NAC-ISSA Job Board

NAC-ISSA Job Board/Volunteer Board

Explore the job postings available through NAC-ISSA!
Information Security Analyst (remote) - Posted By Kenneth Lyons

Job Title: Information Security Analyst (remote)

Job Description: Job Description: O’Melveny is seeking an Information Security Analyst with a passion in Information Assurance to help us improve our program. The Information Security Analyst provides active defense through event collection and review, threat hunting, vulnerability assessment, malware analysis and remediation of potential security related events and incidents. Duties and Responsibilities: Proactive threat hunting with SIEM, log collection, parsing, enrichment, and normalization technologies. Perform advanced packet analysis (such as the ability to read and extract relevant information from a PCAP). Intrusion Kill Chain familiarity, including common delivery, exploit and post-exploitation attacks such as privilege escalation techniques in Windows. Utilizing deception technology to increase detection capabilities. Long Tail analysis. Assists in the management of security technology processes and solutions, which include endpoint protection, vulnerability management, content filtering, and intrusion detection systems. Participate in the security design and management of the Firm’s network infrastructure. Assist with management of perimeter security, including next-gen firewalls and DMZ. Participate in various training programs for IT staff regarding security controls and disciplines. Conducts incident detection, response, containment, eradication and recovery across IT systems, including identifying and handling suspicious files, static and interactive malware analysis, developing response processes (particularly with automation and orchestration), monitoring events, summarizing, and reporting findings. Check server and firewall logs, network traffic, establishing and updating virus scans, and troubleshooting. Analyze, report, and resolve as appropriate the findings from vulnerability scans, and penetration tests. Conduct user activity audits and perform internal forensic review when required. Stay abreast of current technologies, security compliance requirements, standards, industry trends, and current attack techniques. Performs other duties and responsibilities as assigned. Job Requirements: Knowledge, Skills and Experience: Qualified applicants should have current experience across a broad spectrum of data security disciplines, including Microsoft solutions and infrastructure and intrusion detection and prevention. Familiarity with OSQuery, Zeek/Bro, Sysmon, WEF, Wireshark, Process Monitor, and RITA. Must have strong PowerShell scripting abilities. Familiarity with C#, Bash, and Python desired. Strong background with firewall products, IDS, IPS, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc. is desired. Knowledge of security best practices across multiple platforms, including Linux, Windows, VMWare, and Cisco IOS. GCIA, GCDA, GCED, GCIH, GCFA, or GNFA certification preferred and OSCP is also desirable. Knowledge of public-key cryptography, understanding of encoding, encryption, and hashing techniques. Strong verbal and written communication skills are required, including the ability to communicate security risks to both IT administrators and non-technical staff. Candidate should be able to effectively interact with all levels of staff. Candidates must be internally motivated and self-driven for excellent results. Must have strong leadership skills, providing project leadership as needed, as well as excellent written and verbal communication skills. The ability to work in a team or work independently on complex tasks with minimal technical and management guidance is required. Must be able to meet deadlines and deliver status updates to project team on a frequent basis. Bachelor’s degree from an accredited university in CS, IT, CIS, or a computer related field is desired. Professional certifications will weigh in the candidate’s favor. We offer an excellent salary and benefits package. For more information, or to be considered for this position, please apply online at Response will be given to candidates who closely meet our qualifications. EOE M/F/D/V. No phone inquiries please.

Salary Range: $100,000 - $120,000

Certificates Required:

Experience Required:

Company: O'Melveny & Myers LLP

Job Title: Information Security Analyst (remote)

Posted By: Kenneth Lyons

Posted Date: Friday, April 30, 2021

Apply Now
Information Systems Security Manager (ISSM) - Posted By Chris Moon

Job Title: Information Systems Security Manager (ISSM)

Job Description: EOE Statement Yorktown Systems Group, Inc. is an Equal Opportunity Employer. No employee or applicant for employment is denied equal opportunity because of race, color, sex, national origin, religion, age, disability, marital status, pregnancy, sexual orientation, gender identity, genetic information, any other non-merit-based factor, or other characteristics protected by law. As part of the company's equal employment opportunity policy, Yorktown Systems Group, Inc. will also take affirmative action as called for by applicable laws and Executive Orders to ensure that minority group individuals, females, disabled veterans, recently separated veterans, other protected veterans, Armed Forces service medal veterans, and qualified disabled persons are introduced into our workforce and considered for promotional opportunities. About the Organization Yorktown Systems Group, Inc. is a committed team of dedicated former military and civilian professionals who believe in providing ethical and quality services to Government customers. Our leadership team is composed primarily of Veterans who are now serving in a corporate environment rather than in uniform. Our customer's missions become our own and we are committed to working as a team to achieve success. Because of the depth and experiences of our corporate leadership, we can assure all our customers that "we will do what we say we can do" and will focus on our customer's missions rather than corporate goals. Our business model is based on a personal commitment from our leaders to maintain contact with our customers to continually and consistently gauge our performance. Yorktown Systems Group was founded on the idea that providing quality and ethical services with a laser focus on our customer's goals is an effective long-term business model. Our mission, therefore, is to help our customers meet their requirements and goals. The contractor will not discharge or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant. This provision shall not apply to instances in which an employee who has access to the compensation information of other employees or applicants as a part of such employee's essential job functions discloses the compensation of such other employees or applicants to individuals who do not otherwise have access to such information, unless such disclosure is in response to a formal complaint or charge, in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or is consistent with the contractor's legal duty to furnish information. Category Management Description The Information Systems Security Manager (ISSM) is an exempt, senior-level position that supports ongoing and emerging program requirements. The ISSM's role is to support the company in meeting the needs of our technical customers while being compliant with Department of Defense and Intelligence Community requirements. The ISSM will support information system life cycle activities from rapidly establishing systems to support classified proposals to scoping systems for new programs and preparing Risk Management Framework packages, to regular maintenance, support and upgrades of systems during program execution, to program close-out and de-certification activities. Duties and Responsibilities Serve as lead for classified computers in DoD and Intelligence Community computing environments. Maintain day-to-day security posture and continuous monitoring of IS including security event log review and analysis. Ensure system security measures comply with applicable government policies. Provide configuration management and accurately assess the impact of modifications and vulnerabilities for each system. Maintain thorough understanding of NIST 800-53 controls and determine which controls are applicable to the application, system, or hardware. Provide support to the IT Director for maintaining appropriate operation information assurance (IA) posture for programs both for internal and external clients and contracts. Conduct reviews and technical inspections (as prescribed by the IT Director or contract) to identify and mitigate potential security weaknesses and ensure that all security features applied to a system are implemented and functional. Assist the IT Director in monitoring and resolving Plan of Action and Milestones (POA&M) to mitigate system vulnerabilities on assigned Information Systems. Draft and/or prepare and maintain security Assessment and Authorization documentation (e.g., IA SOP, SSP, MSSP, RAR, SCTM). Required Qualifications US Citizen Bachelor's degree in information technology, information assurance, computer information systems, or criminal justice, or

Salary Range: $120,000 - $140,000

Certificates Required:

Experience Required: 5-7

Company: Yorktown Systems Group

Job Title: Information Systems Security Manager (ISSM)

Posted By: Chris Moon

Posted Date: Tuesday, April 20, 2021

Apply Now
Job Board

Explore the job postings and volunteer positions that are available through NAC-ISSA! Volunteer positions earn CPEs for completed volunteer task! ISSA members can post inside the members portal!