Analyst

now browsing by tag

 
 

#cybersecurity | #hackerspace | Analyst Discusses Reporting Hack Of Computer System At Indian Nuclear Reactor | Avast

Source: National Cyber Security – Produced By Gregory Evans This week a report of hackers gaining access to an Indian nuclear power plant’s computer network led to alarm, confusion, and denial before officials admitted the hack took place. The threat analyst who reported the issue experienced a unique vantage point in the middle of that […] View full post on AmIHackerProof.com

IT Security Analyst Intern

Chenega Professional & Technical Services (CPTS) is seeking an IT Security Analyst, Intern to provide support to NASA – AMES Research Center (ARC) within the Information Technology Services.
Essential Duties and Responsibilities:(Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this position)
  • Under direct supervision, performs packet analysis, identifies malformed packets, and analyzes the payload of a pack of network protocols and routing.
  • Writes and maintains processes, procedures, test/assessment results, presentations, papers, articles, and other types of documents as required.
Non-Essential Duties:
  • Other duties as assigned.
Supervisory Responsibilities:
  • None.
Minimum Qualifications:(To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)
  • High School Diploma or GED.
  • Zero (0) to Two (2) years of related experience.
  • Must have an understanding of commonly used network services (e.g. domain name server (DNS), mail, web, and other less common network services)
  • Must be able to obtain required NASA badge.
  • Must be able to provide a certified Birth Certificate (with state seal), Passport, or INS Citizenship documents on date of hire (candidate will be sent home if this paperwork is not provided upon arrival on date of hire).
  • Must have, and maintain, a valid driver’s license.
Knowledge, Skills and Abilities:
  • Good organizational and planning skills
  • Excellent communication skills
  • Proven ability to pay close attention to detail
  • Ability to work independently but follow specific detailed instructions
  • Ability to interface with various levels of personnel in a multi-cultural, team- oriented environment
Diversity:
  • Shows respect and sensitivity for cultural differences; Educates others on the value of diversity; Promotes a harassment-free environment; Builds a diverse workforce.
Ethics:
  • Treats people with respect; Keeps commitments; Inspires the trust of others; Works with integrity and ethically; Upholds organizational values.
Physical Demands:
  • The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
  • While performing the duties of this Job, the employee is regularly required to sit and talk or hear. The employee is frequently required to walk; use hands to finger, handle, or feel and reach with hands and arms. The employee is occasionally required to stand; climb or balance and stoop, kneel, crouch, or crawl. The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision.
Work Environment:
  • The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.
  • The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment.
  • During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise.
Chenega Corporation and family of companies is an EOE.
Equal Opportunity Employer Minorities/Women/Veterans/Disabled/Sexual Orientation/Gender Identity
Native preference under PL 93-638.
We participate in the E-Verify Employment Verification Program.

Qualifications

Minimum Qualifications:(To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.)
  • High School Diploma or GED.
  • Zero (0) to Two (2) years of related experience.
  • Must have an understanding of commonly used network services (e.g. domain name server (DNS), mail, web, and other less common network services)
  • Must be able to obtain required NASA badge.
  • Must be able to provide a certified Birth Certificate (with state seal), Passport, or INS Citizenship documents on date of hire (candidate will be sent home if this paperwork is not provided upon arrival on date of hire).
  • Must have, and maintain, a valid driver’s license.
JobInformation Security
Primary LocationUnited States-California-San Francisco
OrganizationChenega Professional & Technical Services
RecruiterAnne Goldberg

Source:https://nationalcybersecurity.com/it-security-analyst-intern

advertisement:

The post IT Security Analyst Intern appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Information Security & Privacy Associate Analyst

Partners HealthCare(PHS) – Somerville, MA

As a not-for-profit organization, Partners HealthCare is committed to supporting patient care, research, teaching, and service to the community by leading innovation across our system. Founded by Brigham and Women’s Hospital and Massachusetts General Hospital, Partners HealthCare supports a complete continuum of care including community and specialty hospitals, a managed care organization, a physician network, community health centers, home care and other health-related entities. Several of our hospitals are teaching affiliates of Harvard Medical School, and our system is a national leader in biomedical research.

We’re focused on a people-first culture for our system’s patients and our professional family. That’s why we provide our employees with more ways to achieve their potential. Partners HealthCare is committed to aligning our employees’ personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal development—and we recognize success at every step.

Our employees use the Partners HealthCare values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.

General Overview

With guidance from senior members of the team, this individual assists with the Partners HealthCare enterprise-wide information security risk management program through active engagement with business owners including information gathering, risk analysis, and reporting.

The Information Security & Privacy Associate Analyst (ISPAA) is responsible for coordinating and scheduling information security & privacy assessments with business owners, working with team members to conduct assessments and develop remediation plans using evolving business processes and tools, documenting the effort in Archer, and following up with business owners on remediation plans.

Principal Duties and Responsibilities

1. Work with team members to coordinate and perform information system and third-party risk assessments, following a NIST-based methodology.

2. Assist in guiding business owners and end-users on the implementation of solutions that comply with IS security policies and standards.

3. Assist in prioritizing departmental tasks including new risk assessments and cybersecurity variance requests according to departmental processes.

4. With guidance from other team members, document assessments, variances, findings, and remediation plans in Archer.

5. Maintain a current knowledge of applicable federal and state privacy laws and accreditation standards, and monitor advancements in information privacy and security technologies to ensure adaptation and compliance.

6. Maintains awareness of new technologies and related opportunities for impact on system or application security.

7. Conduct information security research in keeping abreast of latest security issues and keeps abreast of testing tools, techniques, and process improvements in support of security event detection and analysis.

8. Uses the Partners HealthCare values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.

9. Local travel to PHS Sites

10. Performs other duties as assigned.

Qualifications
Bachelor’s degree (B.A. / B.S.) or equivalent in computer science, business administration, or equivalent discipline from an accredited college or university required.

1-2 years of experience in IT/IS required.
1-2 years of exposure to information security or information privacy functions.
Knowledge of HIPAA, HITECH, Mass ID Theft regulation 201 CMR 17, and other appropriate information security and information privacy regulatory requirements for healthcare entities a plus.
Knowledge of NIST 800-53, ISO 27K, GDPR, PCI-DSS is desirable.
Legal background is desirable.
Any of the following certifications is a plus:
ITIL, any of the following Information Security Certifications: CISSP, HCISSP, CISM, CISA, CIPP, CIPM, CIPT, CPHIMS, PCIP, GSEC, GCIH, GCFE, GCFA, CEH, GPEN, and PMP

Skills, Abilities and Competencies

1. The candidate for this role must have very strong business and analytical skills to represent the information security & privacy office policies.
2. Outstanding time management and organizational skills required.
3. An ability to work under the required guidelines and deliver on business/project requirements.
4. Ability to work with both team members and staff in a professional manner.
5. Comfortable working in a dynamic environment with multiple work streams, goals, and objectives.
6. Possess ability to recommend to ISPO leadership team to prioritize project related tasks.
7. Excellent written and verbal communication and effective interpersonal skills is critical.
8. Understanding of Windows, Unix/Linux operating systems, security administration, virtualization, and TCP/IP networking.
9. Ability to work independently with minimal supervision.

EEO Statement Partners HealthCare is an Equal Opportunity Employer & by embracing diverse skills, perspectives and ideas, we choose to lead. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law.

Primary Location
: MA-Somerville-Assembly Row – PHS
Work Locations
:
Assembly Row – PHS
399 Revolution Drive
Somerville 02145
Job
: Information Security
Organization
: Partners HealthCare(PHS)
Schedule
: Full-time
Standard Hours : 40
Shift
: Day Job
Employee Status
: Regular
Recruiting Department : PHS Information Systems
Job Posting
: May 24, 2018

advertisement:

The post Information Security & Privacy Associate Analyst appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Data Security Analyst I

IBM – Ashburn, VA

Job Description

This role for the Cloud SOC is the first line of defense against intruders on our platform and infrastructure.
Tier I Analysts provide continuous monitoring services on all threat management tools to enure constant situational awareness. Events triaged by Tier I are either escalated to Tier II for further analysis, or to engineering to adjust notification levels for optimal performance.

Continuous monitoring of all threat management and event monitoring consoles.
Triage of all alerts to determine potential for impact or exposure for IBM Cloud infrastructure, platform, and Software offerings.
provide assistance to incident handlers during incident response activities.
Review of threat bulletins to tailor daily monitoring activities to current threats.

CLDSFT1K

Required Technical and Professional Expertise

IT Security
2 years experience in System Administration, Network Administration, or Abuse.

Preferred Tech and Prof Experience

Strong written and verbal communication skills
1 year Security Operations experience.

advertisement:

The post Data Security Analyst I appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber Threat Analyst

U.S. Federal Government – Washington, DC

Duties 

Summary 

Within the Directorate of Analysis (DA), incomplete and sometimes contradictory information is transformed into unique insights that inform US policy decisions. The DA helps provide timely, accurate and objective all-source intelligence analysis on national security and foreign policy issues to senior policymakers in the US Government. Learn more about the Directorate of Analysis at 

advertisement:

https://www.cia.gov/offices-of-cia/intelligence-analysis/ 

As a Cyber Threat Analyst for the CIA, you will conduct all-source analysis, digital forensics, and targeting to identify, monitor, assess, and counter the threat posed by foreign cyber actors against US information systems, critical infrastructure and cyber-related interests. You will support the President, the National Security Council, and other US policymakers with strategic assessments and provide tactical analysis and advice for operations. 

Cyber Threat Analysts apply their scientific and technical knowledge to solving complex intelligence problems, produce short-term and long-term written assessments, and brief US policymakers and the US cyber defense community. This work demands initiative, creativity, analytic skills, and technical expertise. 

You will also have the opportunity to maintain and broaden your professional ties throughout your career through academic study, collaboration with Intelligence Community peers, and attendance at professional meetings. 

Opportunities exist for foreign and domestic travel, language training, analytic tradecraft and management training, training to deepen substantive expertise, and assignments to other offices in the Agency and throughout the US Government.

Read More….

The post Cyber Threat Analyst appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Kaspersky Security Analyst Summit

Source: National Cyber Security – Produced By Gregory Evans

General Cybersecurity Conference

 March 7 – 11, 2018 | Cancun, Mexico

Cybersecurity Conference Description 

The Kaspersky Security Analyst Summit (SAS) is an annual event that attracts high-caliber anti-malware researchers, global law enforcement agencies and CERTs and senior executives from financial services, technology, healthcare, academia and government agencies.

Read More….

The post Kaspersky Security Analyst Summit appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Information Security Analyst, Intrusion Detection

Source: National Cyber Security – Produced By Gregory Evans

We are looking for a highly motivated analyst specializing in security monitoring, forensics or incident response to defend Tesla’s information, infrastructure and products. 

We regularly send over-the-air software updates to our Model S and Model X fleet, seamlessly delivering new features and improvements to our customers. Our mobile applications allow customers to interact with their cars via real-time, low-latency two-way communication. We also build tools for our internal sales, delivery, and service teams. Today we remotely identify potential vehicle issues before a customer does—and often fix problems remotely too. To this end information and product security is of the utmost importance. 

The Detection Team is responsible for analyzing threats on our corporate, manufacturing and production environments. As an Information Security Analyst you will defend Tesla by detecting, investigating and responding to security threats and attacks. You will build detection mechanisms for attacker tactics techniques and procedures, develop automation for investigation and remediation, perform system forensics, and actively hunt for threats. 

Responsibilities: 

  • Detect and respond to attacks against the company’s information, networks, systems, applications and products.
  • Work with engineering teams to develop threat detection signals and incident response plans.
  • Execute projects to improve security event collection, detection, analysis, correlation and response.
  • Participate in a rotation to analyze and investigate active threats against the company.
  • Perform digital forensics, malware analysis and participate in incident response functions.
  • Analyze security data and report on threats and incidents across various platforms and environments.

Requirements: 

  • BS/MS/PhD in Computer Science, Information Systems, Electrical Engineering, or the equivalent in experience and evidence of exceptional ability.
  • Demonstrated Experience in threat analysis or response in large technology firms.
  • Demonstrated experience in analyzing the security of systems (penetration testing, vulnerability scanning, etc.)
  • Excellent understanding and experience in multiple security domains such as intrusion detection, security logging, malware analysis, and forensics.
  • Proficient in one or more general purpose development languages such as Python, Ruby, Go, C, Java, bash, or PowerShell.

The post Information Security Analyst, Intrusion Detection appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Computer Forensic Analyst

Source: National Cyber Security – Produced By Gregory Evans

Taxation & Finance, State – Albany, NY
Bachelor of Science Degree in Computer Forensics, Computer Science, or related field AND a minimum of (24) months of satisfactory experience performing the duties of a Computer Forensic Analyst 3 or its equivalent in another computer forensic environment; AND possession of a Computer Forensics certification such as EnCE, CFCE, ACE or similar certification. Certification may be substituted with a minimum of (160) hours of Computer Forensics training with computer forensic tools such as Encase, Access Data FTK and ASR SMART OR a professional certification such as the Certified Computer Forensics Examiner, Certified Computer Examiner, GIAC Certified Forensic Examiner or GIAC Certified Computer Analyst; AND verifiable training with computer forensics tools such as Encase, Access Data FTK and ASR SMART; AND significant Computer Forensics casework experience and experience testifying before a court of law or administrative hearing as a Computer Forensics expert. Candidates must be able to obtain and maintain a professional certification such as the Certified Computer Forensics Examiner, Certified Computer Examiner, GIAC Certified Forensic Examiner or GIAC Certified Computer Analyst within one year of appointment to this level. 

Substitution: (4) years of work-related experience in the field of Computer Forensics may be substituted for the required Bachelor’s Degree. 

The duties that the incumbent of the vacancy will be expected to perform. Duties Description 
Under the general direction of the Director, the Computer Forensic Analyst 4 performs the following duties: 

• In accordance with Department policy, rules and regulations, office guidelines and industry standards, conducts data acquisition and archival; hardware, software and tool testing and validation; and physical examinations of computers, electronic devices and various Department computer network systems. 

• Copies data from multiple operating systems and mobile computing devices. Prepares copied data for archiving into digital media. Verifies the integrity of the forensic copies to be used for analysis. 

• Conducts physical examinations of computer and other electronic computing devices by inspecting the hardware peripherals in devices submitted as evidence. Document the physical condition of evidence computers and devices. 

• Disassemble and reassemble various types of electronic data or communication devices. 

• Test and validate computer hardware, software and forensic analytical tools using established procedures and guidelines. 

• Prepare and submit required documentation for admittance into evidence in court proceedings. 

• Perform computer hardware, software, network and internet related research to troubleshoot and maintain computer forensic laboratory equipment and network. 

• Assist in the review and preparation of evidence. Prepare computer and multimedia digital evidence for court presentations. 

• Testifies in court and other proceedings regarding casework involving routine laboratory processes such as acquisition, archival and analysis. 

• Examine computers and other electronic storage devices submitted as evidence. Analyze data by using computer forensic utilities and analytical techniques. 

• Prepare comprehensive analysis reports to be used in the course of investigations and entered into evidence during court proceedings. 

• Research industry standards and assist Department Investigators in developing procedures for the various stages of computer forensic processes, such as acquisition, archival and analysis of data. 

• Properly maintains the chain of custody and meets evidence handling requirements. 

• Provide technical assistance to Department Investigators during extraction of multimedia digital evidence from computer networks and other technical forensic processes in the field. 

• Recommends changes in operating procedures, equipment, and personnel. 

• Assists with the implementation of hardware and software, as well as modifications to the laboratory equipment and network as requested by management. 

• Analyzes the most complex cases which may involve multiple operating systems and mobile computing devices. 

• Testifies in court or other adverse proceedings regarding the validity of analysis performed by lower-level Computer Forensic Analysts; the processes used, and the relation of evidence to the overall investigation. 

• Advise Department Investigators of possible alternative methods of analysis that would increase accuracy, efficiency and timeliness. 

• Review examinations and analyses completed by staff. 

Additional comments regarding the vacancy. Additional Comments This is a newly classified position and jurisdictional class assignment (non-competitive) is still pending approval. As such, the incumbent will serve temporary in the position until the jurisdictional class is approved. At that time, the incumbent’s status can be changed to permanent. 

Work hours to be determined.

The post Computer Forensic Analyst appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cyber Threat Technical Analyst

Source: National Cyber Security – Produced By Gregory Evans

We’re looking for Eagle Ray people. Eagle Ray is a rapidly growing, woman owned business specializing in strategic transformation services. We deliver complex professional services across the IC, DoD and DHS. With Eagle Ray’s help, our clients reduce cost and program risk, enhance operational performance and drive the development of new capabilities to end users in the National Security Enterprise. We offer an engaging corporate culture, a dynamic work environment and competitive total compensation.

Insight. Impact. Innovation. Eagle Ray people are hands-on, results-oriented, and invested in the success of our customers’ missions. Come work with us, you can really make a difference!

Produce, per analyst on average, 36 weekly threat reports, eight monthly threat reports, three quarterly threat reports, and one annual threat study for their specific focus or area. In addition, each analyst will average six reports of inquiry (ROI) and or requests for information (RFI) and publish or contribute to nine Intelligence Information Reports (IIR) annually. Finally, each analyst will produce, on average, 48 weekly status reports.

Responsibilities
Support team members in completing forensics reports, CI Cyber Inquiries, and monthly, quarterly, and annual CI Cyber Threat reports.
Identify, analyze, define, and coordinate user, customer and stakeholder needs and translate them into technical requirements.
Detect anomalous activity through network data analysis.
Develop custom scripts/programs for automated cyber analytical tools.
Record best practices, lessons-learned, processes and procedures, and other pertinent quality topics in appropriate formats.
Design, construct and maintain a working lab environment for testing and research of advanced technical attack techniques and potential detection solutions.
Evaluate and analyze Intrusion Detection, incident tickets, event and log analysis, security change tracking and other network security systems and devices to identify risks and if required make recommendations for corrective actions.
Investigate instances of malicious code to determine attack vector, payload, potential origin, and determine extent of damage and data exfiltration and provide written reports based on findings.
Assist in the development and delivery of malware threat awareness products and briefings.
Collaborate with customers and team members to facilitate a premier malware program.
Qualifications
Required

TS/SCI clearance
Bachelor’s Degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience.
7 years of network analysis experience.
Mandatory Travel = 25%
Experience with network analysis tools, such as Wireshark.
Strong research, critical thinking and analytic skills.
Strong written and oral communication skills.
Strong listening and recognition skills.
Understanding of mission urgency.
Strong time management, prioritization, production, leadership and followership skills.
Graduate of an accredited federal or DoD CI training academy.
Desired

Post-graduate degree in Computer Science, Engineering, or a related technical discipline or the equivalent combination of education, technical certifications or training, or work experience.
Equal Opportunity Employer/M/F/Disability/Vet/Sexual Orientation/Gender Identity

The post Cyber Threat Technical Analyst appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Sr. Information Security Analyst

Job Description

  • Extensive experience of enterprise security solutions for infrastructure and application architectures (e.g. Cisco Remote Access, SecureIDS, VPN & Firewalls, SecurID, Checkpoint, Symantec ESM, PKI, Cryptography, NAI Entercept, SIEM, DLP, code analysis, RSA Authentication and Penetration/Vulnerability Testing at Network and Host level)
  • Technical security implementation and analysis experience in a first class international business.
  • Prior relevant experience gained in a security project/consultancy/architect orientated role
  • Experience of managing or supporting Security investigations, including evidence gathering and analysis
  • Experience of managing or supporting computer incident response
  • Experience with intelligence gathering regarding security threats
  • A good understanding of best practice security controls for market leading technologies (e.g. Cisco, DB2, SQL, NT, AIX, MQ)
  • Experience of conducting Risk Assessments using best practice risk management methodologies.

The Successful Applicant

  • Knowledge of forensic investigation and evidence gathering techniques
  • Knowledge and experience of US Banking Regulations (Federal Reserve Board).
  • Experience of working in financial services sector (especially banking) and knowledge of the security requirements for this sector.

View full post on National Cyber Security Ventures