20, 2021 by Bruce Brown Leave a Comment

False Positive – a test result that incorrectly indicates that a particular condition or attribute is present.
False Negative – a test result that incorrectly indicates that a particular condition or attribute is absent.

Sign up for free at http://convocourses.com for deeper dives.  

Many more videos on https://www.youtube.com/convocourses

short videos at https://www.tiktok.com/@convocourses?lang=en

and https://www.instagram.com/convocourses/

https://www.facebook.com/ConvoCourses-108091850619388

Podcast version of the content:

https://podcasts.apple.com/us/podcast/convocourses/id1500188278

http://www.nist80037rmf.com/google_podcast

Filed Under: certification & accreditation, cloud, convocourses, DIACAP, DIARMF Tagged With: false negative, False positive, False positive versus false negative, it jobs in usa, IT Q and A, Nessus Scan

cyber security engineer anaheim ca

April 30, 2019 by cyberaware2 Leave a Comment

check out my courses at:
http://securitycompliance.thinkific.com

the job****************************************
Job Title: Cyber Security Engineer
Location: Anaheim ,CA
Duration: Long Term Contract

Relevant Experience: 8+ Years.

Essential Duties and Responsibilities
• Evaluates current systems environments, conducts research, recommends, and implements innovative systems technology that can enhance the reliability, security with emphasis on cyber security technology, productivity, and agility of the IT infrastructure
• Identifies assets and assesses risks, threats, and vulnerabilities of the IT assets in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, non-repudiation and contract compliance.
• Identifies and recommends cyber strategies for technology development based on stakeholder requirements
• Drives security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle
• Owns and documents the implementation of the security controls and creates auditable evidence of security measures
• Develops and recommends security controls, identifies key security objectives to maximize software and system security while minimizing disruption to plans and schedules
• Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation
• Actively recommends engineering solutions in collaboration with application owners to remediate inherent cyber security risks
• Leads the collection and analysis of benchmarks and metrics for the department to drive continuous improvement
• Perform ongoing performance tuning, hardware upgrades, and resource optimization, configure CPU, memory, and disk partitions as required.
• Install new and rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.

Essential Education and Skills
Desired:
• Bachelor’s degree in Computer Science or related field, or equivalent work experience
• 6+ years of Information Technology experience, with at least 3 years of experience in information security working within security operations
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
• Mastery of Cybersecurity best practices and standards (e.g. NIST, ISO, etc.)
• Mastery of computer networking concepts and protocols, and network security methodologies
• Mastery of cloud security concepts, including experience with public cloud (e.g. AWS, Microsoft Azure, etc.) and implementation experience

Knowledge, Skills, and Abilities:
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Experience monitoring threats via a SIEM console
• Deep knowledge of diverse operating systems, networking protocols, and systems administration
• Knowledge of Intrusion Detection/Prevention Systems
• Knowledge of Antivirus Systems
• Knowledge of commercial forensic tools
• Knowledge of common indicators of compromise and of methods for detecting these incidents
• Knowledge of TCP/IP Networking and knowledge of the OSI model
• Knowledge of OS management and Network Devices
• Solid working knowledge of SAN and NAS technology and VMWare
• Experience with Window systems administration – Domain Controllers, Active Directory, Sites and Services, File Server, GPO, DNS, SMTP, IIS etc.
• Experience with Power shell scripting
• Experience with SQL Server, Windows Virtualizations & Linux servers
• Excellent problem solving, critical thinking, and analytical skills – ability to de-construct problems

Thanks & Regards
Siva Kumar
Direct Line: 630-300-3850
Fax: 630-388-0066
Email: siva.kumar@olooptech.com
Oloop Technologies | Aurora, IL

Cyber Security Engineer
Confidential
Anaheim, CA

Filed Under: cyberspace workforce, DIARMF Jobs, Information Assurance Jobs, IT Security Jobs, risk jobs Tagged With: IT job, it jobs in usa, jobs

Security Specialist in Raleigh NC

February 1, 2016 by Bruce Brown Leave a Comment

www.22ndstaffing.com
Short Description:
Contract resource with senior Information Security Analyst skillset, with focus on Identity and Access Management (I&AM), risk analysis, and information security policy, standards and procedure development.
Complete Description:
The Department of Transportation is seeking a short-term contractor to implement and maintain information security best practices within the NCDOT environment related to Identity and Access Management (I&AM) as well as other information security risk assessments, analysis and consultation for various IT systems.  Identity and Access Management (I&AM) is responsible for designing, developing and supporting a suite of agency wide shared services that primarily focus on identity, authentication, authorization, request management, provisioning, and certification.  The staff is part of the IT Information Security Office (ISO), with end-to-end responsibility for the agency-wide information security policy and standards.  The candidate should be an information security analyst with extensive information security operational experience, that also understands enterprise architecture, policy, standards and procedure and can consult with support, implementation and architecture teams.
Responsibilities will include:
  • Working with project & team managers and stakeholders to produce high quality and detailed identity and access management business requirements as they related to information security
  • Develop and enforce policies for identity and access management (I&AM) team for claims based authentication
  • Define the information security policy, standards and process/procedures as required for utilizing an identity management system including:  role mining, attestation, account provisioning, cloud/federated access provisioning, and others.
  • Develop  security policies and procedures for Roles Based Access Controls in claims based architecture
  • Develop security policies and procedures for claims based architecture for Active Directory and Sharepoint
  • Actively participate in assessment, planning, architecture, and design activities
  • Design, document, and implement security controls for Identity and Access Management
  • BizTalk, UDDI, web services, and claims based authentication experience
  • Design, document, and put security governance in place for external claims based authentication
The position will be responsible for documentation of security standards, security patterns, processes and procedures related to securing of web services and interoperability of all systems for the 3C and Data Services project.  The individual will educate application development teams on those standards and processes from an information security perspective.

Filed Under: cyberspace workforce, DIARMF Jobs Tagged With: 22nd Century Technologies Inc, ia jobs, information assurance jobs, it jobs in usa, jobs in america, NC, Raleigh, security specialist

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Primary Sidebar

search


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Convocourses Podcast: Plan of Action and Milestone
  • Start with These IT Certifications (Part 1)
  • How to Tailor Security Controls in NIST 800
  • #cybersecurityjobs are recession proof
  • What IT Certifications for Information Security (part 2) (8140)

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce IA implement implementation info assurance information assurance information security ISSO IT it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book

Copyright © 2023 · Author Pro on Genesis Framework · WordPress · Log in