Updates in Version 2.9 include the following additions: – NIST SP 800-53 revision 4 control IDs to CSV exports of STIGs and Checklists – Status to Checklist filters. – Ability to create filtered Checklists from STIG filter results. – Ability to filter on STIG names to the top of the STIGs list – FQDN (fully-qualified domain name) to Checklist CSV export.
For all STIG related questions, please contact the DISA STIG Customer Support Desk: disa.stig_spt@mail.mil
Interested in the Course:
https:/securitycompliance.thinkific.com
Title: Sr Software Engineer 1
Company: Rockwell Collins
Location: Sterling, VA
Description:
PLEASE NOTE:
-candidates must be US Citizens with the ability to obtain a secret clearance
-A SECRET CLEARANCE IS REQUIRED For this position.
-An Active Secret Clearance or a recently deactivated clearance(within the 24 months) is required
-4 year degree in an applicable STEM field REQUIRED
-contract to hire for the right candidate
https://www.youtube.com/watch?v=TZ8zfoRmVuI
Responsibilities:
-Capture and perform requirements analysis
-Further develop the architecture of software product designs
-Develop detailed software design specifications
-Modify/create engineering design documentation
-Review and critique peer engineering designs
-Present design to the customer during milestone events
-Provide accurate time estimates for the software development effort
-Debug and integrate software components
-Design, develop, implement, test, and debug real time software applications and associated user interfaces
-Support and enhance existing software products as necessary
Required Qualifications:
-BS degree in Computer Science or a STEM related degree.
-5 – 10 years of experience with full lifecycle software development, including:
—- Requirements analysis and deriving requirements
—- Object-Oriented Design using UML or SysML
—- Object-Oriented Development using C++
—- Unit testing
—- Source code control (Subversion, Git, ClearCase etc.)
-Comfortable with waterfall methodologies driven by customer milestones and deadlines.
-Ability to travel to customer site for debugging of issues (10% of the total project effort)
-Good written and oral communication skills
Desired Qualifications:
-Familiar with other programming languages (C, Ada)
-OS Experience: Windows 7, Windows 10, Linux or VxWorks
-Real-time programming
-Previous aircraft simulation software development a plus
-Experience with one or more of the following:
—Tactical Datalink (J-messages, K-messages, JREAP, IBS, Link-16)
—Simulated or real military radio communications
Regards
JacobSmith
E TalentNetwork
http://etalentnetwork.com
8251 Greensboro Drive Suite 250
McLeanVA
jacobs@etalentnetwork.com
703-261-7028 Ext.367
checkout the course:
https://securitycompliance.thinkific.com
vulnerability, #patching
Job Title: Vulnerability Management and Security Patching
Location: Santa Clara,CA / Austin, TX
Competencies:
Infra; Data Security – Client – Vulnerability Management
Essential Skills:
The Endpoint Security Engineer will support and maintain Applied Materials endpoints and security infrastructure globally. In this role, the candidate will primarily be responsible for Vulnerability Management and 3rd Party Patching. Duties: – Investigate or triage threats or vulnerabilities from various sources such as NVD, CVEs or 3rd party vendors such as Microsoft – Analyze and scan network / system for security vulnerabilities, configuration issues, including impact assessment, and relevant industry standards (e.g. CVE, CVSS, SCAP) – Identify/implement solution to remediate vulnerabilities and security risks – Responsible for patching software and hardware assets • Microsoft • 3rd party software • Firmware patching – Maintain a high patch compliance level
Role Description:
The Endpoint Security Engineer will support and maintain Applied Materials endpoints and security infrastructure globally. In this role, the candidate will primarily be responsible for Vulnerability Management and 3rd Party Patching. Duties: – Investigate or triage threats or vulnerabilities from various sources such as NVD, CVEs or 3rd party vendors such as Microsoft – Analyze and scan network / system for security vulnerabilities, configuration issues, including impact assessment, and relevant industry standards (e.g. CVE, CVSS, SCAP) – Identify/implement solution to remediate vulnerabilities and security risks – Responsible for patching software and hardware assets • Microsoft • 3rd party software • Firmware patching – Maintain a high patch compliance level
Experience (Years):
6-8
Desirable Skills
The Endpoint Security Engineer will support and maintain Applied Materials endpoints and security infrastructure globally. In this role, the candidate will primarily be responsible for Vulnerability Management and 3rd Party Patching. Duties: – Investigate or triage threats or vulnerabilities from various sources such as NVD, CVEs or 3rd party vendors such as Microsoft – Analyze and scan network / system for security vulnerabilities, configuration issues, including impact assessment, and relevant industry standards (e.g. CVE, CVSS, SCAP) – Identify/implement solution to remediate vulnerabilities and security risks – Responsible for patching software and hardware assets • Microsoft • 3rd party software • Firmware patching – Maintain a high patch compliance level
Thanks & Regards
Bajrang
Desk # 408-333-9221
500 East Diehl Road. Ste. 130 Naperville, IL
bajrang@enterprisesolutioninc.com
www.enterprisesolutioninc.com
check out my courses at:
http://securitycompliance.thinkific.com
the job
Job Title: Cyber Security Engineer
Location: Anaheim ,CA
Duration: Long Term Contract
Relevant Experience: 8+ Years.
Essential Duties and Responsibilities
• Evaluates current systems environments, conducts research, recommends, and implements innovative systems technology that can enhance the reliability, security with emphasis on cyber security technology, productivity, and agility of the IT infrastructure
• Identifies assets and assesses risks, threats, and vulnerabilities of the IT assets in accordance with accepted industry, professional, and government standards to ensure security design integrity, availability, confidentiality, non-repudiation and contract compliance.
• Identifies and recommends cyber strategies for technology development based on stakeholder requirements
• Drives security reviews, identifies gaps in security architecture and designs and recommends necessary security controls to be integrated within the development lifecycle
• Owns and documents the implementation of the security controls and creates auditable evidence of security measures
• Develops and recommends security controls, identifies key security objectives to maximize software and system security while minimizing disruption to plans and schedules
• Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation
• Actively recommends engineering solutions in collaboration with application owners to remediate inherent cyber security risks
• Leads the collection and analysis of benchmarks and metrics for the department to drive continuous improvement
• Perform ongoing performance tuning, hardware upgrades, and resource optimization, configure CPU, memory, and disk partitions as required.
• Install new and rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc. in accordance with standards and project/operational requirements.
Essential Education and Skills
Desired:
• Bachelor’s degree in Computer Science or related field, or equivalent work experience
• 6+ years of Information Technology experience, with at least 3 years of experience in information security working within security operations
• Certified Information Systems Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or equivalent
• Mastery of Cybersecurity best practices and standards (e.g. NIST, ISO, etc.)
• Mastery of computer networking concepts and protocols, and network security methodologies
• Mastery of cloud security concepts, including experience with public cloud (e.g. AWS, Microsoft Azure, etc.) and implementation experience
Knowledge, Skills, and Abilities:
• Significant experience performing analysis of log files from a variety of sources, to include individual host logs, network traffic logs, firewall logs, or intrusion prevention logs
• Experience monitoring threats via a SIEM console
• Deep knowledge of diverse operating systems, networking protocols, and systems administration
• Knowledge of Intrusion Detection/Prevention Systems
• Knowledge of Antivirus Systems
• Knowledge of commercial forensic tools
• Knowledge of common indicators of compromise and of methods for detecting these incidents
• Knowledge of TCP/IP Networking and knowledge of the OSI model
• Knowledge of OS management and Network Devices
• Solid working knowledge of SAN and NAS technology and VMWare
• Experience with Window systems administration – Domain Controllers, Active Directory, Sites and Services, File Server, GPO, DNS, SMTP, IIS etc.
• Experience with Power shell scripting
• Experience with SQL Server, Windows Virtualizations & Linux servers
• Excellent problem solving, critical thinking, and analytical skills – ability to de-construct problems
Thanks & Regards
Siva Kumar
Direct Line: 630-300-3850
Fax: 630-388-0066
Email: siva.kumar@olooptech.com
Oloop Technologies | Aurora, IL
Check out my course:
http://securitycompliance.thinkific.com
Job Title: Network Consultant
Location: Littleton, CO
Job Type:Fulltime(GC/Citizen/GC-EAD)
Role and Responsibilities:
Technical and Business Discussions with Enterprise Customers Team to understand the requirements and take their view on the target architecture
Prepare summary view of existing network
Understand existing LAN/WAN Architecture of Enterprise including Point to Point, MPLS Links, Internet Links, Cloud Connectivity, Redundancy, QoS, Security
Understand the Application Traffic Pattern
EOS/EOL Device Assessment
Next Generation Technology Adoption Possibilities such as SD-WAN, Virtualisation, VNFs and Wireless LAN
Prepare a business case for SD-WAN and other technology adoptions including financial, technical and operational benefits
Designs to cover Next Generation technologies in SD-WAN, LAN, Wireless LAN, Security, Branch in a Box
Skills:
Seasoned Networking Professional with broader and deeper technology coverage:
Experience in Network Design, Implementation and troubleshooting
Knowledge of Routing Protocols and Hardware Platforms to include BGP, OSPF, EIGRP, TCP/IP, IP Routing on Cisco & Juniper
Advanced knowledge of all Ethernet/LAN Technologies
Security and Security-related systems including Firewall/IPS/IDS from Multiple Vendors such as Palo Alto, Cisco, Juniper, Citrix
Secondary Skill
Exposure to MPLS Networks would be a Plus
Any exposure to SD-WAN architecture, implementation, troubleshooting would be a Plus
Valid Cisco/Juniper Certifications will have added advantage”
interested in knowing how I get these opportunities:
https://securitycompliance.thinkific.com
helpdesk
Interested in the job:
Title: Helpdesk Specialist
Location: Fort Irwin, CA
Clearance: Secret (Willing to process for Top Secret)
Willing to take Windows Cert
https://www.youtube.com/watch?v=xCHRrGketss
Duties
Diagnosing and resolving problems in response to customer reported incidents.
Researching, evaluating, and providing feedback on problematic trends and patterns in customer support requirements.
Developing and maintaining problem tracking and resolution databases.
Installing, configuring, troubleshooting, and maintaining customer hardware and software.
Managing customer service requirements in Remedy.
Developing customer support policies, procedures, and standards.
Please see if you could share the following information:
Rate Expectations:
Current Location:
Willing to relocate:
Availability to start:
Best time to reach:
Clearance(Active/Inactive):
Certification (Active/Inactive):
If interested please contact at 703-687-6627 Ext:295, in case I miss you call please text at (571) 494-8182 or send an email at jennifers@etalentnetwork.com with your availability and I will surely call you back.
Check out the courses at: https://securitycompliance.thinkific.com
Here is the POAM template I was looking at:
https://www.fedramp.gov/developing-a-plan-of-actions-milestones/
https://www.fedramp.gov/assets/resources/templates/FedRAMP-POAM-Template.xlsm
PM-4 PLAN OF ACTION AND MILESTONES PROCESS
The organization:
a. Implements a process for ensuring that plans of action and milestones for the security program and associated organizational information systems:
Are developed and maintained;
Document the remedial information security actions to adequately respond to risk to organizational operations and assets, individuals, other organizations, and the Nation; and
Are reported in accordance with OMB FISMA reporting requirements.
b. Reviews plans of action and milestones for consistency with the organizational risk management strategy and organization-wide priorities for risk response actions.
Required Clearance: Secret / Top Secret
Required Certifications: IAT level III Certification.
Required Experience: Five (5) years of experience in IT security, including A&A and/or IT security risk analysis, preferably in support of the Federal Government
Skills:
· Managed team of people.
· Knowledge of Federal Government SA&A practices and policies, particularly FISMA and NIST.
· Must be motivated and results oriented.
· Effective written and oral communication skills.
· Previous Federal Government or National Archive experience a plus
Role:
Provide subject matter expertise in the provision of information assurance (IA) support for certification and accreditation (C&A), DIACAP or RMF accreditation package and artifact generation, requirements analysis, security test and evaluation (ST&E) plans and execution, risk assessments, systems analysis and hardening, incident response and policy analysis, trusted product evaluations, IA program assessments, and security posture presentations. Provide analytical support for the development and submission of C&A documentation in compliance with the DIACAP or RMF requirements. Apply knowledge of technology, analyze the security implications of systems and applications security, and provide recommendations to decision-makers and engineers. Provide experience-based advice and assistance to facilitate C&A efforts.
Please provide the following information
Current Salary:
Salary Expectation:
Full Name:
Contact No:
Best time to call you:
Email address:
Current Location:
Relocation:
Availability:
Visa status:
Clearance:
Thanks & Regards,
Terry Dean
Sr. Technical Recruiter- Federal
E-Talent Network
#sextortion has been popping up in my emails lately. It is where scammers use a compromised password to scare you into giving them money. The scare you by telling you that they have some sexual dirt on you.
They tell you they are going to send nude images of you, or evidence of your going to porn sites. They say that they will send this to friends and family unless you give them bitcoin.
This is not real: Don’t give them money Don’t respond Change and accounts with that password