Job Description :

Configure custom IT security policies, manage and maintain operational availability of networked devices by using a variety of security applications and systems in cloud or on prem network environments.

This position is for a role that requires candidates to work onsite in a hybrid model.

Experience in the field of Information Systems Security required.
SIEM - Google Chronical
Web Filtering Tool - Zscaler ZIA
Firewall - Firewall rules, subnet, ports

1. Significant Experience with Google Chronical, McAfee SIEM to
(a) Configure and implement rules, data sets, APIs, third party cloud API integration to facilitate ingestion of logs sources like o365, Azure AD, AWS (b) Migrate and implement McAfee SIEM log data sets to Google Chronical (c) Configure IOC, and alerts (d) Conduct searches raw logs, Investigate alerts, assets, domains, users, IPs, files, Google Cloud Threat Intelligence (GCTI). (e) Configure and monitor events using rules, and run rules against historical data (f)Working experience with YARA-L language

2. Experience with Firewall and Firewall rules, IP addressing, subnets, ports and VPN.
(a). Configure and implement firewall rules (b). Audit firewall rules and network segmentation. (c). Verify and Submit firewall rule requests

3. Experience with Web filtering tool specifically with Zscaler (ZIA), and Cisco Umbrella
(a). Implement new web filtering solution Zscaler ZIA (b) Test, verify and implement policies, create groups, grand access to groups.

4. Experience with NextGen Antivirus Crowdstrike to investigate, and remediate incidents, alerts, IOCs, and IOAs.

5. Experience with AD, GPOs, Security groups, Windows Servers, Desktop OS.

6. Experience in the field of Information Systems Security required. Analyst must have working knowledge of relevant FISMA/NIST information security regulations and guidelines.

7. Working knowledge of IT Security Best Practices regarding (a) networks and networking including protocol analysis, anomaly detection, and troubleshooting

Job Type: Contract

Salary: $73.00 - $75.00 per hour

Experience level:

1 year
Schedule:

8 hour shift

Work Location: One location

Speak with the [phone number]

Job Description:

Short Description:
Information Assurance and Security Specialist Master

Hybrid position - Must be willing and able to report on-site to DC offices 1x every 2 week period.

Complete Description:

Duties:
a. Identify network problems, and recommend improvements to ensure optional performance;
b. Ability to monitor and analyze data traffic patterns within the OCFO Network infrastructure
c. Ability to enhance security and knowledge of the latest security threats, worms, and malware and advise on how to deter them;
d. Ability to reliability of the network through the above actions;
e. Extensive experience in developing strategic systems architecture plans
f. Experience with Storage infrastructure (NetApp Storage) and technologies include virtualization/arrays, FC/FCOE, NFS, ISCSI.
g. Design, administration of VMware Infrastructure including full integration with SAN for VMotion and VMware SRM multi-site administration
h. Advanced knowledge of disaster recovery and business continuity processes and tools needed.
i. Active Directory service management and operational stability and maintenance
j. Design and build solutions utilizing on-premise computer, networking, and storage technologies using Azure cloud. Cloud Engineer leads the design and support of large-scale projects.
k. Configure routers, switches, firewalls, and other appliances in compliance with OCFO security standards;
l. Monitor security measures in place within network perimeter, ensuring security breaches do not occur and information is safeguarded

Responsibilities:
a. Determines enterprise information assurance and security standards.
b. Develops and implements information assurance/security standards and procedures.
c. Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers' requirements.
d. Identifies, reports, and resolves security violations.
e. Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
f. Supports customers at the highest levels in the development and implementation of doctrine and policies.
g. Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
h. Performs analysis, design, and development of security features for system architectures.
i. Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
j. Designs, develops, engineers, and implements solutions that meet security requirements.
k. Provides integration and implementation of the computer system security solution.
l. Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.
m. Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
n. Ensures that all information systems are functional and secure

Qualifications:
a. 16+ years of experience developing, maintaining and recommending enhancements to IS policies/requirements (Required)
b. 16+years of experience performing vulnerability/risk analyses of computer systems/apps (Required)
c. 16+ years of experience identifying, reporting and resolving security violations (Required)
d. Cloud-Azure (Highly Desired)
e. Experience in complex Enterprise-level projects (Required)
f. Expert understanding of Windows server operating systems (Required)
g. Knowledge of on-premise and cloud security productions (Required)
h. Good understanding of IP Networks/Security (Required)
i. Extensive experience troubleshooting NetApp SAN (Required)
j. In-depth knowledge of SAN replication/Disaster Recovery (Highly Desired)
k. Hands-on experience managing storage on VMware ESXi (Required)
l. Good understanding of server/endpoint operating sytem (Required)
m. Windows 2016 AD Enterprise troubleshooting experience (Required)
n. In-depth experience with Disaster Recovery & Avoidance planning (Required)
o. VMare Site Recovery Manager experience (Highly Desired)
p. Excellent understanding of troubleshooting IT infrastructure (Highly Desired)

Education:
a. Bachelor's Degree in IT or related field or equivalent experience (20 years) (Required)
b. Master's Degree in IT or related field or equivalent experience (Highly Desired)
c. Security CISSP, Security+, CEH (Required).

Job Type: Contract

Pay: Up to $90.00 per hour

Expected hours: 40 per week

Compensation package:

1099 contract
Experience level:

11+ years
Schedule:

8 hour shift



Application Question(s):

Do you have experience developing, maintaining and recommending enhancements to IS policies/requirements

Do you have Windows 2016 AD Enterprise troubleshooting experience ?

Do you have Cloud experience with MS Azure ?

*Hybrid position - Must be willing and able to report on-site to DC offices 1x every 2 week Location: Remote

Actual Job Title:Information and Cyber Security Analyst III (5-8 Years of experience)

FTE Opportunity

Work Address: Washington, DC 20064

Responsibilities

Design, implement, manage, and monitor technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the University s information assets.

Maintain a current understanding of regulatory requirements governing the use, governance and availability of University information systems.

Analyze findings from security monitoring systems, and recommend and coordinate the implementation of any necessary remediation.

Assist in the development of operating procedures and policies and the implementation of a unified approach to attaining, documenting, monitoring, and maintaining compliance with institutional policy and procedures.

Develop and communicate business-based justifications for security initiatives.

Research and recommend security controls, information security tools and services and other information security initiatives.

Assess systems, processes, and projects for compliance requirements, control objectives, and security best practices; including interacting with internal and external technical and functional staff.

Serve as a University resource for IT security operations and initiatives.

Facilitate cross-functional teams to implement security controls and initiatives.

Assist system, application, and data owners/custodians with selecting and documenting controls, policies and procedures.

Participate in campus-wide information security events and programs to ensure alignment and knowledge sharing between departments.

Train and educate internal groups as required.

Design and implement information security projects for the University

Design and develop project plans to enhance the information security capabilities; research methodologies and products, and establish technical requirements; define project scope, requirements, and deliverables, and develop a project plan to meet objectives.

Coordinate project activities, including performing assigned tasks and coordinating with external providers or contractors, ensuring project remains on schedule and that work accomplished meets specifications.

Provide support in a pleasant, professional and courteous manner.

Process assigned service request tickets according to established procedures and SLAs. Dispatch tickets for the team as designated.

Provide information security support for other Technology Services groups.

Serve as an information security liaison to non-university vendors or technical organizations as required.

Other administrative duties.

Work independently or in teams to carry out assignments within the framework established by the supervisor and in conformance with established practices and procedures; bring unexpected or controversial findings to the supervisor s attention.

Provide regular progress and status reports to the supervisor.

Create and present written or oral briefings.

Cross train staff in infrastructure technologies as required.

Follow CUA and Technology Services staff guidelines and requirements.

Perform other job-related duties as assigned by supervisors.

Qualifications

Bachelor s Degree required a minimum of five (5) years progressive experience in IT information security, with materially demonstrable experience configuring systems for information security. Experience in higher education is preferred.

Mastery of, and skill in applying:

IT concepts, principles, methods, and practices

Information security and risk management concepts, practices and standards (e.g., ISO 17799/27002, 27001, 310000/31010)

Regulations related to information security and data confidentiality (e.g., PCI-DSS, HIPAA, FISMA, GLBA, HEOA, FERPA, and DMCA)

Identity and Access Management concepts, practices and standards

Quality management and quality assurance concepts, practices and standards (e.g., ISO 9000 and related in ISO/TC 176)

Microsoft Excel or Google Sheets, including advanced spreadsheet manipulation

Microsoft Visio, PowerPoint or other visual presentation tools

Knowledge of the following is highly desirable:

Relational data systems and concepts, including writing SQL queries; Oracle Database, Microsoft SQL Server experience is a plus

Oracle PeopleSoft, especially Campus Solutions, Human Capital Management, Financials

Project management concepts, practices and standards (e.g., PMI PMBOK)

Current security fundamentals/essentials-level certification is required (i.e., one of the following):

CompTIA Security+

GIAC Security Fundamentals (GISF)

GIAC Security Essentials (GSEC)

Current certification in one or more of the following is highly desirable:

CompTIA Advanced Security Practitioner (CASP)

GIAC Information Security Professional (GISP)

ISACA Certified Information Systems Auditor (CISA)

ISACA Certified Information Security Manager (CISM)

(ISC) Certified Information Systems Security Professional (CISSP)

CompTIA Network+

CompTIA Project+

GIAC Certified Project Manager (GCPM)

Project Management Institute Project Management Professional (PMP)

Job Type: Full-time

Pay: $100,000.00 - $103,000.00 per year

Benefits:

Health insurance

Life insurance

Paid time off
Schedule:

Day shift

Monday to Friday



Ability to commute/relocate:

Washington, DC 20064: Reliably commute or planning to relocate before starting work (Required)

Experience:

ISO 17799/27002, 27001, 310000/31010: 4 years (Preferred)

PCI-DSS, HIPAA, FISMA, GLBA, HEOA, FERPA, and DMCA: 5 years (Preferred)

Information security: 1 year (Preferred)

Microsoft Excel or Google Sheets: 4 years (Preferred)

License/Certification:

CompTIA Security+ Location: In person

The Multi-State Lottery Association (MUSL) is a non-profit, government-benefit association responsible for the operation of Powerballand other multi-jurisdictional lottery games in the United States. As an Information Security Analyst at MUSL, you will be an integral part of the team that ensures the integrity of lottery games throughout the United States.

The Information Security Analyst provides expertise developing and maintaining a comprehensive information security program for MUSL. The Analyst develops policies and procedures for managing and protecting information assets; participates in evaluation, procurement, and implementation of information security management systems; and works as part of the Information Security team.

The Analyst works internally with other MUSL staff and systems and also acts as an external-facing resource, performing information security assessments and providing consultative recommendations for jurisdictional lotteries.

This position requires excellent interpersonal skills, the ability to multi-task, and a solid understanding of security and information technology principles. The analyst is responsible for furnishing assessment reports, conducting meetings with internal and external staff, communicating trends and analysis to staff and management, and helping ensure the organization understands and appropriately manages risk.

This position is external/member lottery focused which requires travel to jurisdictional lotteries throughout the U.S. up to 5 days at a time, 15-20 trips per year.

Primary Job Tasks and Responsibilities

Develop technical and security policies and procedures.

Provide independent technical evaluation for jurisdictional lottery gaming systems.

Research compliance issues, interpret standards, and provide recommendations to lotteries to resolve issues.

Assist Information Technology and Software Development groups in design of hardware and software systems, including off-site/cloud based systems.

Monitor industry changes and participate in developing new standards and processes.

Provide expert advice to colleagues and jurisdictional lotteries, especially as it relates to standards and MUSL information security rules.

Draft responses to non-compliant lotteries and/or audit findings and participate in resolutions.

Convey ideas, images and goals to a diverse group of technical and non-technical professionals.

Support other types of technical audits or reviews as needed.

Represent the Association in a positive, professional, and courteous manner.

Experience and Education

Bachelor s or Master s degree in Technology, Computer Science, Engineering, or similar.

Certifications such as CISSP/CISM/CISA or the ability and willingness to acquire.

Software development or scripting coursework or experience.

One or more years of work experience (including internship/coop) as a network/system engineer, security analyst, penetration tester, forensics specialist, software developer, or similar.

Strong, demonstrable knowledge in the domains of access control; application security; business continuity and disaster recovery planning; information security and risk management; operations security; physical security; security architecture and design; and telecommunications and network security.

General knowledge of the following is preferred: Windows, Linux, mobile OSes, firewalls, DNS, IDS/IPS, anti-virus, Internet Protocol (IP), VLAN, VPN, SIEM, APTs, LDAP/Active Directory, penetration testing, IT auditing, system administration, software development, encryption, ISO27001, NIST 800-53.

Passion for information security and a strong desire to learn.

Key Competencies

critical thinking and problem solving

decision-making

communication (written and oral)

influencing and leading

delegation

teamwork

conflict management

adaptability

stress tolerance

organization and planning

information gathering and monitoring

initiative

attention to detail, accuracy

Benefits

Health, Dental, and Vision insurance

Company paid Life Insurance, Short-Term and Long-Term Disability Insurance

Competitive Paid Time Off plan

Generous retirement contribution

Company paid continuing education

Flexible schedule and an emphasis on work-life balance

Challenging work with the ability to make a difference

When applying, please include a very brief cover letter (3-5 sentences) describing why you are a good fit for the role.

Job Type: Full-time

Pay: $60,000.00 - $90,000.00 per year

Benefits:

401(k)

Dental insurance

Employee assistance program

Flexible schedule

Flexible spending account

Health insurance

Health savings account

Life insurance

Paid time off

Professional development assistance

Retirement plan

Vision insurance
Schedule:

Monday to Friday

COVID-19 considerations:
COVID-19 vaccination may be required to visit certain lottery sites.

Education:

Bachelor's (Preferred)

Experience:

Cybersecurity: 1 year (Preferred)

Information Technology: 1 year (Preferred)

Language:

English (Required)

Willingness to travel:

50% Location: On the road

Senior Information Security Analyst

Location: Nashville TN

Duration: 12+ Months

Client: TDOT

Job Id: 61456

Job Description: TDOT is seeking a Senior Information Security Analyst to join our team. This individual will act as the front line defense by ensuring that security alerts are reviewed, remediated, or escalated with appropriate urgency and all response actions are documented accurately. This is a fundamental role in protecting the information assets of the organization by effectively identifying and responding to potential indicators of compromise or attack. This role will focus on TDOT s ITS (Intelligent Transportation Systems) network and our 4 TMCs (Traffic Management Centers) across the state.

Responsibilities and Duties

Enforce policy, guidance, and training requirements according to Best Business Practices BBPs

Ensure implementation of system updates, reporting, and compliance procedures

Ensure users meet the requisite favorable security investigations, clearances, authorization, need-to-know, and security responsibilities before granting access to the TMC information

Ensure users receive initial and annual Cyber Security Awareness training, as well as troubleshoot issues and repair systems

Ensure log files and audits are maintained and reviewed for all systems and that authentication (for example, password) policies are audited for compliance

Prepare, distribute, and maintain security plans

Review and evaluate the effects on security of system changes

Ensure that all Systems within their area of responsibility are certified, accredited, and reaccredited

Ensure system recovery processes are monitored and that security features and procedures are properly restored

Maintain current software inventory and ensure security related documentation is current and accessible to properly authorized individuals

Monitor alerts, detections, or other indicators of compromise/attack from a variety of information security solutions.

Investigate, contain, eradicate, and/or escalate security detections as appropriate

Document and generate reports of detections and response actions for review by management and other stakeholders

Assist in the analysis of vulnerabilities

Monitor security platforms health for errors, misconfigurations, or performance alerts

Leverage SIEM platform by creating and executing search queries, dashboards, and alerts to identify threats and assist in investigations.

Support end-users and other stakeholders requests related to information security service

Perform control testing and other risk management activities

Provide information in response to assessments and audits

Maintain an understanding of the systems, solutions, and technologies deployed on the ITS network.

Qualifications and Skills

Experience in Information Security and/or Information Technology in an operations or support role

Prior experience in an information security incident response role. Experience troubleshooting and/or securing computer systems and networks

Experience with SIEM platforms

Experience reviewing logs, scripting tasks, or creating structured queries/regex searches

Familiarity with Cisco security products and operational practices

Awareness of Information Security best practices and regulatory requirements

Bachelor s degree in Computer Science, IS or Information Security a plus CISSP, CISM, GIAC and/or similar certifications a plus

Strong professional communication skills, both verbal and written

Strong understanding of computer systems and networking principles

Strong analytical skills and strong knowledge of data analysis tools

Ability to parse logs, create queries, and perform root cause analysis of events

Programming/Scripting skills are a plus

Understanding of logical security, user access and identity management

Detail oriented and process focused with a strong appreciation of completeness and accuracy

Ability to independently prioritize work and complete assignments with minimal oversight

Team player who is energized by problem solving and finding solutions together to deliver maximum benefit.

Ability to adjust communication style/content to interact with IT and business professionals.

Work closely with Cyber Security Architect and network security team to implement and maintain secure network design

Participate in planning and executing the SDLC process

Provide information security expertise to system development teams

Works with network monitoring and management applications and creating highly-reproduceableconfiguration scripts and templates

Job Types: Temporary, Contract

Pay: $55.00 - $65.00 per hour

Experience level:

8 years

9 years
Schedule:

8 hour shift

Monday to Friday



Ability to commute/relocate:

Nashville, TN 37243: Reliably commute or planning to relocate before starting work (Required)

Experience:

System security: 8 years (Preferred)

Cybersecurity: 9 years (Preferred)

Information security: 9 years Location: In person

Job Title: Information Security Analyst

Duration: 10/02/2023 - 10/02/2024

Location: Nashville, TN

Job Description:

TDOT is seeking a Senior Information Security Analyst to join our team. This individual will act as the front line defense by ensuring that security alerts are reviewed, remediated, or escalated with appropriate urgency and all response actions are documented accurately. This is a fundamental role in protecting the information assets of the organization by effectively identifying and responding to potential indicators of compromise or attack. This role will focus on TDOT s ITS (Intelligent Transportation Systems) network and our 4 TMCs (Traffic Management Centers) across the state.

Responsibilities and Duties

Enforce policy, guidance, and training requirements according to Best Business Practices BBPs

Ensure implementation of system updates, reporting, and compliance procedures

Ensure users meet the requisite favorable security investigations, clearances, authorization, need-to-know, and security responsibilities before granting access to the TMC information

Ensure users receive initial and annual Cyber Security Awareness training, as well as troubleshoot issues and repair systems

Ensure log files and audits are maintained and reviewed for all systems and that authentication (for example, password) policies are audited for compliance

Prepare, distribute, and maintain security plans

Review and evaluate the effects on security of system changes

Ensure that all Systems within their area of responsibility are certified, accredited, and reaccredited

Ensure system recovery processes are monitored and that security features and procedures are properly restored

Maintain current software inventory and ensure security related documentation is current and accessible to properly authorized individuals

Monitor alerts, detections, or other indicators of compromise/attack from a variety of information security solutions.

Investigate, contain, eradicate, and/or escalate security detections as appropriate

Document and generate reports of detections and response actions for review by management and other stakeholders

Assist in the analysis of vulnerabilities

Monitor security platforms health for errors, misconfigurations, or performance alerts

Leverage SIEM platform by creating and executing search queries, dashboards, and alerts to identify threats and assist in investigations.

Support end-users and other stakeholders requests related to information security service

Perform control testing and other risk management activities

Provide information in response to assessments and audits

Maintain an understanding of the systems, solutions, and technologies deployed on the ITS network.

Qualifications and Skills

Experience in Information Security and/or Information Technology in an operations or support role

Prior experience in an information security incident response role. Experience troubleshooting and/or securing computer systems and networks

Experience with SIEM platforms

Experience reviewing logs, scripting tasks, or creating structured queries/regex searches

Familiarity with Cisco security products and operational practices

Awareness of Information Security best practices and regulatory requirements

Bachelor s degree in Computer Science, IS or Information Security a plus CISSP, CISM, GIAC and/or similar certifications a plus

Strong professional communication skills, both verbal and written

Strong understanding of computer systems and networking principles

Strong analytical skills and strong knowledge of data analysis tools

Ability to parse logs, create queries, and perform root cause analysis of events

Programming/Scripting skills are a plus

Understanding of logical security, user access and identity management

Detail oriented and process focused with a strong appreciation of completeness and accuracy

Ability to independently prioritize work and complete assignments with minimal oversight

Team player who is energized by problem solving and finding solutions together to deliver maximum benefit.

Ability to adjust communication style/content to interact with IT and business professionals.

Work closely with Cyber Security Architect and network security team to implement and maintain secure network design

Participate in planning and executing the SDLC process

Provide information security expertise to system development teams

Works with network monitoring and management applications and creating highly-reproducible configuration scripts and templates.

Job Type: Contract

Pay: From $55.00 per hour

Schedule:

8 hour shift

Monday to Friday



Ability to commute/relocate:

Nashville, TN: Reliably commute or planning to relocate before starting work (Required)

Experience:

Linux: 1 year (Preferred)

Cybersecurity: 1 year (Preferred)

Information security: 1 year Location: In person

Summary

Experienced InfoSec Risk Analyst to manage Governance, Risk & Compliance requirements.
Risk Analyst will assist in the evaluation and improvement of the Cybersecurity program and controls environment within TDECU. This individual will work closely with the Manager of Information Security Compliance and Strategy to oversee and administer cybersecurity controls and issue remediation in accordance with organizational policies and standards.

Essential Duties and Responsibilities:

Own and manage all internal and third-party Cyber Risk Assessments and Risk Assessment tools
Plan and develop Enterprise Security Awareness Training campaigns
Manage the development and maintenance of the IT Disaster Recovery Plan
Provide reporting of security controls and access for audits and assessments as needed
Maintain Enterprise Cyber Risk Register
Coordinate with IT and Internal Audit teams to oversee and administer IT audit finding and issue remediation activities

Education:

Bachelor s Degree in related field

Licensure:

Security+/CISSP preferred

Experience:

Minimum 5 years of relevant experience is required

Knowledge, Skills, and Abilities:

Third-party risk management

Writing policies, procedures, and playbooks

Security awareness training program

Asset management

Data classification

Experience with cybersecurity frameworks and standards such as NIST and ISO

Working knowledge of compliance requirements from GLBA and NCUA

Practical understanding of application protocols (HTTP/HTTPS, DNS, DHCP, etc.)

Basic understanding of networking principles (TCP/UDP, ICMP, etc.)

Physical Demands and Work Environment:

(The physical demands and work environment characteristics described herein are representative of those that must be met by an employee to successfully perform essential functions of this position and/or may be encountered while performing essential functions. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.)

While performing the essential duties of this position, an employee would frequently be required to stand, walk, and sit. An employee must frequently lift and/or move up to 10 pounds and may occasionally lift and/or move up to 25 pounds to perform essential position functions.

Specific vision abilities required by this position include close vision, distance vision, and the ability to adjust focus. The noise level in the work environment is usually moderate.

Arrangement Hybrid General: On average, employees in this role report to a designated TDECU office location 1-2 days?per week.

Disclaimer:

The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required of personnel so classified.

Texas Dow Employees Credit Union is an equal opportunity employer, dedicated to a policy of non-discrimination in employment on any basis including race, color, age, protected veteran status, sex, religion, disability, genetic information, national origin or other status protected by federal, state or local law. Consistent with the American Disabilities Act, applicants may request accommodations needed to participate in the application process.

Job Type: Full-time

Pay: $93,025.00 - $101,481.00 per year

Benefits:

401(k)

401(k) matching

Dental insurance

Flexible spending account

Health insurance

Life insurance

Professional development assistance

Retirement plan

Tuition reimbursement

Vision insurance
Schedule:

8 hour shift



Ability to commute/relocate:

Sugar Land, TX 77478: Reliably commute or planning to relocate before starting work (Required)

Application Question(s):

Will You Now or in the Future Require Sponsorship to Work in the US?

Experience:

Linux: 1 year (Preferred)

Cybersecurity: 1 year (Preferred)

Information security: 1 year Location: Hybrid remote in Sugar Land, TX 77478

Overview: NIWC Atlantic Software Services requires ISHPI to provide emerging Department of Defense (DoD) and Department of Navy (DON) information technology, to design, develop, engineer, and maintain systems that will improve customer organizational efficiency.
Duties and Responsibilities: ISHPI will be responsible for Cybersecurity tasks to protect and defend information and information systems, compliance and monitoring of systems and/or applications, IA status updates and reporting, IA vulnerability management (IAVM), and adjustment of C&A documentation. Duties to include the following and other duties further detailed during interview.

Transmit documents via DoD public key infrastructure (PKI) encrypted email or place in government designated repository.

Serve as the Information Assurance Officer (IAO) for assigned applications

Review system or application audit logs either manually or through automated tools

Report any system anomaly that could result in an unauthorized disclosure of or access to sensitive information within one hour of identification.

Review current threats and outstanding vulnerabilities using Assured Compliance Assessment Solution (ACAS)

Perform monthly vulnerability scans for assigned applications or systems. If the scan must be performed by CEDC personnel, the contractor shall initiate the request.

The contractor shall protect the vulnerability scan results as Unclassified/ Sensitive.

Support security and IA evaluations; develop/maintain test and audit records

Perform monthly access audits and suspend and restore user accounts as needed to control access.

Perform and document quarterly tests of the backup and restore capability for each assigned application or database.

Apply DISA STIGs to configure systems, operating systems and vendor updates, patches and version upgrades.

IA Vulnerability Alerts (IAVA), IA Vulnerability Bulletins (IAVB). Technical Advisories (TA) or Computer Tasking Orders (CTO) and Vulnerability Assessments and Management. Implement the necessary IA/CND mechanisms. Monthly scanning of the systems using the current CEDC vulnerability-scanning package.

Update and document applicable C&A artifacts to support accreditation or reaccreditation.

Support obtaining C&A for assigned applications or systems, to include process support, analysis support, coordination support, conduct of various IA control validation activities, compiling validation results, and creation or execution of Plan of Actions and Milestones (POA&Ms).

Cyber Security Operational Services for protection of all sensitive information, the Information Systems, Information System Domains

Qualifications: Education: Accredited Bachelor's degree in Engineering, Computer Science, Information Assurance, Programming, or a related. Individual shall be certified in accordance with DoDD 8570.1 Information Assurance Technician III and subject to meeting subsequent requirements of latest DoD 8140 manual.

*
Experience:

Prior Navy related experience preferred. Ten (10) years of experience providing support in the prevention of damage to, protection of, and restoration or computers, electronic communications systems, electronic communications services, wire communication, and electronic communication to ensure data availability, integrity, authentication, confidentiality, and nonrepudiation; at a minimum, individual shall be able to design secure systems, write secure computer code, and create the tools needed to prevent, detect, mitigate, and reconstitute information systems.

*
Education and Degree substitute:

ABET accredited MS degree in stated fields will allow for 4 years of experience substitution and ABET accredited PhD in stated fields will allow for five (5) years of experience substitution.

*
DoD 8570 IAT (Information Assurance Technical) Level III training requirement*: Must have at least one of the following: CASP+ CE (CompTIA Advanced Security Practitioner), CCNP (CISCO Certified Network Professional) Security, CISA (Certified Information Systems Auditor), CISSP (Certified Information Systems Security Professional) or Associate , GCED (GIAC Certified Enterprise Defender), or GCIH (GIAC Certified Incident Handler)

*
Security Clearance:

Requires U.S. Citizenship and ability to obtain and maintain a Secret Clearance.

*
Ishpi Information Technologies, Inc. is an Equal Opportunity and Affirmative Action Employer. *All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, disability, or status as a protected veteran.

As a condition of employment with ISHPI, you are required to provide proof that you are fully vaccinated for COVID 19 or fit within an exemption under the law. Accordingly, employment is conditioned on providing proof of vaccination or having an approved exemption prior to starting Type: Full-time

Position: Information Security Analyst

Remote

Duration:Long Term

Job Description

Familiarity with general SIEM and enterprise logging concepts

MS Azure Sentinel

Azure Event Hub

Azure Log Analytics Workspace

Working knowledge of Windows and Linux operating systems and security

Experience with the use of ServiceNow as an ITSM tool for user level request and incident management, and CMDB for asset discovery and management.

Self-motivated, able to self-manage work and tasks against SLAs and objectives

Azure and Azure AD and Security tools

Elastic Logstash

Endpoint logging agents (WinCollect, Winlogbeat, NXlog)

General firewall knowledge

Familiarity with search/query languages

Defender EDR

Praveen(DOT)k(AT)1pointsys(DOT)com

(803) 902-8818

Job Type: Contract

Salary: $40.00 - $45.00 per hour

Schedule:

Monday to Friday

Experience:

Linux: 1 year (Preferred)

Cybersecurity: 1 year (Preferred)

Information security: 1 year (Preferred)

Work Remote

Position Summary

The Senior Information Security Analyst serves as the technical lead in protecting all of the University community's digital data and information assets. Works directly for the Manager of Information Security to develop, monitor, and administer security policies and best practices for all campus computer systems, networks, and facilities. Design, construct and implement security solutions for new applications or business processes as they are introduced across campus. Leader among the Information Security Analysts that operate the only Digital Forensic lab in NW Ohio with the latest technologies, individuals, vendors, and law-enforcement agencies in the detection, investigation, and prevention of digital abuse for BGSU.

This position will work remotely.

Essential Duties, Tasks and Responsibilities

Design, construct and administer application systems and network security controls that include, but are not limited to firewalls, virtual private networks, intrusion detection/prevention systems, and ERP systems

Investigate and document the technical aspects of security-related incidents, in cooperation with law enforcement agencies or other organizations as necessary.

Research security advisories, intrusion techniques, analysis tools, and practices. Recommend and/or implement solutions or improvements.

Provide digital security oversight for all of the University applications, systems and networks; consult with application development and technical support staff to design and construct security systems using complex information technology tools and processes, within the scope of University security policies as well as applicable external laws and regulations..

Implement, operate, and manage highly technical security analysis tools to assist with the identification and diagnosis of sources to problems.

Review and update University digital security policies or procedures in a rapidly changing environment.

Design and construct overall security plan for new applications used by the entire university community. Periodically review the security plan and make adjustments as necessary.

Knowledge, Skills or Abilities

Technical skills such as programming/application development, network configuration, or server administration

Ability to analyze complex systems and situations

Ability to work discretely

Forensic and/or investigation methodology including evidence acquistion, processing, and reporting

Good communication skills, including the ability to communicate relevant risks and mitigation options in both written and verbal form

Organizational skills

Minimum Qualifications

Bachelor's degree required, preferably in Computer Science, Management Information Systems or related field. Degree must be conferred at the time of application.

The following is required:

3-4 years systems or network experience

3-5 years information security experience

Certified Information Systems Security Professional (CISSP) or Global Security Essentials Certification (GSEC)

The following is preferred:

Certified Information Systems Auditor/Manager (CISA/CISM)

Salary

Full-time, Administrative staff position available. Administrative Grade Level I57. Salary is commensurate with education and experience. Full benefits package available.

Deadline to apply: Position is open until filled.

Benefits

Bowling Green State University provides a comprehensive benefit program as part of a total compensation package. This includes medical, prescription, dental, vision, health accounts (medical & dependent), life & disability insurance, retirement plans, employee assistance program and tuition fee waivers for employees and their eligible dependents as well as paid time off, flexible work options, holidays and parental leave. For more information please visit Benefits[website] ([website])

To Apply

For a complete job description & to apply for this position visit [website] or contact the Office of Human Resources at (419) 372-8421. BGSU. AA/EEO/Disabilities/Veterans. In compliance with the ADA Amendments Act (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with Bowling Green State University, please call [phone number].

Job Type: Location: Remote