Information Assurance

cyberspace workforceDIARMFInformation AssuranceNIST Security Frameworkrisk jobsroles

IT Security Career Risk Management Framework

no thumb

So you want to get into Information Technology? Well what do you want to do in IT because there are many different branches of it. I would suggest going into IT security, specifically, Risk Management Framework. It is a very specialized field.

You will need to know the fundamental of IT security. The basics on what goes into securing important data and their hardware. You will also need to have at least a little knowledge of technology and its history. You will need to know a LOT about NIST SP 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems”. You will need to dive into NIST SP 800-53, “Security and Privacy Controls for Federal Information Systems and Organizations”.

Since not many people want to do this work, or even know about it, there is not much competition. They are always looking for qualified people to do it. What you will need is a 4 year degree (preferably in something technical), an IT certification in security (Security+, ISC2 CAP, CISSP, CASP, CISM,CISA) and a lot of knowledge on NIST 800-37.

 

read more
certification & accreditationDIACAPDIARMFInformation AssuranceRisk Management For DoD IT

What is Risk Management Framework NIST 800 37

diarmfs cyber security

Risk Management is being aware of and taking actions to prepare for probable unfavorable outcomes.

Risk Management Framework is a process the implement risk management in an organization.

There are (6) steps to the RMF:
1. Categorize
2. Select
3. Implement
4. Assess
5. Authorize
6. Continuous Monitoring

More on the Risk Management Framework Steps here:

risk management framework steps

read more
cyberspace workforceDIARMF JobsInformation Assurance Jobsrisk jobs

Full Time Position Immediate Interview Need Network Technician location Gunter AFB Montgomery, AL with Air Force

Air Force Network Technician location Gunter AFB Montgomery
Conduct network security monitoring and intrusion detection analysis for the NIPRNet and SIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas:
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
Thanks & Regards,
Harpal Singh
Technical Recruiter
22nd Century Technologies Inc. (TSCTI)
8(a) / SDB | CMMI level 3 Certified
read more
cyberspace workforceDIARMF JobsInformation Assurance Jobsrisk jobs

Need Help Desk Specialist in Honolulu, HI with US Army

Help Desk Specialist in Honolulu
Job title :Help Desk Specialist
Location: Honolulu, HI
Client : US Army
CLEARANCE: SECRET
Description
  • The contractor shall provide service execution to CLIN conversion within two (2) business days.
  • The contractor shall provide service management to EITSMS processing within one (1) business day.
Contractor will implement and operate an IT Infrastructure Library (ITIL)-based service desk to provide the HQ a single assured point of contact for all Automated Data Processing (ADP) hardware, software, and networking problems; for service requests, to include new systems, major modifications to existing systems and entry points for emerging technologies. Also maintains service catalogs, an approved product list, and
a knowledge base for Service Desk operations. Adhere to HQs policy of using Information Technology Requests for all maintenance requests. Documents all users’ trouble calls and coordinates all software maintenance changes with government leads while ensuring project maintenance logs are maintained and reviewed.
Special Qualifications:
  • experience using Microsoft Office tools (Word, PowerPoint, Excel, and Outlook)
  • Security+ Certification
Thanks & Regards,
Kartik Jain
Technical Recruiter
read more
cyberspace workforceDIARMF JobsInformation Assurance Jobsrisk jobs

Need Information Systems Security Officer in Herndon, VA

Need Information Systems Security Officer in Herndon, VA
Information Systems Security Officer

Location: Herndon, VA
Duration: 1 year
US Citizenship Required –  Public Trust or Secret Clearance Tier III
Summary• Advises key technical personnel of system regarding design, engineering and compliance requirements
• Advises key stakeholders of security posture and risks associated with the system
• Reviews configurations changes for the system and the impact of changes
• Creates, manages and facilitates NIST based security documentation and controls
• Identifies, manages and facilitates remediation of security weaknesses

Job Responsibilities/ Duties:
• Develop, consult, implement controls and documentation for the security of the system. This includes: outlining system operating environment, overall mission, physical diagrams, hardware and software inventories, configuration management, type of data processed, user organizations, security classifications, operating modes, interconnections to other systems/networks, security personnel, and other associated responsibilities.
• Oversee, develop, improve and maintain the overall security posture of the system; that includes: Information System Security Plans, Risk Ratings, Contingency Plans, Security Assessments, and Contingency Plan Tests and other associated documentation.
• Participate in the development or revision of security controls of the system and local operating procedures that are based upon regulatory, policy and industry requirements.
• Act as a consultant to system owners for the security of the system and system documentation. For example, security incident reports, equipment/software inventories, operating instructions, technical vulnerability reports, and contingency plans
• Provide expertise in classified and unclassified ratings to customers.
• Work closely with technical teams for successful Certification & Accreditation of the system that leads to ATO
• Attend ISSO training courses and sessions as required
• Perform interpretations of monthly vulnerability scan results of assigned systems

Required Training:
Senior Level IT Security Certifications (CCDP, CCNP Security, CISSP, CISM, etc.)
Education/Equivalent Training Required: Bachelor’s Degree or equivalent experience will be evaluated
Unique/Additional /Experience (Position Specifics):
Expert knowledge of FISMA and NIST Special Publications
Experience implementing, assessing and managing security controls for federal IT systems
Expert knowledge of IT security best practices
Expert knowledge of current IT security threats
Broad knowledge of IT technologies and operations
Ability to develop good working relationships with customers, colleagues and other stakeholders.
Excellent verbal and written communication skills
Ability to handle and prioritize multiple simultaneous systems, projects and other assignments.
Experience leading information security teams
Knowledge of HIPAA, FedRAMP, PCI, ISO and other standards
Location(s): District of Columbia (Metro Area),
Department: IT Security
Keywords: Certification and Accreditation, C&A, A&A, SA&A, FISMA, compliance, information assurance, ISSO, AISO, ISO, IASO and ISSM
Comments: US Citizen, US Government Suitability Determination and DoE Q Security Clearance is a Plus

Thanks & Regards,
Kartik Jain
Technical Recruiter
read more
cyberspace workforceDIARMF JobsInformation Assurance Jobsrisk jobs

Cyber Security Analyst / Information Assurance Analyst with Security+ CE in Monterey, CA with Defense Language Institute

Security Analyst in Monterey CA with The DLI
Agency:                                DLI (Defense Language Institute) 
Position:                              Cyber security / Information Assurance Analyst
Duration:                             Full Time
Location-                             Monterey, CAJob Description:
Security+CE certification Must!
Duties may include:
•             Support an Information Systems Security, Education, Training, and Awareness Program.
•             support implementation and enforcement of Information Security Policies and Procedures.
•             Review and update all Information Systems Security Plans/SSPs and support certification and accreditation efforts.
•             Provide technical support in the areas of vulnerability assessment, risk assessment, and security implementation.Technical Skills:
Information Assurance
HBSS
ACAS
STIG
Retina, MacAfee
Thanks & Regards,
Harpal Singh
Technical Recruiter
22nd Century Technologies Inc.(TSCTI)
read more
1 2 3 14
Page 1 of 14