• Skip to main content
  • Skip to primary sidebar

ConvoCourses

Cyber Security Compliance and IT Jobs

  • Cyber Security Training
  • about me.
  • Information Assurance Jobs
  • Log in

windows

Job position for DIACAP Compliance Engineer at Tarrytown, NY

June 29, 2018 by cyberaware2 Leave a Comment

Role: DIACAP Compliance Engineer
Location: Tarrytown, NY
Duration: 6+ months

Keywords: – STIG, TFS, DevOps, Windows Imaging WIX, MSI, PowerShell, Anti-Virus, Whitelisting

Job Description:
Background
Source code management (SCM) & DEVOPS team (Infrastructure Team) manages the entire continuous integration, continues development chain process of a global Engineering conglomerate.
Application is developed using Microsoft technology C#, C++, WPF, MVVM and custom control on Windows-7 platform. The backbone of the entire SCM is Microsoft TFS while the packaging strategy is utilizing MSI and WIX. The current build management is driven by customized XMAL with PowerShell usage. Now the plans are to move to VNEXT that provides flexibility as an orchestrator and allows better reporting, triggering and logging facility.
The Goal of this team is to make the entire infrastructure to be in compliant with DIACAP (DoD Information Assurance Certification and Accreditation) process

Expectations – The team is looking out for Engineers who can augment the current team and support on following tasks
This means the identified engineer needs experience in DIACAP process (not knowledge) on how the system could be transformed to be DIACAP compliant system.
• Experienced in the Security Technical Implementation Guide (STIG) that provides security guidance for .NET deployments in workstations or servers and focuses on the secure configuration of the .NET Common Language Runtime (CLR).
• Identify loopholes and open items as part of IIS 7.0 Web Server to ensure that the IIS 7.0 becomes STIG compliant and thus related request handling and filtering are done in control manner and encryption is applied for protocols or data exchange for HTTP, FTP or telnet and more of such tasks etc.
• Ensuring the basic need of McAfee VirusScan 8.8 Managed Client STIG that highly suggests to have antivirus to be monitoring 24*7 along with no possibility of stoppage of such services and availability of antivirus signed files almost every day
• Ensure security enablement in Microsoft Internet Explorer 11 client used on Windows-7 workstations like script execution, popup restrictions as needed and stoppage of unsigned ACTIVEX controls
• Experience in interpreting STIG scans that reflect results on periodic basis.
• Experience in working on adding check and controls in build management system that automates scans ensure STIG compliance.

Soft Skills
• Good Team Player
• Good Written and verbal communication skills
• Customer facing experience would be added advantage

www.enterprisesolutioninc.com Pradyut Bhattacharya
Enterprise Solution Inc.
500 E. Diehl Road, Suite 130, Naperville, IL 60563
Office: # 630-214-9485

Filed Under: cyberspace workforce, DIACAP, DIARMF Jobs, Information Assurance Jobs, IT Security Jobs, risk jobs, STIGS Tagged With: DIACAP, DIARMF, job, PowerShell, risk management frameworkd, rmf, rmf jobs, Source code management (SCM), STIG, windows, writing

STIG Update – IIS 8.5 Ver 1

February 6, 2018 by cyberaware2 Leave a Comment

STIG Update – IIS 8.5 Ver 1

Windows ISS is Internet Information Services (IIS). It is a flexible, general-purpose web server from Microsoft that runs on Windows systems to serve requested HTML pages or files.

DISA has released the IIS 8.5 STIG Ver 1. The requirements of the STIG become effective immediately.

The STIG is available on IASE at https://iase.disa.mil/stigs/app-security/web-servers/Pages/iis.aspx.

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Filed Under: STIGS Tagged With: iss8.5, STIG, windows, windows iss

Microsoft Windows 10 STIG – Version 1 Release 11

January 16, 2018 by cyberaware2 Leave a Comment

STIG Update – Microsoft Windows 10 STIG – Version 1 Release 11
DISA Risk Management Executive has updated the Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1 Release 11. The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/os/windows/Pages/win10.aspx.

For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Filed Under: STIGS Tagged With: DISA STIG, STIG, windows

Windows 10 Support Dates and Information

December 15, 2017 by cyberaware2 Leave a Comment

STIG Update – Windows 10 Support Dates and Information
Every Windows product has a lifecycle. The lifecycle begins when a product is released and ends when it’s no longer supported. Knowing key dates in this lifecycle helps you make informed decisions about when to upgrade or make other changes to your software. Below are the dates for Windows 10 lifecycle support:

Windows 10 version 1507 – May 9, 2017
Windows 10 version 1511 – April 2018 patch Tuesday for Enterprise version only
Windows 10 version 1607 – Tentatively March 2018
Windows 10 version 1703 – Tentatively September 2018

It is recommended upgrading to the latest released version.

Refer to this link for additional information: https://support.microsoft.com/en-us/help/13853/windows-lifecycle-fact-sheet.

Filed Under: STIGS Tagged With: STIG, window 10, windows

Microsoft Windows Defender Antivirus STIG V1R1

October 3, 2017 by Bruce Brown Leave a Comment

STIG Update – Microsoft Windows Defender Antivirus STIG V1R1


DISA Risk Management Executive has released the Microsoft Windows Defender Antivirus Security Technical Implementation Guide (STIG) Version 1 Release 1. The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/app-security/antivirus/Pages/index.aspx.

 


For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Filed Under: STIGS Tagged With: disa, ms, security, STIG, windows

STIG Update – Microsoft Windows 10 STIG – Version 1 Release 10

September 12, 2017 by Bruce Brown Leave a Comment

STIG Update – Microsoft Windows 10 STIG – Version 1 Release 10


DISA Risk Management Executive has updated the Microsoft Windows 10 Security Technical Implementation Guide (STIG) Version 1 Release 10.  The requirements of the STIG become effective immediately. The STIG is available on IASE at https://iase.disa.mil/stigs/os/windows/Pages/win10.aspx.


For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil

Filed Under: diarmf - implement, STIGS Tagged With: disa, STIG, windows, windows 10

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Primary Sidebar

search


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book


This book is an overview of how the NIST SP 800-37 risk management framework works from the perspective of an information system security officer (ISSO).

also available on Amazon!

View Book

NIST RMF 800-37 templates
Free 800-37 templates

The NIST 800 Template download contains a .doc file template and xls templates for POAMs, Federal, State, cloud based and a legacy template as well as resources where you can find more on NIST 800-37 documents for your use.

View Book

Learn to Make 6 Figures in CyberSecurity

RMF ISSO Foundations Training
RMF ISSO Foundations Training

RMF ISSO Foundations

I was an Information System Security Officer (ISSO) doing Risk Management Framework (NIST SP 800-37) for over a decade. I am a Cybersecurity veteran and I can explain (in plain English) what you DO in the Risk Management Framework process as an ISSO.

View Course

NIST SP 800-37 Presentation
NIST SP 800-37 Presentation

View Course

login

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Posts

  • Convocourses Podcast: Plan of Action and Milestone
  • Start with These IT Certifications (Part 1)
  • How to Tailor Security Controls in NIST 800
  • #cybersecurityjobs are recession proof
  • What IT Certifications for Information Security (part 2) (8140)

Meta

  • Register
  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

Recent Comments

  • http://Www.Finance.Ipt.Pw/ on SRG/STIG Applicability Guide and Collection Tool Update
  • Elsa7 on ConvoCourses podcast: Cyber Security day to day activity
  • Tony on STIG Update – DISA has released the Microsoft SQL Server 2016 STIG Version 1
  • horloge on SCAP Compliance Checker SCC)
  • 218 Information assurance Success Criteria – ITSECURITYSURVIVAL.COM on Information Assurance Vulnerability Alert

Tags

8140 8570 ArcSight c&a CISSP convocourses cyber cybersecurity cyber security DIACAP DIARMF diarmf - implement disa DISA STIG dodd 8140 dodd 8140 cyberspace workforce IA implement implementation info assurance information assurance information security ISSO IT it jobs it jobs in usa job jobs Linux mcafee network nist nist risk management framework nist risk management framework 800-37 podcast risk risk assessment risk management risk management framework rmf security STIG stigs unix windows


This is a breakdown of each of the NIST 800-53 security control families and how they relate to each step in the NIST 800-37 risk management framework process.

also available on Amazon!

View Book

Copyright © 2023 · Author Pro on Genesis Framework · WordPress · Log in