ConvoCourses

Cyber Security Compliance and IT Jobs

job

3 Remote Oracle Jobs – telework

by Leave a Comment

**checkout how I find these jobs: https://securitycompliance.thinkific.com/courses/find-it-remote-work **

ROLE 1

Oracle CloudChange Mgmt Consultant

Start:Immediate

Falls Church,VA

Duration: 7-8months + extension (go-live scheduled for end of Oct)

Experiencedhealthcare ERP OCM expert

Broad functionalarea experience

Will workdirectly with Inova resources and uplift their skills

Currentlyworking remote due to virus, but will need to be on-site eventually

ROLE 2

SeniorTechnical ERP Leader (ORCL Cloud)

Start:Immediate

Falls Church,VA

Duration: 7-8months + extension (go-live scheduled for end of Oct)

Senior ISLeader that has experience with big ERP initiatives – need ORCL Cloudexperience

They need totake application inventory and institute portfolio mgmt. and governance from atech perspective

Must be forwardthinking tech advisor that can present them with logical, coherent analyticsstrategy across all work streams

Senior managerlevel or higher – strong exec level presence

Thanks & Regards

Manish Kumar

Account Delivery Head

Office 732-456-5598 Direct – 408-882-6923

manish@eateam.com

EATeam, Inc.

HQ: 2 Kilmer RD, Edison NJ 08817

IT-COE:429 Sylvan Ave Second Floor Suite A Englewood Cliffs NJ 07632

www.EATeam.com

Job position for DIACAP Compliance Engineer at Tarrytown, NY

by Leave a Comment

Role: DIACAP Compliance Engineer
Location: Tarrytown, NY
Duration: 6+ months

Keywords: – STIG, TFS, DevOps, Windows Imaging WIX, MSI, PowerShell, Anti-Virus, Whitelisting

Job Description:
Background
Source code management (SCM) & DEVOPS team (Infrastructure Team) manages the entire continuous integration, continues development chain process of a global Engineering conglomerate.
Application is developed using Microsoft technology C#, C++, WPF, MVVM and custom control on Windows-7 platform. The backbone of the entire SCM is Microsoft TFS while the packaging strategy is utilizing MSI and WIX. The current build management is driven by customized XMAL with PowerShell usage. Now the plans are to move to VNEXT that provides flexibility as an orchestrator and allows better reporting, triggering and logging facility.
The Goal of this team is to make the entire infrastructure to be in compliant with DIACAP (DoD Information Assurance Certification and Accreditation) process

Expectations – The team is looking out for Engineers who can augment the current team and support on following tasks
This means the identified engineer needs experience in DIACAP process (not knowledge) on how the system could be transformed to be DIACAP compliant system.
• Experienced in the Security Technical Implementation Guide (STIG) that provides security guidance for .NET deployments in workstations or servers and focuses on the secure configuration of the .NET Common Language Runtime (CLR).
• Identify loopholes and open items as part of IIS 7.0 Web Server to ensure that the IIS 7.0 becomes STIG compliant and thus related request handling and filtering are done in control manner and encryption is applied for protocols or data exchange for HTTP, FTP or telnet and more of such tasks etc.
• Ensuring the basic need of McAfee VirusScan 8.8 Managed Client STIG that highly suggests to have antivirus to be monitoring 24*7 along with no possibility of stoppage of such services and availability of antivirus signed files almost every day
• Ensure security enablement in Microsoft Internet Explorer 11 client used on Windows-7 workstations like script execution, popup restrictions as needed and stoppage of unsigned ACTIVEX controls
• Experience in interpreting STIG scans that reflect results on periodic basis.
• Experience in working on adding check and controls in build management system that automates scans ensure STIG compliance.

Soft Skills
• Good Team Player
• Good Written and verbal communication skills
• Customer facing experience would be added advantage

www.enterprisesolutioninc.com Pradyut Bhattacharya
Enterprise Solution Inc.
500 E. Diehl Road, Suite 130, Naperville, IL 60563
Office: # 630-214-9485

Information Security in CHATTANOOGA TN

by Leave a Comment

 

Title                                                         INFORMATION SECURITY(5263850)
Location:                                                CHATTANOOGA TN 37402-2801
Duration:                                               12 month(s)
Hours:                                                    8:00am to 5:00 pm
Job Description
  • THIS PERSON WILL BE ACCOUNTABLE FOR HAVING FIRM KNOWLEDGE IN A BROAD RANGE OF INFORMATION SECURITY DISCIPLINES AND TO EDUCATE AND DRIVE THE IMPLEMENTATION AND STANDARDIZATION OF THE TVA ENTERPRISE SECURITY PROGRAM. THIS WILL INVOLVE CONTRIBUTING TO THE DEVELOPMENT, MAINTENANCE, AND IMPLEMENTATION OF THE ENTERPRISE SECURITY PROGRAM, AND HELPING TO ENSURE THE OVERALL ACHIEVEMENT AND COMPLIANCE WITH THE SECURITY GOALS, REGULATORY REQUIREMENTS AND COMPANY DIRECTION. THIS PERSON WILL BRING BASIC INDUSTRY INSIGHT AND INFORMATION SECURITY UNDERSTANDING TO TVA. PERFORMS CONTROL AND VULNERABILITY ASSESSMENTS TO IDENTIFY WEAKNESSES AND ASSESS THE EFFECTIVENESS OF EXISTING CONTROLS, AND RECOMMENDS REMEDIAL ACTION
  • REPORTS TO INFORMATION SECURITY MANAGEMENT CONCERNING RESIDUAL RISK, VULNERABILITIES AND OTHER SECURITY EXPOSURES, INCLUDING MISUSE OF INFORMATION ASSETS AND NONCOMPLIANCE
  • PARTICIPATE IN PROJECT REVIEWS, INCIDENT DEBRIEFS AND EVALUATION (SUCH AS AUDIT) REVIEWS TO UNDERSTAND THE ISSUES AND GAPS, FACTOR INTO CONTINUOUS IMPROVEMENT AND ALTER/ENHANCE THE EDUCATION AND COMMUNICATION PLANS.
  • PLAYS AN ADVISORY ROLE IN APPLICATION DEVELOPMENT OR ACQUISITION PROJECTS, TO ASSESS SECURITY REQUIREMENTS AND CONTROLS AND ENSURE THAT SECURITY CONTROLS ARE IMPLEMENTED AS PLANNED
  • COLLABORATES ON CRITICAL IT PROJECTS TO ENSURE THAT SECURITY ISSUES ARE ADDRESSED THROUGHOUT THE PROJECT LIFE CYCLE
  • ASSIST IN BUILDING BUSINESS CASES TO ESTABLISH, GROW AND CHANGE BUSINESS GROUPS, FUNCTIONS AND TECHNOLOGIES AND ESTABLISHES, DEVELOPS AND GROWS INFORMATION SECURITY, RISK AND COMPLIANCE OPERATIONAL SECURITY PROGRAM CONTRIBUTES TO THE DEVELOPMENT OF SECURITY ARCHITECTURE AND SECURITY POLICIES, PRINCIPLES AND STANDARDS.
  • EDUCATION — A BACHELOR’S DEGREE IN COMPUTER SCIENCE, ENGINEERING OR A RELATED FIELD OF STUDY; OR EQUIVALENT EDUCATION, TRAINING & EXPERIENCE.
  • EXPERIENCE — FIVE OR MORE YEARS OF CURRENT AND HANDS ON INFORMATION TECHNOLOGY EXPERIENCE PROTECTING ELECTRONIC AND INFORMATION BASED ASSETS. MUST HAVE SIGNIFICANT EXPERIENCE LEADING PROJECTS/TEAMS. AUDIT/INVESTIGATIONS EXPERIENCE IS HIGHLY DESIRED. OPERATING PLANT EXPERIENCE IS HIGHLY DESIRED.
  • CERTIFICATION/LICENSE, ETC — CISSP, CISM, CISA, CPP, OR EQUIVALENT PREFERRED.
  • KNOWLEDGE/SKILLS/ABILITIES — DEMONSTRATED MANAGERIAL COMPETENCIES IN LEADERSHIP, DELEGATION, ANALYSIS, TEAMWORK, COACHING/DEVELOPMENT, CUSTOMER SERVICE, PLANNING/ORGANIZING, FLEXIBILITY, STRESS TOLERANCE, COMMUNICATION. DEMONSTRATED STRATEGIC AND TACTICAL IT PLANNING. BROAD KNOWLEDGE OF BUSINESS FUNCTIONS AND RELATED EIT SECURITY NEEDS. MUST STAY FAMILIAR WITH FEDERAL LAWS, REGULATIONS, AND INDUSTRY BEST PRACTICES FOR EIT SECURITY STRATEGIES AND TECHNOLOGY. KNOWLEDGE OF IT OPERATIONAL INFRASTRUCTURE INCLUDING DISASTER RECOVERY/BACKUP, DATA MANAGEMENT, AND ABILITY TO DEVELOP/ENSURE SECURITY MEASURES/PROCESSES ARE IMPLEMENTED. EXCELLENT ABILITY TO RESEARCH, EVALUATE AND RECOMMEND TECHNICAL SOLUTIONS. ABILITY TO DEVELOP PLANS AND EXECUTE COMPLEX EFFORTS INVOLVING APPLICATION OF ADVANCED TECHNOLOGICAL KNOWLEDGE. MUST DEMONSTRATE TACT AND EFFECTIVE JUDGMENT DEALING WITH CONFIDENTIAL/SENSITIVE MATERIAL. ABILITY TO OBTAIN AND MAINTAIN SECRET SECURITY CLEARANCE REQUIRED. CANDIDATE MAY BE REQUIRED TO OBTAIN AND MAINTAIN A SECURITY CLEARANCE BASED ON POSITION / ACCESS REQUIREMENTS AND ESSENTIAL JOB FUNCTIONS.
Job Details:
• Previous work experience in the cyber security field.
• Superior written and oral communication skills.
• Strong understanding of TCP/IP communication and network topologies.
• Vulnerability analysis and remediation using automated tools.
• Extreme attention to detail, with emphasis on accuracy.
• Bachelor’s degree in a computer-related field of study or 2+ years of related work experience.

DATA/INFORMATION ARCHITECT in COLUMBIA, SC

by Leave a Comment

 

 Please send your updated resume with rates expected for this position
Position Title
DATA/INFORMATION Architect
Position Id
6414-1
Agency
Department of Administration
Duration
5 Months +
Work Location
4430 BROAD RIVER ROAD, COLUMBIA, SC 29210

SCOPE OF THE PROJECT:

Will work as an Information Security Architect/Engineer in the Division of Information Security and assist with the implementation, integration and operationalizing advanced security technologies. Develop operational plans for integrating and implementing security technologies within existing division and agency infrastructure and operational processes. Develop full life cycle processes and procedures along with repeatable guides for standard implementation and assist agencies as needed to incorporate systems.

DAILY DUTIES / RESPONSIBILITIES:

Information Security architecting, engineering and operations. This is a full information security to include, systems, network and procedural.
Work with existing staff to architect and deploy advanced information security systems in a highly complex distributed enterprise environment.
Develop installation, configuration, and operational process/procedure documentation to enable Division of Technology and Agencies to install and operate approved security solution.
Work with Security Operations Center to identify enhanced data collection and correlation capabilities in existing data and gaps in data collection/analysis architecture, systems and procedures.
Identify and develop solutions for preventing, detecting and mitigating risks to information and information systems.
Conduct training as necessary to division and agency personnel on security processes, procedures and methodologies to ensure security event information is properly identified, correlated, documented and mitigated in accordance with department standards.

REQUIRED EDUCATION:
Bachelor’s degree or 8 to 10 years’ experience.

PREFERRED CERTIFICATIONS:
CISSP, CEH, MCSE, CCSP

Category
Name
Last Used
Last Used by Candidate (Year)
Experience
Candidate Exp. (in years)
Network Security
information security principles and practices
Currently Using
6 + Years
Network Security
IT Security
Currently Using
6 + Years
Network Security
Security Information Architecture
Currently Using
6 + Years
Network Security
Application Security
Within 1 Year
6 + Years
Network Security
risk/vulnerability assessments
Within 10 Years
6 + Years
Network Security
Role Based Access Control (RBAC)
Within 1 Year
6 + Years
Network Security
Security Information Event Management (SIEM) systems development / configuration
Within 1 Year
6 + Years
Networking & Directories
Access control logging and reporting systems
Currently Using
6 + Years
Networking & Directories
Experience with UNIX, Windows, Linux, MacOS, Cisco, Juniper, web apps, databases, strong authentication, operating systems and network security protocols and procedures.
Currently Using
6 + Years
Networking & Directories
Information Security
Currently Using
6 + Years
Networking & Directories
Network security
Currently Using
6 + Years
Networking & Directories
data discovery and data loss prevention (DLP)
Within 1 Year
6 + Years
Networking & Directories
Identity Access Management (IAM)
Within 1 Year
6 + Years
Networking & Directories
privileged user management (PUM)
Within 1 Year
6 + Years
Specialties
Event Handling
Within 1 Year
6 + Years
Specialties
IBM
Within 1 Year
6 + Years
REQUIRED SKILLS (RANK IN ORDER OF IMPORTANCE):
Cyber Awareness and understanding
Expert understanding of information, computer and network security. Its operation, engineering, and architecture.
Experience with UNIX, Windows, Linux, MacOS, Cisco, Juniper, web apps, databases, strong authentication, operating systems and network security protocols and procedures.
Expert understanding of access control logging and reporting systems.PREFERRED SKILLS (RANK IN ORDER OF IMPORTANCE):

  • Identity Access Management (IAM)
  • Role Based Access Controls (RBAC)
  • Privileged User Management (PUM)
  • Data Loss Prevention (DLP)
  • Security Information Event Management (SIEM) systems
  • Vulnerability Assessment (VA)
  • Applications Security (AppSec)
  • User metadata and Information Security event collection, logging and correlation
  • McAfee e-Policy Orchestrator (ePO) / DoD HBSS
  • Tenable Security Center / Nessus
  • IBM AppScan.

LogRhythm | Technical Alliances Engineer – Boulder, CO

by Leave a Comment

This position will expose you to the ever growing field of technology companies within network security. There is a clear growth opportunity to gain experience working with an established, in demand security software company that is partnering with other top tier security vendors. As LogRhythm continues to grow, this position will play a critical role in enhancing our customer base through developing successful alliances within the security ecosystem.

This team is positioning our Security Intelligence Platform with the top technology partners to showcase specific use cases that will help support common customers. The business development team works with our alliance partners in a number of ways including addressing a complex and evolving security landscape, meeting compliance requirements and achieving greater operational efficiency. I’ve included the web page for our partner page which provides more detailed information: https://logrhythm.com/partners/

If you’re interested in learning more please let me know and we can set aside some time to talk. Otherwise please feel free to forward within your network to anyone that might have interest.

Cyber Threat Analyst in NEWARK, Delaware

by Leave a Comment

JOB Description:-
Title:                                                  Cyber Threat Analyst I (58054-1)
Location:                                           NEWARK, Delaware 19711
Duration:                                           6 Month
Visa-                                                   US citizen and GC only.
Comments :
****SHIFT WORK – ONLY THOSE CANDIDATES  REPLY WHO ARE INTERESTED IN 12-hour Shift work on the AM shift from 1AM-1PM on a 2-3-2 (Every other weekend off) schedule *****
Job Description:  
  • TAC Information Security Analyst (Must be a US Citizen)
    The Tier I Information Security Analyst is responsible for executing day-to-day tasks in the Security Operations Center 24×7. These tasks include: answering the NASS security support hotline, monitoring the NASS security support mailbox, creating tickets for client requests, monitoring and responding to Instant Messaging applications, and executing a variety of scripted actions on timed intervals. This position will also act as Tier I support for several endpoint services.
Basic Requirements:
  • Eyes on glass monitoring and resolution of security incidents within established customer Service Level Agreements.
  • Perform daily operational ‘eyes on glass’ real-time monitoring and analysis of security events from multiple sources including but not limited to events from Security Information Monitoring tools, network and host based intrusion detection systems, firewall logs, system logs (Unix & Windows), mainframes, midrange, applications and databases.
  • Monitors and analyzes attempted efforts to compromise security protocols.
  • Identifies and investigates activities and conducts and provides analyses regarding results.
  • Escalates issues to higher level associates.
  • Reviews computer logs and messages to identify and report possible violations of security.
  • Coordinates, documents, and reports on internal investigations of security violations.
  • Interacts with customers to understand their security needs; assists in the development and implementation of procedures to accommodate them.
  • Writes security status reports to provide system status, report potential and actual security violations and provide procedural recommendations.
Basic Qualifications: 
  • Bachelor’s degree or equivalent combination of education and experience in Information Security is required.
  • Zero or more years of experience in information systems security.
  • Experience working with operating systems.
  • Experience working with domain structures and digital signatures.
  • Experience working with computer desktop packages such as Microsoft Word, Excel, etc.
  • Communication skills to interact with team members, management, and support personnel.
  • Analytical and problem solving skills for design, creation and testing of security systems.
  • Ability to work independently and as part of a team.