• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs

security engineer

Security Engineer in Brooklyn, NY job

August 12, 2020 by Leave a Comment

Security Engineer in Brooklyn, NY
POSITION: Security Engineer
LOCATION: Brooklyn, NY
DURATION: 6+ Months CTH
INTERVIEW TYPE : Phone/Skype to hire
Visa: USC/GC
Required Knowledge, Skills, and Abilities
Candidates should have:
· strong IT skills and a deep understanding of cyber hacker methodology
· excellent verbal and written communication skills, interpersonal skills, and analytical skills
· thorough work ethic and attention to detail
· skills of perception, critical thinking, and problem-solving aptitude.
Rapid7 Nexpose, SPLUNK, PaloAltoFirewalls, NAC – Network Access Control (CISCO ISE, Aruba, Forescout)
Certifications that would be helpful: GCIH/incident inhandlin, GMON /monitoring, GOSCP / offensive security certified professional
Global experience or not daunted by size and complexity
Self-starter, tenacious, resilient

POC:
Jonas Kevin
Sr US IT Recruiter
Office: +1 609 309 6625
Email- jonas@techlogixinc.com

Filed Under: Risk Management For DoD IT Tagged With: brooklyn, hacker methods, Network access control, nexpose, NYC, palo alto network, security engineer, splunk

information assurance engineer maryland Aberdeen

April 16, 2019 by Leave a Comment

check me out on:
https://securitycompliance.thinkific.com

the Job:
Job Title: Information Assurance Engineer
Location: Aberdeen, MD
Position Type: Full Time

Clearance: Minimum Interim Secret

Must Have IAT Level 3 Certification.

Job Description:
Provides security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering.
Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures;
verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.
Mandatory Skills:
Demonstrated experience performing IA activities in support of software and system requirements, design, development, testing and sustainment
Experience with employment of IA requirements, policies, and processes to include authorization and accreditation as part of the RMF process
Experience with risk and vulnerability assessments and mitigation
Demonstrated ability to provide guidance on Intelligence Community (IC) Cyber/IA regulations and requirements to senior customers, senior LM leaders, and the program engineering staff
Experience with Security Information and Event Management (SIEM) correlation tools, Scanning (Nessus), and Host Based
Security System (HBSS)
Please provide the following information
Rate Expectation:
Full Name:
Contact No:
Alternate contact (if any):
Email address:
Current Location:
Relocation:
Availability:
Visa status

Kindly share your detailed resume at zoeyw@etalentnetwork.com

If you are qualified and interested in making a change or know of a friend who might have the required qualifications, please call me ASAP at (877) 733-3555 Ext.267, even if we have spoken recently about a different position. If you do respond via e-mail please include a daytime phone number so I can reach you. In considering candidates, time is of the essence, so please respond ASAP. Thank you.

Sincerely yours,
ZoeyWest
E TalentNetwork

Home


8251 Greensboro Drive, Suite 250
McLeanVA
zoeyw@etalentnetwork.com
(877) 733-3555 Ext.267

Filed Under: cyberspace workforce, Information Assurance, Information Assurance Jobs, information system compliance, IT Security Jobs, risk jobs, Risk Management For DoD IT, security compliance Tagged With: 8570, cyber, cybersecurity, HBSS, IA, IAT, information assurance, information assurance engineer, infosec, maryland, nessus, Risk Management Framework (RMF) for DoD Information Technology (IT), rmf, security engineer, SEIM, SIEM

Security Engineer – Foster City, CA

January 26, 2016 by Bruce Brown Leave a Comment

9to9 Software Solutions is looking for Security Engineer for our client in  Foster City, CA.

 Client:      Gilead Sciences

Title:         Security Engineer

Duration: 12+ Months

Location:  Foster City, CA

  • Someone who is in the operational side of the security space.
  • Must have great communication and have worked on security projects.
  • Must have 3+ years experience using Nexpose and ArcSight.

 

Main Requirements:

·         Someone who can run Nexpose for us day to day (fairly operational work).

·         Can help us build ArcSight ESM content.

·         Take care of ArcSight related operational tasks.

·         Been in the security space for 5+ years.

·         Great communication skills.

Filed Under: cyberspace workforce, DIARMF Jobs, risk jobs Tagged With: 9to9 Software Solutions, ArcSight, c&a, foster, gilead sciences, nexpose, security engineer

security engineer

January 22, 2014 by Bruce Brown 1 Comment

System Security Engineer is a critical job in the cyberspace workforce.  As information technology has become a centerpiece for our lives, the security of IT has been more and more in demand.  A security engineer is expected to have a working understanding of IT enough to be able to strike a balance between operational functionality and application security controls.

System Security Engineer (ISSE, CSSE, SSE I/S Security Engineer) actually can mean anything.. So you actually need to read the job description.  But in this post, I am referring to SSE from the perspective Risk Management and DIARMF.

DIARMF Select balance
DIARMF
blog.eircomforbusiness.com/profile/Andy (andy O’Kelly, eircomforbusiness.com)

And Risk Management SSE needs to be savvy enough with the operational needs and security needs to balance the risk.  While a security engineer does not take risks of the organization they work for, they do consult the decision makers that do take risks.

Many security engineers are not hands on.  Meaning they might not touch the servers or configure routers, but they must know enough to orchestrate the over all security of the organization or system they are assigned to.

System Security Engineering Tasks

I have been in system security engineer positions where I did have hands-on tasks working directly with the system administrators and I have had some where I rarely even seen the systems that I wrote system security plans for.

System Security Engineers do consultation where they are working directly with information owners, project managers, information system security managers or technical security practitioners to come up with the most cost effective strategy for applying security controls with a certain level of effort within a certain time constraint.   A good security engineer understands all these factors and make sure the decision makers are well informed.  As an SSE the last thing you want to do is a prima madonna and attempt to put security beyond the scope of the operational mission.  And don’t be a hero, even if you really care about the mission you must ALWAYS remember the risk is not yours to bear and neither is the decision of what security controls (if any) will be applied.

Tasks of a system security engineer  

System security engineers do system security related documentation such as system security plans, plan of action and milestones, security assessment reports and other supporting documentation.

A day in the life of a system security engineer might consist of attending configuration management meetings, meeting with system administrators to address new challenges, writing authorization packages, coordinating with other units to complete an authorization package, reading the latest change to a regulation or organizational standard, WRITING an organizational standard and in some cases they are actually doing security administration on some system.

CYBER System Security Engineer (CSSE)

With Dod 8140 and the cyber-ization of the every goddamn thing! I believe the new term will be CYBER System Security Engineer (CSSE) and in the past it was commonly refer to as an Information System Security Engineer (ISSE).

As stated above and SSE can be just about anything computer security related.  I have been a SSE and done nothing put paperwork but also been an SSE and done mostly installations of system security controls.  My former co-worker just got a position as an Information System Security Engineer (I/SE) and he will be doing all ArcSight admin stuff.

Filed Under: Information Assurance, information assurance degree online, Information Assurance Jobs, risk jobs Tagged With: entry level information assurance jobs, ia jobs, information assurance jobs, security engineer

Primary Sidebar

search

Learn to Make 6 Figures in CyberSecurity

Cyber Security How to make up to 6 Figures
6 figures in Cyber Security

This course explains how I have been able to consistently make 6 figures doing cyber security. There is a method that I have used during my development in cyber security. I am presenting that method to you.

View Course

Teleworking - IT Remote Work
Teleworking – IT Remote Work

Teleworking is something I have been doing for the last 5 years. This is how I did it.

Find Teleworking IT Jobs

View Course

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Implementation of security controls resources part 1
  • Convocourses Podcast: course update continuous monitoring and other issues
  • Convocourses Podcast: RMF Course Updates New & NIST-53a
  • ConvoCourses Podcast: Get Into IT from other fields
  • convocourses podcast: RMF Course Updates New NIST 800-53

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert
  • Disa Help Desk | VinHomesData.com on STIG Update – DISA has released the Oracle Java Runtime Environment (JRE) 8 STIG Version 1
  • Bruce Brown on DIARMF – Continuous Monitoring
  • dpresbit on DIARMF – Continuous Monitoring

Tags

8140 8570 ArcSight c&a CISSP colorado cyber cybersecurity cyber security denver DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce HBSS IA implement implementation info assurance information assurance information security ISSO job jobs Linux mcafee nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security SIEM STIG stigs unix VMWare windows

Copyright © 2021 · Author Pro on Genesis Framework · WordPress · Log in