-This position requires US Citizenship with a current DoD Secret Clearance -4+ years of experience directly related to Linux System Administration in a sustainment environment; strong background in Red Hat Enterprise Linux (RHEL 5/6)
-VMware Horizon, VApps, VMware vSphere Clusters and vCenter Servers -Basic Network Administration knowledge utilizing CISCO -Understanding of Storage Area Network concepts (SAN) and Network Attached Storage (NAS) -Knowledge of patch management tools such as RPM and YUM package management, Red Hat Satellite. -Experience in COTS/GOTS/FOSS software installations -Background in applying STIG settings to each product or underlying OS
Plusses
-scripting languages such as Powershell and PowerCLI, Bash, Ruby, and Python
-automation tools such as Chef, Puppet, SaltStack
-Knowledge of storage systems such as EMC VNX
-Knowledge of Active Directory services, LDAP
Day-2-Day *
This position is responsible for troubleshooting, maintaining and implementing solutions to optimize the infrastructure operations. The candidate will be responsible for designs, implements, codes, tests, documents, and maintains systems integration solutions.
Bachelor’s degree in a related specialized area or equivalent is required plus a minimum of 8 years of relevant experience; or Master’s degree plus a minimum of 6 years of relevant experience.
Knowledge Skills and Abilities: Senior Splunk Administrator Advanced knowledge of backend operating systems to implement, maintain, configure, and remediate issues (UNIX/Linux/Windows) Knowledge of operating systems and networking. Understanding of SIEM & logging fundamentals. Understanding of SOC Monitor and Response fundamentals. Experience in any type of SIEM – Splunk, Arcsight, Log Rhythm, etc. Experience with implementation of SIEM products and tools. Understanding of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix Knowledge of applications, databases, middleware to address security threats against the same. Proficient in preparation of reports, dashboards and documentation Excellent communication and leadership skills Ability to handle high pressure situations with key stakeholders Good Analytical skills, problem solving and Interpersonal skills Working knowledge and experience with MS office with proficiency in Excel Preferred degree types and experience: The leading candidate will have a Bachelor’s Degree in Computer Science, a related field, or equivalent experience. with a minimum of 5 years of experience in a SOC, or an Associates Degree in Computer Science, Information Systems, Cyber Security, or related discipline with a minimum of 7 years of experience in a SOC. Strong candidates will have previous experience working with users; possess a talent for problem-solving as well as organization and time management skills.
This Job is gone now but here is some info on it:
We have a new opening for Senior Advanced Test Engineer in Scottsdale, AZ. This is an onsite permanent position with benefits, $130K in salary, with relo assistance provided. Active Top Secret clearance is required. To be considered, testing experience with hardware, RF, or SIGINT systems is required. https://www.youtube.com/watch?v=s02-9K2q87c
NIST Special Publication 800-53, Revision 5
Security and Privacy Controls
Final Public Draft: October 2018
Final Publication: December 2018
Source: https://csrc.nist.gov/projects/risk-m…
NIST Special Publication 800-53A, Revision 5
Assessment Procedures for Security and Privacy Controls
Initial Public Draft: March 2019
Final Public Draft: June 2019
Final Publication: September 2019
There are 6 major objectives for this update—
-Making the security and privacy controls more outcome-based by changing the structure of the controls;
-Fully integrating the privacy controls into the security control catalog creating a consolidated and unified set of controls for information systems and organizations
-Separating the control selection process from the actual controls: systems engineers, software developers, enterprise architects; and mission/business owners
-Promoting integration with different risk management and cybersecurity approaches and lexicons, including the Cybersecurity Framework
-Clarifying the relationship between security and privacy to improve the selection of controls necessary to address the full scope of security and privacy risks https://www.youtube.com/watch?v=hWWILCZbDho
Course site: https://securitycompliance.thinkific.com I am thinking of doing a course on how to make 6 figures in IT Security. What do you think? Is this something you would be interested in? This is something I know a lot about. I would explain:
The landscape of IT Security
Career paths in IT Security
How to choose the right path
How to prepare for that path
What kinds of IT security jobs make 6 figures
What places and companies pay 6 figures
What certifications, degrees and experience you need to start
How to build a bad ass IT security resume
where to post it how to respond once offers start coming in
I get people contacting me every week about jobs all around the US! Today, I am going to show you a couple that I received recently. I hope that it will give you some idea of what employers and contracts look for in security compliance professionals.
What is payment card industry PCI data security standard DSS?
I got the chance to talk to a Payment Card Industry (PCI) professional. James is in the PCI IT industry and tells about it from inside the field. It is a great opportunity to learn about this growing career path. We talked about how the PCI security standard compares to the Risk Management Framework. Here are some of the resources we talked about: https://www.pcisecuritystandards.org/… https://www.pcicomplianceguide.org/ Enroll to learn MORE on security compliance: https://securitycompliance.thinkific.com
This is an overview of NIST 800-37 Revision 2. I discuss the changes, the sources and Cybersecurity Framework.
NIST Special Publication 800-37, Revision 2
Risk Management Framework for Security and Privacy
Initial Public Draft: May 2018
Final Public Draft: July 2018
Final Publication: October 2018
Source of Changes:
President’s Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure
Office of Management and Budget Memorandum M-17-25 – next-generation Risk Management Framework (RMF) for systems and organizations
NIST SP 800-53 Revision 5 Coordination
