• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs
  • Log in

security analyst

Security Analyst in Columbia, SC with State of SC

January 29, 2016 by Bruce Brown Leave a Comment

 

22nd Century Technologies is an equal opportunity employer and considers qualified applicants for employment without regard to race, gender, age, color, religion, disability, veterans status, sexual orientation, or any other protected factor.
Kindly send me your updated resume along with expected rates at rosalynm@tscti.com also fill the skill matrix below.
Salary/Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status:
JOB TITLE                           : Security Analyst
LOCATION                           : 300A Outlet Pointe Blvd., Columbia, SC 29210
POSITION TYPE                  : Contract
Duration                               : 6 Months
Job Requirement :
Develops and manages security for more than one IT functional area (e.g., data, systems, network and/or Web) across the enterprise. Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. Responsible for the tracking and monitoring of software viruses. Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls. Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff for security related issues. Educates IT and the business about security policies and consults on security issues regarding user built/managed systems. Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues. Must have extensive knowledge in networking, databases, systems and/or Web operations. More junior level position primarily focuses on security administration; a more senior level position is involved in developing enterprise security strategies, management of security projects and the most complicated security issues.

Filed Under: cyberspace workforce, DIARMF Jobs, risk jobs Tagged With: Columbia, SC, security analyst

Security Analyst Opportunity in the DTC

January 27, 2016 by Bruce Brown Leave a Comment

BridgeView IT is seeking an IT Security Analyst located in Denver, CO. (DTC).  One of our top clients is growing their Security team. In this role, the Security Analyst will conduct risk management assessments, design, testing and implementation of security tools and controls, and participate as a subject matter expert on projects.  This Security Analyst is responsible for the maintenance of, and monitoring compliance with, information security governance policies and procedures; ensuring timely responses to client/customer RFP’s and questionnaires; research and investigation of security alerts; providing security awareness training and materials to staff; and assisting with response, research and investigation of security incidents.

REQUIRED SKILLS

  • 3+ years previous information technology audit experience, and/or 4 years information security analyst experience required. (Preferably in highly complex technical environment, within the Financial Services area.) Previous experience should include: security incident response, performing extensive security planning, and conducting information security audits.
  • 3+ years project management experience including the ability to organize, plan, prioritize and complete assignments with minimal supervision
  • Prior experience should include having applied relevant technical knowledge in at least one of the following areas:
    • Internal or Operational IT audits
    • Information security technologies, tools, and best practices
    • Working with external vendors for penetration testing, audits, or other regulatory related requests
    • Participating in defining overall governance strategies and plans
  • Demonstrated ability to clearly communicate information security technical issues & concepts using language and examples, to a wide audience of both technical and non-technical personnel (to include executives, auditors, end users, and engineers.)
  • Demonstrated working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling) is required.
  • Demonstrated ability to interpret information security data and processes, to identify risk and potential compliance issues is required.
  • Bachelor’s Degree (Computer Science or Information Systems) and/or equivalent applicable experience.

JOB OVERVIEW

  • Plans, implements and maintains security administration for people, process and technology in assigned functional areas (e.g., policies, vendor management, awareness and training, RFI/RFP).
  • Assesses the impact on the business caused by theft, destruction, alteration, or denial of access to information.
  • Conduct evaluations to verify that appropriate security controls are in place on all devices and processes within the corporate network and application development functions.
  • Provide the necessary support to monitor and ensure compliance with information security policies and procedures including assistance with technical reviews and identification of security risks.
  • Develop information security end-user communication and training materials, including general population, as well as targeted audiences such as developers, system administrators, DBAs, supervisors and officers.
  • Work directly with internal teams and external customers to provide guidance and documentation for security related purposes.
  • Partner with IT and businesses to enhance enterprise awareness of IT security requirements/controls and embed these controls into the system development life cycle.
  • Identify, monitor, and report on IT issues (control gaps, issues, findings, vulnerabilities) identified during audits/assessments and associated remediation activities.
  • Perform vendor security risk assessments. Translate and communicate the results to vendor management and business partners.
  • Perform other tasks related to developing, monitoring, and assessing the effectiveness of IT security controls as assigned. Assist in the execution of special assignments and projects as directed.
  • Coordinates and manages proposals/project responses as an Information Security/Risk Subject Matter Expert on an assigned basis and works with various teams and subject matter experts to ensure the appropriate strategy is used, and responses provided, to accurately meet the objectives of the RFP.

Filed Under: cyberspace workforce, DIARMF Jobs, risk jobs Tagged With: denver, DTC, security analyst, Security Analyst Opportunity

Security Analyst Location 300A Outlet Pointe Blvd., Columbia, SC 29210

January 19, 2016 by Bruce Brown Leave a Comment

Security Analyst Location 300A Outlet Pointe Blvd., Columbia, SC 29210

We are looking for Security Analyst Location 300A Outlet Pointe Blvd., Columbia, SC 29210 (WITH DIRECT CLIENT)                                                        
Additional Job Details:
JOB TITLE                           : Security Analyst
LOCATION                           : 300A Outlet Pointe Blvd., Columbia, SC 29210
POSITION TYPE                  : Contract
Duration                               : 6 Months
IN PERSON INTERVIEW
Job Requirement :
Develops and manages security for more than one IT functional area (e.g., data, systems, network and/or Web) across the enterprise. Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. Responsible for the tracking and monitoring of software viruses. Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls. Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff for security related issues. Educates IT and the business about security policies and consults on security issues regarding user built/managed systems. Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues. Must have extensive knowledge in networking, databases, systems and/or Web operations. More junior level position primarily focuses on security administration; a more senior level position is involved in developing enterprise security strategies, management of security projects and the most complicated security issues.
If interested then please respond with the below mentioned details along with your updated resume at harshs@22ndstaffing.com so that we can discuss this further.
Full Name
Contact Number:
Current Location:
Skype ID:
Work Authorization:
Expected Rates:
Total Experience:
Total US Experience:
Availability for Joining:

 

Filed Under: cyberspace workforce, DIARMF Jobs, risk jobs Tagged With: Columbia, cyber security, jobs, security analyst, south carolina

computer network defense

January 23, 2014 by Bruce Brown Leave a Comment

Computer Network Defense is listed in the DoDD 8140, Cyberspace workforce has as a task among the Protect & Defend Category.

Job Description of Computer Network Defense

The actual work of Computer Network Defense covers Protect & defend and Analyze and possibly other categories.  A system security analyst doing CND work is expect to monitor, detect and respond to security incidents on the network.  They need to be familiar with not only information system security tools to monitor network traffic but they must also be able to know what the actual packets look like with certain patterns emerge on the network.  They must be familiar with certain patterns to detect network attacks and be familiar with incident handling.

Tools of Computer Network Defense

System security analyst performing CND work should be able to use a packet sniffer (protocol analyzer) such as wireshark and etherape.  The are also expected to be knowledgeable of certain Intrusion Detection System (such as Snort).  Or they can also have working experience with Intrusion Prevention Systems.  Since there are so many products that do very similar work of IPS, IDS, or packet analyzer knowing one really good and having a little hands on with others is usually ok.  What is important is knowing signature system attacks well enough to detect them when they occur, understanding ports, protocols and services and being intimately familiar with network packets.

8140 cyberpace computer network defense
8140 cyberpace computer network defense

Computer Network Defense Certification

GIAC Certified Intrusion Analysts (GCIAs) – The top of the food chain for security analysts doing pure analyst work.  Highly, highly respect intrusion cert.

GIAC Certified Incident Handler (GCIH) – Help certification to establish yourself.

CISSP – not really relevant or specialized for incident analysis but accepted like a VISA card.

Security+…not so much.. its like bringing a knife to a gun fight.

Filed Under: Assurance Technology, cyberspace workforce, Information Assurance, Information Assurance Jobs Tagged With: advanced persistent threats, APT, cnd, computer network defense, cyber, cybersecurity, cyberspace workforce, dod information assurance awareness, dodd 8140, dodd 8140 cyberspace workforce, IA, information, information assurance, information security, security, security analysis, security analyst, security operations center

Primary Sidebar

search


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Convocourses Podcast: Plan of Action and Milestone
  • Start with These IT Certifications (Part 1)
  • How to Tailor Security Controls in NIST 800
  • #cybersecurityjobs are recession proof
  • What IT Certifications for Information Security (part 2) (8140)

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce IA implement implementation info assurance information assurance information security ISSO IT it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book

Copyright © 2023 · Author Pro on Genesis Framework · WordPress · Log in