Tag Archives: security

STIG windows 10

Microsoft Windows Defender Antivirus STIG V1R1

STIG Update – Microsoft Windows Defender Antivirus STIG V1R1


DISA Risk Management Executive has released the Microsoft Windows Defender Antivirus Security Technical Implementation Guide (STIG) Version 1 Release 1. The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/app-security/antivirus/Pages/index.aspx.

 

Security Roles and Responsibilities

There are hundreds of different roles & responsibilities in the IT Security career field alone. Here are some of the common types that I have seen:

Information System Security Manager – coordinate with the system owner and the information system security officer to ensure security is on the systems.
Information System Security Officer – coordinate with management and system administrators to implement system security controls. Ensures security controls are tracked and documented.
System Administrator – applies technical functionality and security on information systems.
Architect – assists in the design of enterprise information systems.
Security Analyst – review the logs of information systems to determine if there are any malicious activities happening.
Auditors – review the information systems to make sure the security controls are applied, documented and continuously monitored.

Air Force Network Technician location Gunter AFB Montgomery

Full Time Position Immediate Interview Need Network Technician location Gunter AFB Montgomery, AL with Air Force

Conduct network security monitoring and intrusion detection analysis for the NIPRNet and SIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas:
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
Thanks & Regards,
Harpal Singh
Technical Recruiter
22nd Century Technologies Inc. (TSCTI)
8(a) / SDB | CMMI level 3 Certified
Help Desk Specialist in Honolulu

Need Help Desk Specialist in Honolulu, HI with US Army

Job title :Help Desk Specialist
Location: Honolulu, HI
Client : US Army
CLEARANCE: SECRET
Description
  • The contractor shall provide service execution to CLIN conversion within two (2) business days.
  • The contractor shall provide service management to EITSMS processing within one (1) business day.
Contractor will implement and operate an IT Infrastructure Library (ITIL)-based service desk to provide the HQ a single assured point of contact for all Automated Data Processing (ADP) hardware, software, and networking problems; for service requests, to include new systems, major modifications to existing systems and entry points for emerging technologies. Also maintains service catalogs, an approved product list, and
a knowledge base for Service Desk operations. Adhere to HQs policy of using Information Technology Requests for all maintenance requests. Documents all users’ trouble calls and coordinates all software maintenance changes with government leads while ensuring project maintenance logs are maintained and reviewed.
Special Qualifications:
  • experience using Microsoft Office tools (Word, PowerPoint, Excel, and Outlook)
  • Security+ Certification
Thanks & Regards,
Kartik Jain
Technical Recruiter
Security+Certified

Should You Get a Comptia Security+ IT Certification

The Comptia Security+ IT certification is a very good certification for IT professionals getting into IT security and for IT security professional that have been doing cyber security for a while.  If you already have a high-level security certification (i.e. CISSP, CISM,CISA,CASP) I would say the Security+ is not necessary, because those certs already cover everything in the Security+ and more.  But if you don’t have any general security certs then you should definitely get it.

What are the benefits:

It is a well known certification that lets employers know that you are more than familiar with security best practice.

Having the Security+ alone is enough to get a job or a raise in some situations.

If you are unfamiliar with all the security best practices it is a great start in getting to know an important body of knowledge.

It is 8570/8140 compliant.

 

For more information on the Security+: https://certification.comptia.org/certifications/security

Exam Codes SY0-401
Launch Date May 1, 2014
Exam Description CompTIA Security+ certification covers network security, compliance and operation security, threats and vulnerabilities as well as application, data and host security. Also included are access control, identity management, and cryptography.
Number of Questions Maximum of 90 questions
Type of Questions Multiple choice and performance-based
Length of Test 90 Minutes
Passing Score 750 (on a scale of 100-900)
Recommended Experience CompTIA Network+ and two years of experience in IT administration with a security focus
Languages English, Japanese and Portuguese
Retirement TBD – Usually three years after launch.
Price $3​11.00 USD (See all pricing)
dod 8570 chart
dod 8570 chart
IT Admin Technical Lead location Lackland AFB, San Antonio TX

Full Time Position Need IT Admin Technical Lead location Lackland AFB, San Antonio TX

Position:                              IT Admin
Duration:                             Full Time
Location-                             Lackland AFB, San Antonio, TXSecurity Clearance: Active Top Secret clearance or higher
PRIMARY DUTIES:
–  Conduct network security monitoring and intrusion detection analysis for the NIPRNet and SIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas:
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
Thanks & Regards,
Harpal Singh
Technical Recruiter
22nd Century Technologies Inc.(TSCTI)