Cyber Security Compliance and IT Jobs
False Positive – a test result that incorrectly indicates that a particular condition or attribute is present.
False Negative – a test result that incorrectly indicates that a particular condition or attribute is absent.
Sign up for free at http://convocourses.com for deeper dives.
Many more videos on https://www.youtube.com/convocourses
short videos at https://www.tiktok.com/@convocourses?lang=en
and https://www.instagram.com/convocourses/
Podcast version of the content:
check out my courses at:
http://securitycompliance.thinkific.com
the job****************************************
Job Title: Cyber Security Engineer
Location: Anaheim ,CA
Duration: Long Term Contract
Relevant Experience: 8+ Years.
Essential Duties and Responsibilities
• Evaluates current systems environments, conducts research, recommends, and implements innovative systems technology that can enhance the reliability, security with emphasis on cyber security technology, productivity, and agility of the IT infrastructure
• Identifies assets and assesses risks, threats, and vulnerabilities of the IT assets in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, non-repudiation and contract compliance.
• Identifies and recommends cyber strategies for technology development based on stakeholder requirements
• Drives security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle
• Owns and documents the implementation of the security controls and creates auditable evidence of security measures
• Develops and recommends security controls, identifies key security objectives to maximize software and system security while minimizing disruption to plans and schedules
• Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation
• Actively recommends engineering solutions in collaboration with application owners to remediate inherent cyber security risks
• Leads the collection and analysis of benchmarks and metrics for the department to drive continuous improvement
• Perform ongoing performance tuning, hardware upgrades, and resource optimization, configure CPU, memory, and disk partitions as required.
• Install new and rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.
Essential Education and Skills
Desired:
• Bachelor’s degree in Computer Science or related field, or equivalent work experience
• 6+ years of Information Technology experience, with at least 3 years of experience in information security working within security operations
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
• Mastery of Cybersecurity best practices and standards (e.g. NIST, ISO, etc.)
• Mastery of computer networking concepts and protocols, and network security methodologies
• Mastery of cloud security concepts, including experience with public cloud (e.g. AWS, Microsoft Azure, etc.) and implementation experience
Knowledge, Skills, and Abilities:
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Experience monitoring threats via a SIEM console
• Deep knowledge of diverse operating systems, networking protocols, and systems administration
• Knowledge of Intrusion Detection/Prevention Systems
• Knowledge of Antivirus Systems
• Knowledge of commercial forensic tools
• Knowledge of common indicators of compromise and of methods for detecting these incidents
• Knowledge of TCP/IP Networking and knowledge of the OSI model
• Knowledge of OS management and Network Devices
• Solid working knowledge of SAN and NAS technology and VMWare
• Experience with Window systems administration – Domain Controllers, Active Directory, Sites and Services, File Server, GPO, DNS, SMTP, IIS etc.
• Experience with Power shell scripting
• Experience with SQL Server, Windows Virtualizations & Linux servers
• Excellent problem solving, critical thinking, and analytical skills – ability to de-construct problems
Thanks & Regards
Siva Kumar
Direct Line: 630-300-3850
Fax: 630-388-0066
Email: siva.kumar@olooptech.com
Oloop Technologies | Aurora, IL
Cyber Security Engineer
Confidential
Anaheim, CA
|
Questions
|
Questions
|
Answers
|
|
Question 1
|
Absences greater than two weeks MUST be approved by CAI management in advance, and contact information must be provided to CAI so that the resource can be reached during his or her absence. The Client has the right to dismiss the resource if he or she does not return to work by the agreed upon date. Do you accept this requirement?
|
|
|
Question 2
|
All work must be completed on site. Do you accept this requirement?
|
|
|
Question 3
|
Please list candidate’s email address HERE that will be used when submitting E-RTR.
|
|
|
Question 4
|
Please indicate how soon this candidate is available to start work. Vendors are encouraged to submit candidates that are available for the duration of the assignment.
|
|
|
Question 5
|
Vendor must disclose to the agency if the candidate will be subcontracted at the time of submission. Do you accept this requirement?
|
|
|
Question 6
|
Vendor must notify the agency if any portion of the requirements listed in this task order are to be outsourced to other countries. Do you accept this requirement?
|
|
|
Question 7
|
This role is not new to the Department. There has been someone working in the role in the past. However, this is a new requirement for those services and it is open for competition.
|
Information Technology (IT) jobs in the USA are very hot! As more and more business’ in developed countries go online, more and more jobs for IT become available. According to Wanted Analytics, China currently has the greatest demand for software engineers with the USA in second. The key to getting an IT job in America is specialization. Companies are looking for a specific skillset. According to an article on Fortune magazine, 3 of the top 10 career fields with the most job openings of 2014 were specialized IT jobs.
IT is very competitive but once you specialize in a certain aspect of IT (i.e. IT security engineer, IT network engineer, software engineer) your competition gets smaller. Remaining competitive means gaining experience, IT certifications and degrees. As the market for IT people has gotten more complex it has also become important to be diversified in your skills. If you are a software engineer it really helps to know other things like networking, security and maybe even program management.
Probably the most important thing to do if you are going for a job in Information Technology is to study the company or organization that you are going after. Often times employers are looking for something every specific. You may have the experience they are looking for so you should put that on your resume and make sure it is mentioned during the interview. You find that you are just shy of what they are looking for then you should learn what you can before you approaching them.
In the DoD, every IT professional is expected to have solid security experience or security certification even if they are not an expert in it.
IT is a huge growing market.