close

Risk Management For DoD IT

Risk Management For DoD IT

STIG Update – DISA has released the Oracle Java Runtime Environment (JRE) 8 STIG Version 1

Defense Information Systems Agency (DISA)

DISA has released the Oracle Java Runtime Environment (JRE) 8 STIG Version 1. The requirements of the STIG become effective immediately.  The STIG is available athttp://iase.disa.mil/stigs/app-security/app-security/Pages/index.aspx.


For all STIG related questions, please contact the DISA STIG Customer Support Desk:disa.stig_spt@mail.mil


Update your subscriptions, modify your password or e-mail address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visitsubscriberhelp.govdelivery.com. All other inquiries can be directed to subscriptions@disa.mil.

 

read more
Risk Management For DoD IT

STIG Update – DISA has approved the signed Cloud Computing Security Requirements Guide v1r2 for public release

no thumb

DISA has approved the signed Cloud Computing Security Requirements Guide v1r2 for public release. The requirements in this SRG become effective immediately except for those CSPs currently being assessed under v1r1.  The SRG is available on IASE at:http://iase.disa.mil/cloud_security/Pages/index.aspx

DoD Cloud computing policy and the CC SRG is constantly evolving based on lessons learned with respect to the authorization of Cloud Service Offerings and their use by DoD Components. As such the CC SRG is following an “Agile Policy Development” strategy and will be updated quickly when necessary. In support of this strategy, DISA is offering a continuous public review option by accepting comments on the current version of the CC SRG at any time. Please use the comment matrix posted along with the SRG.  We would appreciate it if your comments are limited to critical issues and omissions or recommended coverage topics.

Submit all comment matrices and questions to disa.stig_spt@mail.mil


For all STIG related questions, please contact the DISA STIG Customer Support Desk:disa.stig_spt@mail.mil

read more
Risk Management For DoD IT

Project WON Need IT Admin In Lack land AFB TX or Montgomery AL With Federal Agency

no thumb
 Title                                    IT Admin/Security Analyst   
Position:                              1
Location:                            Montgomery, AL Gunter AFB AL
SECURITY ANALYST
 PRIMARY DUTIES:
–  Conduct network security monitoring and intrusion detection analysis for the NIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Compile suspicious events records and other artifacts as part of its Monthly Operational Report.
–  Provide pass-on information to bring incoming crews up to speed on latest suspicious traffic seen from a given port, IP, etc.
–  Coordinate with the Crew Commander for authorization before departing after pass-on to incoming shift.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
–  Provide focused DCO, tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises.
–  Must be willing to receive additional training and maintain position qualification to perform assigned duties, as required
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas: IP addressing and domain name service; network components; Transmission Control Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP); and understand the network Open Systems Interconnection (OSI) model
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
Active TS/SCI
Must be able to work shifts as required
Position: NIPRNet and SIPRNet Admin
Location: Lack land AFB, San Antonio, TX
Active Top Secret clearance required
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
PRIMARY DUTIES:
–  Conduct network security monitoring and intrusion detection analysis for the NIPRNet and SIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas:
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
Ankush Jamalta
Team Lead
22nd Century Technologies Inc.
(Minority, 8(A) & GSA Schedule 70 Company) CMMi Level 3, ISO 9001:2008 and SBA certified 8(a)
SDB 1 Executive Drive, Suite 285 Somerset New Jersey , 08873
read more
Risk Management For DoD IT

Position for IT Admin in San Antonio TX

no thumb
Position: IT Admin
Location: Lackland AFB, San Antonio, TX
Duration: Full Time
Active Top Secret clearance required
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
PRIMARY DUTIES:
–  Conduct network security monitoring and intrusion detection analysis for the NIPRNet and SIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas:
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
Thanks & Regards
Vandana
Team Lead
22nd Century Technologies
(Minority, 8(A) & GSA Schedule 70 Company)
CMMi Level 3, ISO 9001:2008 and SBA certified 8(a) SDB
Email:

vandanav@tscti.com

read more
DIARMF JobsInformation Assurance JobsRisk Management For DoD IT

Remote Program Manager Monterey CA Naval Research Laboratory Department of the Navy

Remote Program Manager Monterey CA Naval Research Laboratory Department of the Navy
Given below is the job details:
Agency:                                Naval Research Laboratory, Department of the Navy
Position:                              Program Manager
Duration:                             Long Term 100%Remote             
Location:                             100% Remote Support to Monterey, CA

Job Description
Secret Security Clearance or Higher required for this job.
•             At least ten (10) years of experience in technical management of DoD IT contracts.
•             A bachelor’s degree in Business Administration, Computer Science or in a related technical field such as engineering or science, or equivalent experience.
Thanks & Regards,
Harpal Singh
Technical Recruiter
22nd Century Technologies Inc.(TSCTI)
22nd Century Technologies Inc. is an Equal Employment Opportunity and Affirmative Action employer.
8(a), SDB, MBE, CMMi3, ISO 9001:2008, ISO 20000-1:2011, ISO 27001:2005 Certified
read more
DIARMF Jobsrisk jobsRisk Management For DoD IT

Project Awarded Required NIPRNet and SIPRNet Admin in Lack land AFB, San Antonio, TX

lackland siprnet niprnet
Position: NIPRNet and SIPRNet Admin
Location: Lackland AFB, San Antonio, TX
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
PRIMARY DUTIES:
–  Conduct network security monitoring and intrusion detection analysis for the NIPRNet and SIPRNet using the AF’s selected IDS/IPS toolset
–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.
–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.
–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.
–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.
BASIC QUALIFICATIONS:
–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas:
EDUCATION REQUIREMENTS:
–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)
–  CND Certification (GCIA, CEH, GCIH).
read more
1 2 3 4 12
Page 2 of 12