ABOUT Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signalsUtilizing computers, specialized computer-assisted communications equipment and video display terminalsServing as an important part of the Information Warfare Community in its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime RESPONSIBILITIES Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required)-and potentially both. Cryptologic Technician Interpretive (CTI) CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interestTranscribing, translating and interpreting foreign language materialsProviding cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT) CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipmentOperating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systemsProviding technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN) CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing informationProviding computer network risk mitigation and network vulnerability assessments and incident response/reconstructionProviding network target access tool developmentConducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM) CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systemsConfiguring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR) CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recordersExploiting signals of interest to identify, locate and report worldwide threatsProviding tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units.Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required)-and potentially both. WORK ENVIRONMENT Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare-generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams-ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). TRAINING AND ADVANCEMENT Upon completion of initial 7- to 9-week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA, to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI Training Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT Training Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. Promotion opportunities are regularly available but competitive and based on performance. It's also important to note that specialized training received and work experience gained in the course of service can lead to valuable credentialing and occupational opportunities in related fields. To learn more about the specific training path for any of the focus areas within the field of cryptology, locate a recruiter. Most of what you do in the Navy Reserve is considered training. The basic Navy Reserve commitment involves training a minimum of one weekend a month (referred to as drilling) and two weeks a year (referred to as Annual Training)-or the equivalent. CTs in the Navy Reserve serve in an Enlisted role. Before receiving the ongoing professional training that comes with the job, initial training requirements must be met. For current or former military Enlisted servicemembers: Prior experience satisfies the initial Recruit Training requirement-so you will not need to go through Boot Camp again. For those without prior military experience: You will need to meet the initial Recruit Training requirement by attending Boot Camp for 7-9 weeks in Great Lakes, IL. This training course will prepare you for service in the Navy Reserve and count as your first Annual Training. EDUCATION OPPORTUNITIES Beyond offering access to professional credentials and certifications, Navy technical and operational training in the field of intelligence can translate to credit hours toward a bachelor's or associate degree through the American Council on Education. You may also continue your education through opportunities like the following: Navy College Program and Tuition AssistancePost-9/11 GI Bill QUALIFICATIONS AND REQUIREMENTS A four-year degree is not required to become a member of the Navy electronics community. There are some specific requirements that apply to electronics jobs in advanced programs such as SECF and NF. Contact a recruiter for details. A high school diploma or equivalent is required to become an Enlisted Sailor in the cryptology field in the Navy. Those seeking a Cryptologic Technician position must be U.S. citizens who can meet eligibility requirements for a Top Secret/Sensitive Compartmented Information security clearance. They should have an interest in advanced electronics and technology; exceptionally good character; good speaking, writing and record-keeping skills; a good working aptitude of math; and the capability to do highly detail-oriented, highly classified work. Specific qualifications vary depending upon specialization area within the field of cryptology. Contact a recruiter for details. General qualifications may vary depending upon whether you're currently serving, whether you've served before or whether you've never served before. If interested please contact us at 1- or email . This job requires an enlistment into the United States Navy. Category: Military , Keywords: Cryptologic Technician
05/11/2021
Full time
ABOUT Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signalsUtilizing computers, specialized computer-assisted communications equipment and video display terminalsServing as an important part of the Information Warfare Community in its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime RESPONSIBILITIES Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required)-and potentially both. Cryptologic Technician Interpretive (CTI) CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interestTranscribing, translating and interpreting foreign language materialsProviding cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT) CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipmentOperating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systemsProviding technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN) CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing informationProviding computer network risk mitigation and network vulnerability assessments and incident response/reconstructionProviding network target access tool developmentConducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM) CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systemsConfiguring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR) CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recordersExploiting signals of interest to identify, locate and report worldwide threatsProviding tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units.Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required)-and potentially both. WORK ENVIRONMENT Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare-generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams-ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). TRAINING AND ADVANCEMENT Upon completion of initial 7- to 9-week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA, to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI Training Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT Training Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. Promotion opportunities are regularly available but competitive and based on performance. It's also important to note that specialized training received and work experience gained in the course of service can lead to valuable credentialing and occupational opportunities in related fields. To learn more about the specific training path for any of the focus areas within the field of cryptology, locate a recruiter. Most of what you do in the Navy Reserve is considered training. The basic Navy Reserve commitment involves training a minimum of one weekend a month (referred to as drilling) and two weeks a year (referred to as Annual Training)-or the equivalent. CTs in the Navy Reserve serve in an Enlisted role. Before receiving the ongoing professional training that comes with the job, initial training requirements must be met. For current or former military Enlisted servicemembers: Prior experience satisfies the initial Recruit Training requirement-so you will not need to go through Boot Camp again. For those without prior military experience: You will need to meet the initial Recruit Training requirement by attending Boot Camp for 7-9 weeks in Great Lakes, IL. This training course will prepare you for service in the Navy Reserve and count as your first Annual Training. EDUCATION OPPORTUNITIES Beyond offering access to professional credentials and certifications, Navy technical and operational training in the field of intelligence can translate to credit hours toward a bachelor's or associate degree through the American Council on Education. You may also continue your education through opportunities like the following: Navy College Program and Tuition AssistancePost-9/11 GI Bill QUALIFICATIONS AND REQUIREMENTS A four-year degree is not required to become a member of the Navy electronics community. There are some specific requirements that apply to electronics jobs in advanced programs such as SECF and NF. Contact a recruiter for details. A high school diploma or equivalent is required to become an Enlisted Sailor in the cryptology field in the Navy. Those seeking a Cryptologic Technician position must be U.S. citizens who can meet eligibility requirements for a Top Secret/Sensitive Compartmented Information security clearance. They should have an interest in advanced electronics and technology; exceptionally good character; good speaking, writing and record-keeping skills; a good working aptitude of math; and the capability to do highly detail-oriented, highly classified work. Specific qualifications vary depending upon specialization area within the field of cryptology. Contact a recruiter for details. General qualifications may vary depending upon whether you're currently serving, whether you've served before or whether you've never served before. If interested please contact us at 1- or email . This job requires an enlistment into the United States Navy. Category: Military , Keywords: Cryptologic Technician
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
05/11/2021
Full time
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
Request Technology - Craig Johnson
Charlotte, North Carolina
*Position is bonus eligible* Prestigious Fortune 500 Company is currently seeking a Manager of Security Exploits and Penetration Testing. Candidate will be responsible for driving an offensive security program to holistically test systems and applications for vulnerabilities and demonstrate the impact to the business through exploitation. This person will lead a multi-national team of penetration testing engineers. This candidate will lead by forming strong partnerships within the organization and guide their team members by providing vision, strategy, and prioritization to identify vulnerabilities in the environment in a timely and effective manner. Responsibilities: Own and drive the penetration testing program strategy and management of third party testing services and/or bug bounty programs Be a champion for vulnerability services and information security including broadening awareness and use of the team's services, education of security best practices and integration with other business areas. Drive actionable metrics and reporting for operations and leadership transparency Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness Closely support and collaborate with other Cyber Security Operations teams Provide support on incidents and outages as necessary to enable effectiveness of the team and its operations Serve as subject matter expert related to penetration testing, secure development, and secure configuration Have the ability to understand and develop enterprise policy and technical standards with specific regard to secure development/deployment and vulnerability management Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities, and determine and implement mitigating controls. Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company. Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions. Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need. Providing mentorship, coaching, performance management and support to team members with regard to advanced offensive security techniques, vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development. Continuously develop and execute training exercises and Capture the Flag activities for Cyber Security Operations Center teams to increase technical skills and understanding of the attacker mindset Oversight of onboard and offboard resources Other duties as assigned. Qualifications: Bachelors and/or Masters Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field 5+ years experience in penetration testing, offensive security, red teaming Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations Familiar with industry standard security best practices and multiple techniques for penetration testing Advanced experience with multiple open source tools for security testing Excellent analytical and problem solving skills Ability to think clearly and make decisions under pressure Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources Experience working in very large enterprise environment with diverse teams. Experience guiding and coaching others in subject matter Excels at prioritizing work and other demands for self and team including making risk-based decisions about remediation recommendations Ability to define, communicate, and execute on a vision and strategy Effective written, verbal communication skills. Ability to tailor communication style to audience at hand Ability to effectively communicate with technical and non-technical resources Strong organizational skills Self-directed, works with minimal guidance, and recognizes when guidance needed Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing. Knowledge of PCI, HIPAA, ISO, NIST, and IT Controls CISSP, GPEN, GWAPT, GMOB, OSCP or other industry certification or expected completion of certification within 1 year of hire.
05/11/2021
Full time
*Position is bonus eligible* Prestigious Fortune 500 Company is currently seeking a Manager of Security Exploits and Penetration Testing. Candidate will be responsible for driving an offensive security program to holistically test systems and applications for vulnerabilities and demonstrate the impact to the business through exploitation. This person will lead a multi-national team of penetration testing engineers. This candidate will lead by forming strong partnerships within the organization and guide their team members by providing vision, strategy, and prioritization to identify vulnerabilities in the environment in a timely and effective manner. Responsibilities: Own and drive the penetration testing program strategy and management of third party testing services and/or bug bounty programs Be a champion for vulnerability services and information security including broadening awareness and use of the team's services, education of security best practices and integration with other business areas. Drive actionable metrics and reporting for operations and leadership transparency Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness Closely support and collaborate with other Cyber Security Operations teams Provide support on incidents and outages as necessary to enable effectiveness of the team and its operations Serve as subject matter expert related to penetration testing, secure development, and secure configuration Have the ability to understand and develop enterprise policy and technical standards with specific regard to secure development/deployment and vulnerability management Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities, and determine and implement mitigating controls. Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company. Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions. Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need. Providing mentorship, coaching, performance management and support to team members with regard to advanced offensive security techniques, vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development. Continuously develop and execute training exercises and Capture the Flag activities for Cyber Security Operations Center teams to increase technical skills and understanding of the attacker mindset Oversight of onboard and offboard resources Other duties as assigned. Qualifications: Bachelors and/or Masters Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field 5+ years experience in penetration testing, offensive security, red teaming Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations Familiar with industry standard security best practices and multiple techniques for penetration testing Advanced experience with multiple open source tools for security testing Excellent analytical and problem solving skills Ability to think clearly and make decisions under pressure Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources Experience working in very large enterprise environment with diverse teams. Experience guiding and coaching others in subject matter Excels at prioritizing work and other demands for self and team including making risk-based decisions about remediation recommendations Ability to define, communicate, and execute on a vision and strategy Effective written, verbal communication skills. Ability to tailor communication style to audience at hand Ability to effectively communicate with technical and non-technical resources Strong organizational skills Self-directed, works with minimal guidance, and recognizes when guidance needed Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing. Knowledge of PCI, HIPAA, ISO, NIST, and IT Controls CISSP, GPEN, GWAPT, GMOB, OSCP or other industry certification or expected completion of certification within 1 year of hire.
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
05/11/2021
Full time
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
Cybersecurity Engineer Lead Cybersecurity investigations and incidents; contain and eradicate Cybersecurity incidents. Implement and manage cloud, and network security capabilities including, but not limited to,endpoint protection, web filtering, vulnerability management, and incident detection and response. Perform strategic and tactical threat management, integrating threat data into vulnerability and risk management capabilities. Coordinate with IT Teams in identifying and remediating vulnerabilities. Partner with internal IT teams, Managed Security Service Providers (MSSP), Cloud Hosting Providers and other Managed Service Providers to provide Cybersecurity capabilities for a globally distributed workforce. Act as subject matter expert and provide consultative support on internal projects related to or involving cybersecurity; participate in secure system design and architecture, providing security requirements and recommendations. Manage annual penetration testing and cybersecurity audit commitments. Other duties as assigned. Qualifications: Minimum 5+yearsof experience in Information/Cyber Security or similar experience. Bachelor's degree in Computer Science, or related field of study. Security Certifications preferred (CISSP, CEH, CISA, CISM, GIAC, CRISC). Understanding of cybersecurity standards and frameworks. Hands-on experience in IaaS, PaaS, SaaS, including Identity and Access Management roles. Strong understanding of network security techniques, infrastructure threat modelling and secure design, and the OWASP Top Ten. Familiarity with various forms of encryption and hashing, and their appropriate use cases. Demonstrated knowledge of regulatory requirements (SOX, ISO, and FDA) preferred. Prior hands on experience with UEBA, EDR, ATP, DNS Filtering, PAM & EPM preferred. Excellent written and verbal communication skills. Ability to explain technical concepts to technical or non-technical personnel. Project ownership experience, specifically in gathering requirements, developing technical project scope, finding solutions, and reporting progress and challenges. Ability to independently prioritize multiple competing tasks. Ability to participate in occasional off-hours handling of security incidents. Must be able to work independently with minimal supervision. Availability to support off-hour critical security event
05/11/2021
Contractor
Cybersecurity Engineer Lead Cybersecurity investigations and incidents; contain and eradicate Cybersecurity incidents. Implement and manage cloud, and network security capabilities including, but not limited to,endpoint protection, web filtering, vulnerability management, and incident detection and response. Perform strategic and tactical threat management, integrating threat data into vulnerability and risk management capabilities. Coordinate with IT Teams in identifying and remediating vulnerabilities. Partner with internal IT teams, Managed Security Service Providers (MSSP), Cloud Hosting Providers and other Managed Service Providers to provide Cybersecurity capabilities for a globally distributed workforce. Act as subject matter expert and provide consultative support on internal projects related to or involving cybersecurity; participate in secure system design and architecture, providing security requirements and recommendations. Manage annual penetration testing and cybersecurity audit commitments. Other duties as assigned. Qualifications: Minimum 5+yearsof experience in Information/Cyber Security or similar experience. Bachelor's degree in Computer Science, or related field of study. Security Certifications preferred (CISSP, CEH, CISA, CISM, GIAC, CRISC). Understanding of cybersecurity standards and frameworks. Hands-on experience in IaaS, PaaS, SaaS, including Identity and Access Management roles. Strong understanding of network security techniques, infrastructure threat modelling and secure design, and the OWASP Top Ten. Familiarity with various forms of encryption and hashing, and their appropriate use cases. Demonstrated knowledge of regulatory requirements (SOX, ISO, and FDA) preferred. Prior hands on experience with UEBA, EDR, ATP, DNS Filtering, PAM & EPM preferred. Excellent written and verbal communication skills. Ability to explain technical concepts to technical or non-technical personnel. Project ownership experience, specifically in gathering requirements, developing technical project scope, finding solutions, and reporting progress and challenges. Ability to independently prioritize multiple competing tasks. Ability to participate in occasional off-hours handling of security incidents. Must be able to work independently with minimal supervision. Availability to support off-hour critical security event
A prestigious fortune 500 company is on the search for a Manager of Penetration Testing & Exploit Development. This person will manage 8 to 10 people onshore and offshore. They will drive penetration testing for applications and systems penetration testing. They will secure the development within the cloud and work with vulnerability management. Key Responsibilities Own and drive the penetration testing program strategy for the Company Family of Brands including management of third party testing services and/or bug bounty programs Be a champion for vulnerability services and information security including broadening awareness and use of the team's services, education of security best practices and integration with other business areas. Drive actionable metrics and reporting for operations and leadership transparency Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness Closely support and collaborate with other Cyber Security Operations teams Provide support on incidents and outages as necessary to enable effectiveness of the team and its operations Serve as subject matter expert related to penetration testing, secure development, and secure configuration Have the ability to understand and develop enterprise policy and technical standards with specific regard to secure development/deployment and vulnerability management Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities specific to Company's environment, and determine and implement mitigating controls. Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company. Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions. Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need. Providing mentorship, coaching, performance management and support to team members with regard to advanced offensive security techniques, vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development. Continuously develop and execute training exercises and Capture the Flag activities for Cyber Security Operations Center teams to increase technical skills and understanding of the attacker mindset Job Qualifications Bachelors and/or Masters Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field 5+ years experience in penetration testing, offensive security, red teaming Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations Familiar with industry standard security best practices and multiple techniques for penetration testing Advanced experience with multiple open source tools for security testing Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing. Knowledge of PCI, HIPAA, ISO, NIST, and IT Controls CISSP, GPEN, GWAPT, GMOB, OSCP or other industry certification or expected completion of certification within 1 year of hire.
05/10/2021
Full time
A prestigious fortune 500 company is on the search for a Manager of Penetration Testing & Exploit Development. This person will manage 8 to 10 people onshore and offshore. They will drive penetration testing for applications and systems penetration testing. They will secure the development within the cloud and work with vulnerability management. Key Responsibilities Own and drive the penetration testing program strategy for the Company Family of Brands including management of third party testing services and/or bug bounty programs Be a champion for vulnerability services and information security including broadening awareness and use of the team's services, education of security best practices and integration with other business areas. Drive actionable metrics and reporting for operations and leadership transparency Provide prompt attention and visibility into risks, vulnerabilities, and issues serving as an escalation path for team member effectiveness Closely support and collaborate with other Cyber Security Operations teams Provide support on incidents and outages as necessary to enable effectiveness of the team and its operations Serve as subject matter expert related to penetration testing, secure development, and secure configuration Have the ability to understand and develop enterprise policy and technical standards with specific regard to secure development/deployment and vulnerability management Be able to successfully partner with other security and IT professionals to assess potential impact from vulnerabilities specific to Company's environment, and determine and implement mitigating controls. Identify and recommend appropriate measures to manage and remediate vulnerabilities and reduce potential impacts on information resources to a level acceptable to the senior management of the company. Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner and within cloud solutions. Ability to fully understand business requirements and work with them to define appropriate solutions security objectives while meeting the business need. Providing mentorship, coaching, performance management and support to team members with regard to advanced offensive security techniques, vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development. Continuously develop and execute training exercises and Capture the Flag activities for Cyber Security Operations Center teams to increase technical skills and understanding of the attacker mindset Job Qualifications Bachelors and/or Masters Degree or equivalent experience in Information Security, Engineering, Computers Science, or related field 5+ years experience in penetration testing, offensive security, red teaming Drive to learn new things about vulnerability management, exploits, hacker techniques, and overall security operations Familiar with industry standard security best practices and multiple techniques for penetration testing Advanced experience with multiple open source tools for security testing Demonstrated ability to participate in cross functional teams, including offsite, remote and offshore resources Demonstrated ability to stay abreast securing evolving technology such as cloud and mobile computing. Knowledge of PCI, HIPAA, ISO, NIST, and IT Controls CISSP, GPEN, GWAPT, GMOB, OSCP or other industry certification or expected completion of certification within 1 year of hire.
As an experienced professional in our cybersecurity organization, you won't just be watching over our data - you'll be finding innovative new ways to protect it in the future. To do that, you'll be a part of a highly motivated team focused on analyzing, researching, and risk assessing, different techniques used to surface security vulnerabilities in the building blocks of application security in order to appropriately respond to Vulnerabilities potentially impacting JPMC. You'll use your skills to define how an open source vulnerability presents risk to JPMC, give guidance, advise on best practices to protect the firm and support our business and technology groups by helping explain the vulnerability & remediation recommendations. By taking the lead on vulnerabilities publically disclosed or otherwise identified, leading the incident response, completing risk reviews, documenting vulnerability assessments and analyze relevant threat intelligence. You'll participate in defining best practices, new policies and emerging trends to strengthen our ability to respond and solution in the best interested of the firm. As part of our global team of response analysts, research analyst and remediation leads, your work will have a critical impact on our company, as well as our clients and our business partners around the world.High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.This role requires a wide variety of strengths and capabilities, including: Bachelor's degree or equivalent experience Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies Previous experience with application frame works and relevant experience with open source vulnerabilities. Understand the building blocks of application security and different techniques used to surface security vulnerabilities at different stages of an application lifecycle such as design, development, deployment, upgrade, maintenance. Understand the set of security flaws commonly seen across different applications including but not limited to Cross Site scripting, SQL injection, Cross Site Request Forgery, etc. Intermediate knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design Intermediate knowledge of: cybersecurity activities associated with requirements analysis, risk analytics and modeling; risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment as a Vulnerability Management Response Analyst, you will work directly with all Line of Business App Teams, Subject matter experts, Production Management Teams, Product Owners, Senior Technology Management, and Risk and Control functions on: Defining each new vulnerability Work to define a CVSS score and initial risk to the firm Identifying the list of assets and/or application(s) at risk Document the vulnerability Provide a detailed write up on the risk and exposure Define the remediation activity if known Define the final firm wide vulnerability rating JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.Equal Opportunity Employer/Disability/Veterans
05/10/2021
Full time
As an experienced professional in our cybersecurity organization, you won't just be watching over our data - you'll be finding innovative new ways to protect it in the future. To do that, you'll be a part of a highly motivated team focused on analyzing, researching, and risk assessing, different techniques used to surface security vulnerabilities in the building blocks of application security in order to appropriately respond to Vulnerabilities potentially impacting JPMC. You'll use your skills to define how an open source vulnerability presents risk to JPMC, give guidance, advise on best practices to protect the firm and support our business and technology groups by helping explain the vulnerability & remediation recommendations. By taking the lead on vulnerabilities publically disclosed or otherwise identified, leading the incident response, completing risk reviews, documenting vulnerability assessments and analyze relevant threat intelligence. You'll participate in defining best practices, new policies and emerging trends to strengthen our ability to respond and solution in the best interested of the firm. As part of our global team of response analysts, research analyst and remediation leads, your work will have a critical impact on our company, as well as our clients and our business partners around the world.High Risk Roles (HRR) are sensitive roles within the technology organization that require high assurance of the integrity of staff by virtue of 1) sensitive cybersecurity and technology functions they perform within systems or 2) information they receive regarding sensitive cybersecurity or technology matters. Users in these roles are subject to enhanced pre-hire screening which includes both criminal and credit background checks (as allowed by law). The enhanced screening will need to be successfully completed prior to commencing employment or assignment.This role requires a wide variety of strengths and capabilities, including: Bachelor's degree or equivalent experience Excellent command of cybersecurity organization practices, operations risk management processes, principles, architectural requirements, engineering threats and vulnerabilities, including incident response methodologies Previous experience with application frame works and relevant experience with open source vulnerabilities. Understand the building blocks of application security and different techniques used to surface security vulnerabilities at different stages of an application lifecycle such as design, development, deployment, upgrade, maintenance. Understand the set of security flaws commonly seen across different applications including but not limited to Cross Site scripting, SQL injection, Cross Site Request Forgery, etc. Intermediate knowledge of: cloud computing, computer network defense, external organizations and academic institutions dealing with cybersecurity issues, financial authorities and regulations, identity management, incident management, information assurance, information management, information systems and network security and infrastructure design Intermediate knowledge of: cybersecurity activities associated with requirements analysis, risk analytics and modeling; risk management; emerging issues, risks, vulnerabilities and technologies; and vulnerability assessment as a Vulnerability Management Response Analyst, you will work directly with all Line of Business App Teams, Subject matter experts, Production Management Teams, Product Owners, Senior Technology Management, and Risk and Control functions on: Defining each new vulnerability Work to define a CVSS score and initial risk to the firm Identifying the list of assets and/or application(s) at risk Document the vulnerability Provide a detailed write up on the risk and exposure Define the remediation activity if known Define the final firm wide vulnerability rating JPMorgan Chase & Co., one of the oldest financial institutions, offers innovative financial solutions to millions of consumers, small businesses and many of the world's most prominent corporate, institutional and government clients under the J.P. Morgan and Chase brands. Our history spans over 200 years and today we are a leader in investment banking, consumer and small business banking, commercial banking, financial transaction processing and asset management.We recognize that our people are our strength and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company. We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. In accordance with applicable law, we make reasonable accommodations for applicants' and employees' religious practices and beliefs, as well as any mental health or physical disability needs.Equal Opportunity Employer/Disability/Veterans
Required Security Clearance: Top Secret/SCI City: Norfolk State/Territory: Virginia Travel: None Potential for Teleworking: No Schedule: Full Time DoD 8570 IAT Requirement: IAT II (Security+, CySA+, CCNA Security, GICSP, GSEC, SSCP) DoD 8570 IAM Requirement: None DoD 8570 IASAE Requirement: IASAE II (CASP+, CISSP (or Associate), CSSLP) DoD CSSP Requirement: None Functional Duties Manages the functionality and efficiency of a group of computers running on one or more operating systems. Maintain the functionality, efficiency, and sustainment of an Insider Threat Cyber System Administrator system service accounts Assist in the planning and execution of system enhancements and upgrades Run scripts against agents not responding Assist with implementing patches Assist in the development of documentation Participate in special projects as required Maintain current knowledge of relevant technology as assigned May provide technical OJT training and guidance to less experienced team members May serve as liaison with clients, participating in meetings to ensure client needs are met May provide leadership to less-experienced team members Maintains the integrity and security of Linux servers Creates programmatic documentation, standard operating procedures and granular process checklists. Maintains system documentation Develops and monitor policies and standards for allocation related to the use of computing resources Desired Skills Experience with administrating Linux operating systems. Experience with patching Windows clients Experience with SCCM Experience with deploying scripts Experience with powershell or cmd prompt Standard Characteristics Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies Validate and verify system security requirements definitions and analysis and establishes system security designs Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements Build IA into systems deployed to operational environments Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions Support the building of security architectures Enforce the design and implementation of trusted relations among external systems and architectures Assess and mitigate system security threats/risks throughout the program life cycle Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems Apply system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing. Skills and Tasks Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks. Leadership/Management May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues. Guidance Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion. Training and Certifications DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order. Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order. Capabilities and additional Requirements In addition to Standard Characteristics of Labor Category, advocate and recommend system-level solutions to resolve security requirements. Monitors and suggests improvement to IA policy. Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives. Provide the Government assistance to ensure that the architecture and design of information systems are functional and secure, including program of record systems and special purpose environments with platform IT interconnectivity. Provide expert guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments. Education and Experience HS/GED + 12 years Associates Degree + 10 years Bachelor's Degree + 8 years Master's Degree + 6 years PhD + 4 years
05/09/2021
Full time
Required Security Clearance: Top Secret/SCI City: Norfolk State/Territory: Virginia Travel: None Potential for Teleworking: No Schedule: Full Time DoD 8570 IAT Requirement: IAT II (Security+, CySA+, CCNA Security, GICSP, GSEC, SSCP) DoD 8570 IAM Requirement: None DoD 8570 IASAE Requirement: IASAE II (CASP+, CISSP (or Associate), CSSLP) DoD CSSP Requirement: None Functional Duties Manages the functionality and efficiency of a group of computers running on one or more operating systems. Maintain the functionality, efficiency, and sustainment of an Insider Threat Cyber System Administrator system service accounts Assist in the planning and execution of system enhancements and upgrades Run scripts against agents not responding Assist with implementing patches Assist in the development of documentation Participate in special projects as required Maintain current knowledge of relevant technology as assigned May provide technical OJT training and guidance to less experienced team members May serve as liaison with clients, participating in meetings to ensure client needs are met May provide leadership to less-experienced team members Maintains the integrity and security of Linux servers Creates programmatic documentation, standard operating procedures and granular process checklists. Maintains system documentation Develops and monitor policies and standards for allocation related to the use of computing resources Desired Skills Experience with administrating Linux operating systems. Experience with patching Windows clients Experience with SCCM Experience with deploying scripts Experience with powershell or cmd prompt Standard Characteristics Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies Validate and verify system security requirements definitions and analysis and establishes system security designs Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements Build IA into systems deployed to operational environments Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions Support the building of security architectures Enforce the design and implementation of trusted relations among external systems and architectures Assess and mitigate system security threats/risks throughout the program life cycle Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems Apply system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing. Skills and Tasks Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks. Leadership/Management May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues. Guidance Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion. Training and Certifications DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order. Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order. Capabilities and additional Requirements In addition to Standard Characteristics of Labor Category, advocate and recommend system-level solutions to resolve security requirements. Monitors and suggests improvement to IA policy. Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives. Provide the Government assistance to ensure that the architecture and design of information systems are functional and secure, including program of record systems and special purpose environments with platform IT interconnectivity. Provide expert guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments. Education and Experience HS/GED + 12 years Associates Degree + 10 years Bachelor's Degree + 8 years Master's Degree + 6 years PhD + 4 years
Required Security Clearance: Top Secret/SCI City: Reston State/Territory: Virginia Travel: None Potential for Teleworking: No Schedule: Full Time DoD 8570 IAT Requirement: IAT II (Security+, CySA+, CCNA Security, GICSP, GSEC, SSCP) DoD 8570 IAM Requirement: None DoD 8570 IASAE Requirement: None DoD CSSP Requirement: CSSP Infrastructure Support (CySA+, CEH, GICSP, SSCP) Responsible for strengthening the defensive posture and cyber defense operational readiness of an IT Enterprise our Enterprise Cyber Network Defense (ECND) program defends and protects Government assets from external Cyber Security attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities. Functional Duties Manage the functionality and efficiency of Cyber systems Apply Project Management and system security engineering expertise in the architecture system security design process; engineering life cycle; system integration; risk management; contingency planning; incident handling; configuration control; change management; security testing; and certification and accreditation process Validate and verify system security requirements definitions and analysis and establishes system security designs using Cyber Risk Management and Compliance Automation (XACTA) and the Risk Management Framework (RFM) to achieve Authorization to Operate (ATO) Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content Support system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational CND systems Standard Characteristics Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies Validate and verify system security requirements definitions and analysis and establishes system security designs Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements Build IA into systems deployed to operational environments Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions Support the building of security architectures Enforce the design and implementation of trusted relations among external systems and architectures Assess and mitigate system security threats/risks throughout the program life cycle Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems Apply system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing. Skills and Tasks Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks. Leadership/Management May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues. Guidance Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion. Training and Certifications DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order. Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order. Capabilities and additional Requirements In addition to Standard Characteristics of Labor Category, advocate and recommend system-level solutions to resolve security requirements. Monitors and suggests improvement to IA policy. Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives. Provide the Government assistance to ensure that the architecture and design of information systems are functional and secure, including program of record systems and special purpose environments with platform IT interconnectivity. Provide expert guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments. Education and Experience HS/GED + 12 years Associates Degree + 10 years Bachelor's Degree + 8 years Master's Degree + 6 years PhD + 4 years
05/09/2021
Full time
Required Security Clearance: Top Secret/SCI City: Reston State/Territory: Virginia Travel: None Potential for Teleworking: No Schedule: Full Time DoD 8570 IAT Requirement: IAT II (Security+, CySA+, CCNA Security, GICSP, GSEC, SSCP) DoD 8570 IAM Requirement: None DoD 8570 IASAE Requirement: None DoD CSSP Requirement: CSSP Infrastructure Support (CySA+, CEH, GICSP, SSCP) Responsible for strengthening the defensive posture and cyber defense operational readiness of an IT Enterprise our Enterprise Cyber Network Defense (ECND) program defends and protects Government assets from external Cyber Security attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities. Functional Duties Manage the functionality and efficiency of Cyber systems Apply Project Management and system security engineering expertise in the architecture system security design process; engineering life cycle; system integration; risk management; contingency planning; incident handling; configuration control; change management; security testing; and certification and accreditation process Validate and verify system security requirements definitions and analysis and establishes system security designs using Cyber Risk Management and Compliance Automation (XACTA) and the Risk Management Framework (RFM) to achieve Authorization to Operate (ATO) Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content Support system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational CND systems Standard Characteristics Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies Validate and verify system security requirements definitions and analysis and establishes system security designs Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements Build IA into systems deployed to operational environments Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions Support the building of security architectures Enforce the design and implementation of trusted relations among external systems and architectures Assess and mitigate system security threats/risks throughout the program life cycle Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content Perform system installation, configuration maintenance, account maintenance, signature maintenance, patch management, and troubleshooting of operational IA and CND systems Apply system security engineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing. Skills and Tasks Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks. Leadership/Management May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues. Guidance Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion. Training and Certifications DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order. Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order. Capabilities and additional Requirements In addition to Standard Characteristics of Labor Category, advocate and recommend system-level solutions to resolve security requirements. Monitors and suggests improvement to IA policy. Interact with customers, IT staff, and high-level corporate officers to define and achieve required IA objectives. Provide the Government assistance to ensure that the architecture and design of information systems are functional and secure, including program of record systems and special purpose environments with platform IT interconnectivity. Provide expert guidance and work product evaluation to one or more security engineers that support Engineering teams for the design, development, implementation, evaluation, and/or integration of secure networking, computing, and enclave environments. Education and Experience HS/GED + 12 years Associates Degree + 10 years Bachelor's Degree + 8 years Master's Degree + 6 years PhD + 4 years
Responsibilities Provide consulting for the design, development, and deployment of ongoing assessments, authorizations, and other Information Assurance (IA) initiatives Prepares documentation from information obtained using accepted guidelines (e.g., ATO, RMF). Assess secure development approaches, requirements, and evaluating existing solutions and providing strategic direction towards enhancements Designs, develops and implements security requirements and contingency plans. Conducts security program audits and develops solutions to lessen identified risks Provide continuous monitoring to enforce client security policy and procedures and create processes that will provide increased visibility to system owners on impacts to the security posture Ensure system security measures comply with applicable government policies Monitor configuration management changes and assess the impact of modifications and vulnerabilities for each system Ensure that system security requirements are addressed throughout the system lifecycle Ensure effective controls and processes are in place to maintain a strong system security posture. Evaluates, develops tests, integrates, and enhances security requirements, policy and tools. Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities and to develop risk mitigation strategies. Develop, maintain, and facilitate the appropriate closure and remediation of POA&Ms Understand Cloud security and related application security controls. Manage the day to day functions of the Risk Assessment Program. Perform technical testing of controls for assurance and validation of IT asset compliance. Assist security team with remediation planning for current and future security vulnerabilities and ensure identified gaps have been appropriately addressed to mitigate or transfer risks. Ability to communicate with and relate to all levels of management, and technical/non-technical audiences as required. Qualifications Requires 8 to 10 years in InfoSec with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD. Active Top Secret clearance required BS in Information Technology or Information Security desired DoD 8570 IAT Level II certification (s) (i.e., CISSP, CISM) Experience with Cloud implementations and environments Extensive knowledge and experience with information security standards, policies and practices - NIST SP 800-53 rev4, SP 800-37 rev2, FIPS-199, NIST 800-171 Excellent writing, documentation, and interpersonal communication skills Demonstrated experience writing information system security documentation (System Security Plans (SSP), Plans of Action and Milestones (POA&Ms). Experience using vulnerability assessment tools (NESSUS, ACAS) and analyzing results Experience using eMASS. Experience designing, developing, implementing, and enforcing security requirements. Expertise preparing Security Test and Evaluation plans. Experience developing security plans and contingency plans. Familiar with developing, testing, configuring, and integrating security tools. Skilled in conducting security audits and developing mitigations to identified risks. Has conducted vulnerability assessments ACAS, EMASS, RMF Process, STIG Scans, IA Requirements About Peraton Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can't be done, solving the most daunting challenges facing our customers. We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law. As a government contractor, Peraton abides by the following provision Pay Transparency Nondiscrimination Provision The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c).
05/09/2021
Full time
Responsibilities Provide consulting for the design, development, and deployment of ongoing assessments, authorizations, and other Information Assurance (IA) initiatives Prepares documentation from information obtained using accepted guidelines (e.g., ATO, RMF). Assess secure development approaches, requirements, and evaluating existing solutions and providing strategic direction towards enhancements Designs, develops and implements security requirements and contingency plans. Conducts security program audits and develops solutions to lessen identified risks Provide continuous monitoring to enforce client security policy and procedures and create processes that will provide increased visibility to system owners on impacts to the security posture Ensure system security measures comply with applicable government policies Monitor configuration management changes and assess the impact of modifications and vulnerabilities for each system Ensure that system security requirements are addressed throughout the system lifecycle Ensure effective controls and processes are in place to maintain a strong system security posture. Evaluates, develops tests, integrates, and enhances security requirements, policy and tools. Perform vulnerability/risk assessment analyses to support Assessment & Authorization (A&A) activities and to develop risk mitigation strategies. Develop, maintain, and facilitate the appropriate closure and remediation of POA&Ms Understand Cloud security and related application security controls. Manage the day to day functions of the Risk Assessment Program. Perform technical testing of controls for assurance and validation of IT asset compliance. Assist security team with remediation planning for current and future security vulnerabilities and ensure identified gaps have been appropriately addressed to mitigate or transfer risks. Ability to communicate with and relate to all levels of management, and technical/non-technical audiences as required. Qualifications Requires 8 to 10 years in InfoSec with BS/BA or 6 to 8 years with MS/MA or 3 to 5 years with PhD. Active Top Secret clearance required BS in Information Technology or Information Security desired DoD 8570 IAT Level II certification (s) (i.e., CISSP, CISM) Experience with Cloud implementations and environments Extensive knowledge and experience with information security standards, policies and practices - NIST SP 800-53 rev4, SP 800-37 rev2, FIPS-199, NIST 800-171 Excellent writing, documentation, and interpersonal communication skills Demonstrated experience writing information system security documentation (System Security Plans (SSP), Plans of Action and Milestones (POA&Ms). Experience using vulnerability assessment tools (NESSUS, ACAS) and analyzing results Experience using eMASS. Experience designing, developing, implementing, and enforcing security requirements. Expertise preparing Security Test and Evaluation plans. Experience developing security plans and contingency plans. Familiar with developing, testing, configuring, and integrating security tools. Skilled in conducting security audits and developing mitigations to identified risks. Has conducted vulnerability assessments ACAS, EMASS, RMF Process, STIG Scans, IA Requirements About Peraton Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can't be done, solving the most daunting challenges facing our customers. We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law. As a government contractor, Peraton abides by the following provision Pay Transparency Nondiscrimination Provision The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c).
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
05/08/2021
Full time
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
05/07/2021
Full time
About Enlisted Sailors in the Navy Cryptology community analyze encrypted electronic communications, jam enemy radar signals, decipher information in foreign languages and maintain state-of-the-art equipment and networks used to generate top secret intel. Their other responsibilities include: Collecting, analyzing and reporting on communication signals Utilizing computers, specialized computer-assisted communications equipment and video display terminals Serving as an important part of the Information Warfare Communityin its mission to gain a deep understanding of the inner workings of adversaries and develop unmatched knowledge of the battlespace during wartime What to Expect Cryptologic Technician Interpretive Cryptologic Technician Technical Cryptologic Technician Networks Cryptologic Technician Maintenance Cryptologic Technician Collection Previous Next More Information Full time Part time Responsibilities Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Within Navy Cryptology, there are distinct focus areas that have their own training paths and job descriptions. Each CT role works under the oversight of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required) - and potentially both. Cryptologic Technician Interpretive (CTI)- CTIs serve as experts in linguistics (including Arabic, Chinese, Korean, Persian-Farsi, Russian and Spanish) and deciphering information in other languages. Their responsibilities include: Collecting, analyzing and exploiting foreign language communications of interest Transcribing, translating and interpreting foreign language materials Providing cultural and regional guidance in support of Navy, Joint Force, national and multinational needs Cryptologic Technician Technical (CTT)- CTTs serve as experts in airborne, shipborne and land-based radar signals. Their responsibilities include: Operating electronic intelligence-receiving and direction-finding systems, digital recording devices, analysis terminals, and associated computer equipment Operating systems that produce high-power jamming signals used to deceive electronic sensors and defeat radar-guided weapons systems Providing technical and tactical guidance in support of surface, subsurface, air and special warfare operations Cryptologic Technician Networks (CTN)- CTNs serve as experts in communication network defense and forensics. Their responsibilities include: Monitoring, identifying, collecting and analyzing information Providing computer network risk mitigation and network vulnerability assessments and incident response/reconstruction Providing network target access tool development Conducting computer network operations worldwide in support of Navy and Department of Defense missions Cryptologic Technician Maintenance (CTM)- CTMs serve as experts in the preventive and corrective maintenance of sophisticated cryptologic equipment, networks and systems. Their responsibilities include: Installing, testing, troubleshooting, repairing or replacing cryptologic networks, physical security systems, electronic equipment, antennas, personal computers, auxiliary equipment, digital and optical interfaces, and data systems Configuring, monitoring and evaluating Information Operations (IO), Information Warfare (IW) systems and Information Assurance (IA) operations Cryptologic Technician Collection (CTR)- CTRs serve as experts in intercepting signals. Their responsibilities include: Analyzing and reporting on communication signals using computers, specialized computer-assisted communications equipment, video display terminals and electronic/magnetic tape recorders Exploiting signals of interest to identify, locate and report worldwide threats Providing tactical and strategic signals intelligence, technical guidance, and information warfare support to surface, subsurface, air and special warfare units. Work Environment Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands; aboard surface ships, aircraft and submarines; and with Naval Special Warfare - generally dividing time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Information Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Cryptologic Technicians perform a variety of duties worldwide, at numerous overseas and stateside shore commands, aboard surface ships, aircraft and submarines, and with Naval Special Warfare. They generally divide time between assignments ashore and afloat. Duties could be performed in an office setting, lab-type setting, specialized maintenance shop, secure space or watch environment. As a CT, you may work independently or as part of small, coordinated teams - ultimately under the supervision of Cryptologic Warfare Officers (four-year degree required) or Cyber Warfare Engineers (four-year degree required). Training & Advancement Upon completion of initial 7-9 week Recruit Training (known as Boot Camp), those pursuing a Cryptologic Technician role report to either Pensacola, FL, or Monterey, CA,to receive formal Navy schooling in their specialty area within the field of cryptology. This consists of technical "A" School and possibly advanced "C" School or "F" School. CTI training- Class "A" School is broken into two phases. Phase One takes place at the Defense Language Institute, Monterey, Calif., and is anywhere from 27 to 64 weeks long. Phase Two is 12 weeks long. Class "F" School is conducted at the Regional Center for Excellence in Monterey, CA. CTT training- Class "A" School is approximately 17 weeks long. After "A" school, some CTTs will attend a Class "C" School that is approximately 26 weeks in duration. The schools are located in Pensacola, FL. CTN training- Class "A" School is 26 weeks long and located in Pensacola, FL. CTM training- Class "A" School is approximately 10 weeks in duration and located in Pensacola, FL. CTR training- Class "A" School is approximately 22 weeks long. The school is located in Pensacola, FL. ..... click apply for full job details
Title: Network Security EngineerDepartment: Production OperationsLocation: Broomall, PAAbout Aria SystemsAria provides a cloud-based monetization platform for subscription- and usage-based businesses. Aria removes billing bottlenecks and allows companies to rapidly introduce and evolve their offerings, bundles, and promotions.Innovative companies, like VMWare, Walmart, Allstate, Comcast, Philips, and Telstra depend on Aria for agility to accelerate their time to revenue, maximize customer value, and ultimately grow their business. We are looking for talented, passionate people with strong track records and relevant expertise to help us achieve our goals. We are a fast-moving startup that offers a dynamic working environment with a collaborative culture, where you and your peers can learn from each other, and where you can make visible contributions that benefit our world-class customers and partners.Department OverviewArias Production Operations team consists of Systems, Application, and Database Administrators. The team works primarily out of Broomall, PA, with a NOC and remote team members working in India. This team operates in a 24x7 environment, supporting Aria production and development systems. All SAs and DBAs participate in a rotating on-call schedule as appropriate.Position SummaryThis role will require senior-level network experience but will not include management of personnel. The position reports to the Lead of Information Security. Role must be available during critical site issues.Responsibilities The candidate will be expected to work at the highest level of networking and all phases of security which include configuration management, log management, and vulnerability management. Provides functional leadership in the areas of analysis, documentation, testing, implementation, maintenance and support for highly complex security operations and processes. Directly responsible for security projects or sub-projects of significant technical complexity.The job entails providing support to the production environment, staging, QA, Development and ensuring that the right security policies and practices are implemented and enforced within the network infrastructure.Required Qualifications Successful candidate will possess at least 6-9 years of network management administration with a passionate focus on enabling a secure and highly resilient always available infrastructure. Strong working background with Palo Alto Next Generation firewalls and its central management console. Strong working background in AWS networking & security (VPC, Route tables, subnets ACLs, security groups). Strong working knowledge of Citrix Load Balancer and Web Application Firewall. Strong working knowledge of security tools like AV, SIEM, FIM, VPN, IDS/IPS. Assist with penetration testing and monthly vulnerability scans. Ability to mitigate scan findings. Develop network standards for all devices and ensure they are properly maintained. Manage and maintain all network diagrams and inventory. Ensure all network and security applications are patched current. Good team player, self-confident, motivated, and independent.Preferred Qualifications Bachelor's degree in Computer Science or Information Systems (or comparable experience) Candidates with experience in environments that require continual security and compliance audits is desired. Support for security audits and mitigation of findings Worked with offshore SOC support teams Has implemented advanced security protocols in SaaS environments Strong attention to detail and proper planning Ability to stay calm while multi-tasking and working under pressure in a fast-paced environmentAria CultureAria Systems fosters a flexible, rewarding, and close-knit work environment while encouraging innovation and self-direction. As a startup we expect all of our employees to share our strong sense of urgency, ability to learn and master new technologies quickly, and willingness to adapt to rapidly changing priorities. In return Aria offers competitive salaries and benefits, attractive stock options, and a flexible, informal work environment.Apply for this position directly on our website at Systems is an AA/EEO employer that actively pursues and hires a diverse workforce.Please, no phone calls. Principals only; recruiters please do not respond to this ad.
05/06/2021
Full time
Title: Network Security EngineerDepartment: Production OperationsLocation: Broomall, PAAbout Aria SystemsAria provides a cloud-based monetization platform for subscription- and usage-based businesses. Aria removes billing bottlenecks and allows companies to rapidly introduce and evolve their offerings, bundles, and promotions.Innovative companies, like VMWare, Walmart, Allstate, Comcast, Philips, and Telstra depend on Aria for agility to accelerate their time to revenue, maximize customer value, and ultimately grow their business. We are looking for talented, passionate people with strong track records and relevant expertise to help us achieve our goals. We are a fast-moving startup that offers a dynamic working environment with a collaborative culture, where you and your peers can learn from each other, and where you can make visible contributions that benefit our world-class customers and partners.Department OverviewArias Production Operations team consists of Systems, Application, and Database Administrators. The team works primarily out of Broomall, PA, with a NOC and remote team members working in India. This team operates in a 24x7 environment, supporting Aria production and development systems. All SAs and DBAs participate in a rotating on-call schedule as appropriate.Position SummaryThis role will require senior-level network experience but will not include management of personnel. The position reports to the Lead of Information Security. Role must be available during critical site issues.Responsibilities The candidate will be expected to work at the highest level of networking and all phases of security which include configuration management, log management, and vulnerability management. Provides functional leadership in the areas of analysis, documentation, testing, implementation, maintenance and support for highly complex security operations and processes. Directly responsible for security projects or sub-projects of significant technical complexity.The job entails providing support to the production environment, staging, QA, Development and ensuring that the right security policies and practices are implemented and enforced within the network infrastructure.Required Qualifications Successful candidate will possess at least 6-9 years of network management administration with a passionate focus on enabling a secure and highly resilient always available infrastructure. Strong working background with Palo Alto Next Generation firewalls and its central management console. Strong working background in AWS networking & security (VPC, Route tables, subnets ACLs, security groups). Strong working knowledge of Citrix Load Balancer and Web Application Firewall. Strong working knowledge of security tools like AV, SIEM, FIM, VPN, IDS/IPS. Assist with penetration testing and monthly vulnerability scans. Ability to mitigate scan findings. Develop network standards for all devices and ensure they are properly maintained. Manage and maintain all network diagrams and inventory. Ensure all network and security applications are patched current. Good team player, self-confident, motivated, and independent.Preferred Qualifications Bachelor's degree in Computer Science or Information Systems (or comparable experience) Candidates with experience in environments that require continual security and compliance audits is desired. Support for security audits and mitigation of findings Worked with offshore SOC support teams Has implemented advanced security protocols in SaaS environments Strong attention to detail and proper planning Ability to stay calm while multi-tasking and working under pressure in a fast-paced environmentAria CultureAria Systems fosters a flexible, rewarding, and close-knit work environment while encouraging innovation and self-direction. As a startup we expect all of our employees to share our strong sense of urgency, ability to learn and master new technologies quickly, and willingness to adapt to rapidly changing priorities. In return Aria offers competitive salaries and benefits, attractive stock options, and a flexible, informal work environment.Apply for this position directly on our website at Systems is an AA/EEO employer that actively pursues and hires a diverse workforce.Please, no phone calls. Principals only; recruiters please do not respond to this ad.
Overview: The Network Engineer will monitor existing network infrastructure and ensure proper operation of all network equipment including, installing, managing, maintaining and troubleshooting data network systems, including GigE, switching, hubs, routing protocols and protocol analyzers. Responsibilities: Identify, troubleshoot and repair complex network problems. Provide Information Assurance (IA) support to ensure all network specific hardware meets standard configurations guidelines per DoD Security Technical Implementation Guides (STIGs) and receive all Information Assurance Vulnerability Alert (IAVA) security updates. Update and maintain network architecture diagram and provide technical assistance for the DoD Risk Management Framework (RMF) accreditations. Coordinate and work closely with customer resources and configuration managers to manage and implement any changes to the architecture and monitor and troubleshoot communication issues. Perform surveys, analyst and evaluate the performance and functionality of the customer backbone infrastructure; provide recommendations on improving performance and functionality. Rapidly detect and resolve component and system failures and errors; operate and maintain the network and systems; install and replace network software and hardware; manage and administrator IDs, password and user profiles; and perform maintenance, including following power-off procedures to protect the system during emergency situations. This position will require occasional after hours, on-call support. Other duties as assigned Qualifications: High school diploma or GED equivalent 5+ years of Network Administration/Engineering or related experience required. DoD 8570 IAT II Certified. TS/SCI clearance required. Knowledge, Skills and Abilities: Must have advanced working knowledge of a variety of computer software applications in word processing, spreadsheets, database (MSWord, Excel, Access, PowerPoint), and Outlook Strong technical knowledge of current network hardware, protocols and standards and strong technical knowledge of telecommunications and networks devices Ability to properly apply STIGS as needed Ability to understand IAVAs and remediate issues as needed #Chenega Decision Sciences, LLC
05/05/2021
Full time
Overview: The Network Engineer will monitor existing network infrastructure and ensure proper operation of all network equipment including, installing, managing, maintaining and troubleshooting data network systems, including GigE, switching, hubs, routing protocols and protocol analyzers. Responsibilities: Identify, troubleshoot and repair complex network problems. Provide Information Assurance (IA) support to ensure all network specific hardware meets standard configurations guidelines per DoD Security Technical Implementation Guides (STIGs) and receive all Information Assurance Vulnerability Alert (IAVA) security updates. Update and maintain network architecture diagram and provide technical assistance for the DoD Risk Management Framework (RMF) accreditations. Coordinate and work closely with customer resources and configuration managers to manage and implement any changes to the architecture and monitor and troubleshoot communication issues. Perform surveys, analyst and evaluate the performance and functionality of the customer backbone infrastructure; provide recommendations on improving performance and functionality. Rapidly detect and resolve component and system failures and errors; operate and maintain the network and systems; install and replace network software and hardware; manage and administrator IDs, password and user profiles; and perform maintenance, including following power-off procedures to protect the system during emergency situations. This position will require occasional after hours, on-call support. Other duties as assigned Qualifications: High school diploma or GED equivalent 5+ years of Network Administration/Engineering or related experience required. DoD 8570 IAT II Certified. TS/SCI clearance required. Knowledge, Skills and Abilities: Must have advanced working knowledge of a variety of computer software applications in word processing, spreadsheets, database (MSWord, Excel, Access, PowerPoint), and Outlook Strong technical knowledge of current network hardware, protocols and standards and strong technical knowledge of telecommunications and networks devices Ability to properly apply STIGS as needed Ability to understand IAVAs and remediate issues as needed #Chenega Decision Sciences, LLC
Description At Exelon, we've got a place for you! Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce. Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits. Join Exelon and share your passion at a forward-thinking Fortune 100 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow. Energize your career at Exelon! Telecommuting is acceptable for this open position PRIMARY PURPOSE OF POSITION: The Cyber Security Engineer (CSE) will execute the highly technical, tactical elements of the Security Architects' (and overall CISS) cyber security strategy, eliminating a functional cyber security capability gap while providing pro-active cyber security risk management. The CSE will act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT/OT teams to effectively communicate and assist in architecting and implementing effective security solutions. The CSE will also assist with vulnerability mitigation, incident remediation, and will help manage change requests in support of cyber vulnerability remediation efforts. The CSE will ensure the implementation of system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation, and will perform security reviews to identify gaps in security architecture. The CSE will assist in the development of appropriate security risk management plans. PRIMARY DUTIES AND ACCOUNTABILITIES: Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: - Provide cybersecurity guidance to leadership - Work with stakeholders to resolve computer security incidents and vulnerability compliance - Provide input to implementation plans and standard operating procedures as they relate to information systems security - Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications Work closely with technical teams to implement effective security configurations/requirements, including: - Verify minimum security requirements are in place for all applications - Ensure application of security patches for commercial/custom products integrated into system design - Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed - Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leadership - Verify and update security documentation reflecting the application/system security design features - Verify minimum security requirements are in place for all applications Work closely with the Vulnerability Management and application teams to ensure secure transition of applications into production. Assist with vulnerability mitigation, incident remediation, and associated change management activities. POSITION SCOPE: The Cyber Security Engineer (CSE) will work closely (and primarily) with Cloud and Infrastructure Operations/Engineering and Utility IT OT clients to implement effective security configurations and requirements; provide analytical and technical security recommendations to other team members, technical teams, and business clients; act as a senior technical lead for all Exelon security remediation efforts; meet with Exelon business clients and management to help specify and negotiate application security requirements; work closely with Exelon application teams to ensure secure transition of applications into production; develop technology to automate cyber security monitoring, logging, and compliance with CISS standards; actively participate in relevant industry cyber security workgroups and forums; act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT/OT teams to effectively communicate and assist in architecting and implementing effective security solutions; develop documentation to support ongoing security systems operations, maintenance, and problem resolution; mitigate vulnerabilities, remediate incidents, and affect change requests in support of cyber vulnerability remediation efforts; work closely with the Security Policy and Risk Office to assist with the identification, analysis, and remediation of Exelon cyber security risk. Qualifications POSITION SPECIFICATIONS: - Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 or more years of solid, diverse experience in cyber security vulnerability assessments, or equivalent combination of education and work experience. At least 5-8 years of demonstrable security engineering or related experience, including: - Knowledge of encryption algorithms - Knowledge of cryptology - Knowledge of database systems - Knowledge of embedded systems - Knowledge of how system components are installed, integrated, and optimized - Knowledge of human-computer interaction principles - Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) - Knowledge of operating systems - Knowledge of IT and OT security principles and methods, such as firewalls, demilitarized zones, and encryption - Skill in evaluating the adequacy of security designs - Knowledge of the systems engineering process - Knowledge of network access, identity, and access management - Comprehensive understanding of change management techniques associated with new technology implementation. - Demonstrated experience producing an economic business case. - Demonstrated leadership ability. - Proven analytical, problem solving, and consulting skills. - Excellent communication skills and the proven ability to work effectively with all levels of IT/OT and business management. Preferred: - Graduate degree in cyber security or related area of expertise. - Relevant security certifications (CISSP, GIAC, MCSE, RHCE, CCNP, CCSP) Demonstrable, hands-on expertise in the following technical disciplines: - Operating Systems (Microsoft, Linux, UNIX) - Networking (Cisco, Checkpoint, Alcatel Lucent, Gigamon, RuggedCom) - Mobility (IOS, Android, MDM, BYOD) - Cryptography (PKI, lifecycle management, symmetric) - Network Security Engineering (secure network design, IDS/IPS, monitoring, firewalls) - Virtualization (VMware, HyperV) - Remote Access Methods (VPN, Citrix, MFA) - ICS / SCADA System Security (design, controls) - Demonstrable understanding of the 10 functional domains of security - A strong technical understanding of scripting languages (Perl, Powershell), as well as strong proficiency in Python, Ruby, or Java - Demonstrable experience with Industrial Control Systems, SCADA environments, and utility methods and practices for operational technologies and service delivery - Strong understanding of enterprise, network, system, and application level security engineering principles - Demonstrable understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks - Demonstrable understanding of system hardening processes, tools, guidelines, and benchmarks Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law. VEVRAA Federal Contractor EEO is the Law Poster
05/05/2021
Description At Exelon, we've got a place for you! Join the nation's leading competitive energy provider, with one of the largest electricity generation portfolios and retail customer bases in the country. You will be part of a family of companies that strives for the highest standards of power generation, competitive energy sales, and energy delivery. Our team of outstanding professionals is focused on performance, thought leadership, innovation, and the power of ideas that come from a diverse and inclusive workforce. Exelon will provide you the tools and resources you need to design, build and enhance a successful career. We are also dedicated to motivating the success of our employees through competitive base salary, incentives, and health and retirement benefits. Join Exelon and share your passion at a forward-thinking Fortune 100 company. Establish yourself in a place where you can truly shine and create a brighter, more sustainable tomorrow. Energize your career at Exelon! Telecommuting is acceptable for this open position PRIMARY PURPOSE OF POSITION: The Cyber Security Engineer (CSE) will execute the highly technical, tactical elements of the Security Architects' (and overall CISS) cyber security strategy, eliminating a functional cyber security capability gap while providing pro-active cyber security risk management. The CSE will act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT/OT teams to effectively communicate and assist in architecting and implementing effective security solutions. The CSE will also assist with vulnerability mitigation, incident remediation, and will help manage change requests in support of cyber vulnerability remediation efforts. The CSE will ensure the implementation of system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation, and will perform security reviews to identify gaps in security architecture. The CSE will assist in the development of appropriate security risk management plans. PRIMARY DUTIES AND ACCOUNTABILITIES: Provide analytical and technical security recommendations to other team members, technical teams, and business clients, including: - Provide cybersecurity guidance to leadership - Work with stakeholders to resolve computer security incidents and vulnerability compliance - Provide input to implementation plans and standard operating procedures as they relate to information systems security - Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications Work closely with technical teams to implement effective security configurations/requirements, including: - Verify minimum security requirements are in place for all applications - Ensure application of security patches for commercial/custom products integrated into system design - Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed - Mitigate/correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leadership - Verify and update security documentation reflecting the application/system security design features - Verify minimum security requirements are in place for all applications Work closely with the Vulnerability Management and application teams to ensure secure transition of applications into production. Assist with vulnerability mitigation, incident remediation, and associated change management activities. POSITION SCOPE: The Cyber Security Engineer (CSE) will work closely (and primarily) with Cloud and Infrastructure Operations/Engineering and Utility IT OT clients to implement effective security configurations and requirements; provide analytical and technical security recommendations to other team members, technical teams, and business clients; act as a senior technical lead for all Exelon security remediation efforts; meet with Exelon business clients and management to help specify and negotiate application security requirements; work closely with Exelon application teams to ensure secure transition of applications into production; develop technology to automate cyber security monitoring, logging, and compliance with CISS standards; actively participate in relevant industry cyber security workgroups and forums; act as a liaison to the Security Architect and Cloud and Infrastructure Operations/Engineering and Utility IT/OT teams to effectively communicate and assist in architecting and implementing effective security solutions; develop documentation to support ongoing security systems operations, maintenance, and problem resolution; mitigate vulnerabilities, remediate incidents, and affect change requests in support of cyber vulnerability remediation efforts; work closely with the Security Policy and Risk Office to assist with the identification, analysis, and remediation of Exelon cyber security risk. Qualifications POSITION SPECIFICATIONS: - Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, and typically 5 or more years of solid, diverse experience in cyber security vulnerability assessments, or equivalent combination of education and work experience. At least 5-8 years of demonstrable security engineering or related experience, including: - Knowledge of encryption algorithms - Knowledge of cryptology - Knowledge of database systems - Knowledge of embedded systems - Knowledge of how system components are installed, integrated, and optimized - Knowledge of human-computer interaction principles - Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) - Knowledge of operating systems - Knowledge of IT and OT security principles and methods, such as firewalls, demilitarized zones, and encryption - Skill in evaluating the adequacy of security designs - Knowledge of the systems engineering process - Knowledge of network access, identity, and access management - Comprehensive understanding of change management techniques associated with new technology implementation. - Demonstrated experience producing an economic business case. - Demonstrated leadership ability. - Proven analytical, problem solving, and consulting skills. - Excellent communication skills and the proven ability to work effectively with all levels of IT/OT and business management. Preferred: - Graduate degree in cyber security or related area of expertise. - Relevant security certifications (CISSP, GIAC, MCSE, RHCE, CCNP, CCSP) Demonstrable, hands-on expertise in the following technical disciplines: - Operating Systems (Microsoft, Linux, UNIX) - Networking (Cisco, Checkpoint, Alcatel Lucent, Gigamon, RuggedCom) - Mobility (IOS, Android, MDM, BYOD) - Cryptography (PKI, lifecycle management, symmetric) - Network Security Engineering (secure network design, IDS/IPS, monitoring, firewalls) - Virtualization (VMware, HyperV) - Remote Access Methods (VPN, Citrix, MFA) - ICS / SCADA System Security (design, controls) - Demonstrable understanding of the 10 functional domains of security - A strong technical understanding of scripting languages (Perl, Powershell), as well as strong proficiency in Python, Ruby, or Java - Demonstrable experience with Industrial Control Systems, SCADA environments, and utility methods and practices for operational technologies and service delivery - Strong understanding of enterprise, network, system, and application level security engineering principles - Demonstrable understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks - Demonstrable understanding of system hardening processes, tools, guidelines, and benchmarks Exelon is proud to be an equal opportunity employer and employees or applicants will receive consideration for employment without regard to: age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law. VEVRAA Federal Contractor EEO is the Law Poster
Peraton is a critical partner to the Intelligence Community, Department of Defense, and select federal agencies and commercial entities, providing innovative, reliable solutions to the nation's most sensitive and mission-critical programs and systems. We are recognized as a trusted provider of highly differentiated space, intelligence, cyber, defense, homeland security, and communications capabilities. Our scientific discovery and research empower our employees and help our government keep America and our allies secure. All of this is possible due to the human insight and ingenuity of our most important asset, our employees. We have a compelling opportunity for a Cyber Security Systems Engineer in support of a unique WMA customer site. This position requires an active TS/SCI w/ Polygraph security clearance. Cyber Security Systems Engineers work on all systems and/or projects within the Sponsors organization responsible for providing Network Defense. * Conduct Proof of Concept testing * Conduct Tier 3 support of current infrastructure * Design, test and integrate new security products as directed. * Design, test, and integrate new security products as directed by COTR * Ensure all Network Defense capabilities are kept current, patched, and securely configured and management informed of status, working with O&M. * Full time engineering support for all primary systems such as network based Intrusion Detection and Protection Systems (IDPS). * Integration of security products, including designs for all Agency networks * Maintain a network diagram for each Instruction Detection, CIRT capability and sensors and make available to all Sponsor personnel. * Maintain system baselines and configuration management items, including security event monitoring "policies" in a manner determined and agreed to by the program management * Provide engineering documentation and interaction with Analysts and O&M to ensure a complete and functioning system that meets requirements * Software testing (patches, other updates) Required Qualifications * Implementation and validation of security controls that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation * Developing architecture documentation and Systems Security Plans (SSP) to support Accreditation and Authorization (A&A) reviews * POA&M development and implementation * Coordinating with customer security organizations to achieve Authority to Operate (ATO). * Knowledge of the complex environment involving shared IC networks and multiple security enclaves. * A bachelor's degree in computer engineering, computer science or other IT related discipline * Requires current TS/SCI clearance with Polygraph * Minimum 8 years of related experience Desired Qualifications * Security Development and Operations (SecDevOps) * Various security tools and processes such as Splunk, Nessus Security Center, WebInspect, Xacta * Cloud security controls and implementation * PKI implementation * STIG compliance and vulnerability management * Virtualization experience (VDI & VMWare) * Public, private and hybrid Cloud experience (AWS, Microsoft Azure, etc.) * CISSP * AWS Certified Security Specialty * Microsoft Office365 Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can't be done, solving the most daunting challenges facing our customers. We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.
05/03/2021
Full time
Peraton is a critical partner to the Intelligence Community, Department of Defense, and select federal agencies and commercial entities, providing innovative, reliable solutions to the nation's most sensitive and mission-critical programs and systems. We are recognized as a trusted provider of highly differentiated space, intelligence, cyber, defense, homeland security, and communications capabilities. Our scientific discovery and research empower our employees and help our government keep America and our allies secure. All of this is possible due to the human insight and ingenuity of our most important asset, our employees. We have a compelling opportunity for a Cyber Security Systems Engineer in support of a unique WMA customer site. This position requires an active TS/SCI w/ Polygraph security clearance. Cyber Security Systems Engineers work on all systems and/or projects within the Sponsors organization responsible for providing Network Defense. * Conduct Proof of Concept testing * Conduct Tier 3 support of current infrastructure * Design, test and integrate new security products as directed. * Design, test, and integrate new security products as directed by COTR * Ensure all Network Defense capabilities are kept current, patched, and securely configured and management informed of status, working with O&M. * Full time engineering support for all primary systems such as network based Intrusion Detection and Protection Systems (IDPS). * Integration of security products, including designs for all Agency networks * Maintain a network diagram for each Instruction Detection, CIRT capability and sensors and make available to all Sponsor personnel. * Maintain system baselines and configuration management items, including security event monitoring "policies" in a manner determined and agreed to by the program management * Provide engineering documentation and interaction with Analysts and O&M to ensure a complete and functioning system that meets requirements * Software testing (patches, other updates) Required Qualifications * Implementation and validation of security controls that support the Risk Management Framework (RMF) and ICD 503 Security Accreditation * Developing architecture documentation and Systems Security Plans (SSP) to support Accreditation and Authorization (A&A) reviews * POA&M development and implementation * Coordinating with customer security organizations to achieve Authority to Operate (ATO). * Knowledge of the complex environment involving shared IC networks and multiple security enclaves. * A bachelor's degree in computer engineering, computer science or other IT related discipline * Requires current TS/SCI clearance with Polygraph * Minimum 8 years of related experience Desired Qualifications * Security Development and Operations (SecDevOps) * Various security tools and processes such as Splunk, Nessus Security Center, WebInspect, Xacta * Cloud security controls and implementation * PKI implementation * STIG compliance and vulnerability management * Virtualization experience (VDI & VMWare) * Public, private and hybrid Cloud experience (AWS, Microsoft Azure, etc.) * CISSP * AWS Certified Security Specialty * Microsoft Office365 Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our 22,000 employees do the can't be done, solving the most daunting challenges facing our customers. We are an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state, or local law.
Description The Cyber Defense Cloud and Container Security Manager will identify, interpret and help drive vulnerability remediation in our Container and Cloud ecosystem and will be responsible for participating in the coordination and presentation of vulnerability reviews to development, risk, audit and business teams. This role is hands on and technical and you will be the subject matter expert and advisor on within the team for all matters Cloud and Container Security respective to Vulnerability and Attack Surface Management. Responsibilities will be to: * Oversee our Container Security Vulnerability tool(s) to include managing the output and working hands on with the DevOps and Infrastructure teams to drive remediation * Support the building, production and maintenance of metrics associated with the container security program * Advise and educate development teams in best practices across all stages of the SDLC * Monitor and respond to Open Source Software weaknesses and exposures * Evangelize and drive Cyber Security inside the company * Build a very close working relationship with DevOps, cloud engineering, application development and QA teams. * Perform research and develop whitepapers/presentations/etc. regarding application security * Develop and update security patterns and user stories aligned with security requirements * Special projects as assigned Qualifications Required Skills and Experience: * 8 years of applicable security experience * Expert understanding of Cloud platforms such as AWS, Azure, and GCP * Deep understanding of container orchestration technologies such as Docker, Kubernetes, Mesos , Openshift * Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructure * Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats * Hands-on experience with Agile, DevOps and DevSecOps methodologies * Assist in developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions * Understanding of Infrastructure as Code * Experience moving to a DevOps / DevSecOps environment * Experience with agile development and CI/CD pipelines * Experience with container / orchestration tools * Deep understanding of CloudFormation / Terraform * Hands on experience AWS / Windows / Linux Security * Highly proficient in at least one major scripting / programming language (Python, Ruby, Node, Java, R, Go…) Proficient in shell scripting (Bash, PowerShell…) * Deep understanding of container security tools, and experience with products such as Aqua, Twistlock, Qualys Container Security, Layered Insight Preferred Education and Certifications: * Bachelor's degree preferred * Security related certifications such as CSSLP, GWAPT, GWEB, GPEN, CEH, CCSK, CCSP preferred Hours & Work Schedule Hours per Week: 40 Work Schedule: Monday-Friday 8am-5pm This position is not available in Colorado. #LI-Sourcer1 Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityIt is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent's reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.
04/30/2021
Full time
Description The Cyber Defense Cloud and Container Security Manager will identify, interpret and help drive vulnerability remediation in our Container and Cloud ecosystem and will be responsible for participating in the coordination and presentation of vulnerability reviews to development, risk, audit and business teams. This role is hands on and technical and you will be the subject matter expert and advisor on within the team for all matters Cloud and Container Security respective to Vulnerability and Attack Surface Management. Responsibilities will be to: * Oversee our Container Security Vulnerability tool(s) to include managing the output and working hands on with the DevOps and Infrastructure teams to drive remediation * Support the building, production and maintenance of metrics associated with the container security program * Advise and educate development teams in best practices across all stages of the SDLC * Monitor and respond to Open Source Software weaknesses and exposures * Evangelize and drive Cyber Security inside the company * Build a very close working relationship with DevOps, cloud engineering, application development and QA teams. * Perform research and develop whitepapers/presentations/etc. regarding application security * Develop and update security patterns and user stories aligned with security requirements * Special projects as assigned Qualifications Required Skills and Experience: * 8 years of applicable security experience * Expert understanding of Cloud platforms such as AWS, Azure, and GCP * Deep understanding of container orchestration technologies such as Docker, Kubernetes, Mesos , Openshift * Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructure * Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats * Hands-on experience with Agile, DevOps and DevSecOps methodologies * Assist in developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions * Understanding of Infrastructure as Code * Experience moving to a DevOps / DevSecOps environment * Experience with agile development and CI/CD pipelines * Experience with container / orchestration tools * Deep understanding of CloudFormation / Terraform * Hands on experience AWS / Windows / Linux Security * Highly proficient in at least one major scripting / programming language (Python, Ruby, Node, Java, R, Go…) Proficient in shell scripting (Bash, PowerShell…) * Deep understanding of container security tools, and experience with products such as Aqua, Twistlock, Qualys Container Security, Layered Insight Preferred Education and Certifications: * Bachelor's degree preferred * Security related certifications such as CSSLP, GWAPT, GWEB, GPEN, CEH, CCSK, CCSP preferred Hours & Work Schedule Hours per Week: 40 Work Schedule: Monday-Friday 8am-5pm This position is not available in Colorado. #LI-Sourcer1 Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityIt is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent's reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.
Description The Cyber Defense Cloud and Container Security Manager will identify, interpret and help drive vulnerability remediation in our Container and Cloud ecosystem and will be responsible for participating in the coordination and presentation of vulnerability reviews to development, risk, audit and business teams. This role is hands on and technical and you will be the subject matter expert and advisor on within the team for all matters Cloud and Container Security respective to Vulnerability and Attack Surface Management. Responsibilities will be to: * Oversee our Container Security Vulnerability tool(s) to include managing the output and working hands on with the DevOps and Infrastructure teams to drive remediation * Support the building, production and maintenance of metrics associated with the container security program * Advise and educate development teams in best practices across all stages of the SDLC * Monitor and respond to Open Source Software weaknesses and exposures * Evangelize and drive Cyber Security inside the company * Build a very close working relationship with DevOps, cloud engineering, application development and QA teams. * Perform research and develop whitepapers/presentations/etc. regarding application security * Develop and update security patterns and user stories aligned with security requirements * Special projects as assigned Qualifications Required Skills and Experience: * 8 years of applicable security experience * Expert understanding of Cloud platforms such as AWS, Azure, and GCP * Deep understanding of container orchestration technologies such as Docker, Kubernetes, Mesos , Openshift * Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructure * Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats * Hands-on experience with Agile, DevOps and DevSecOps methodologies * Assist in developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions * Understanding of Infrastructure as Code * Experience moving to a DevOps / DevSecOps environment * Experience with agile development and CI/CD pipelines * Experience with container / orchestration tools * Deep understanding of CloudFormation / Terraform * Hands on experience AWS / Windows / Linux Security * Highly proficient in at least one major scripting / programming language (Python, Ruby, Node, Java, R, Go…) Proficient in shell scripting (Bash, PowerShell…) * Deep understanding of container security tools, and experience with products such as Aqua, Twistlock, Qualys Container Security, Layered Insight Preferred Education and Certifications: * Bachelor's degree preferred * Security related certifications such as CSSLP, GWAPT, GWEB, GPEN, CEH, CCSK, CCSP preferred Hours & Work Schedule Hours per Week: 40 Work Schedule: Monday-Friday 8am-5pm This position is not available in Colorado. #LI-Sourcer1 Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityIt is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent's reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.
04/30/2021
Full time
Description The Cyber Defense Cloud and Container Security Manager will identify, interpret and help drive vulnerability remediation in our Container and Cloud ecosystem and will be responsible for participating in the coordination and presentation of vulnerability reviews to development, risk, audit and business teams. This role is hands on and technical and you will be the subject matter expert and advisor on within the team for all matters Cloud and Container Security respective to Vulnerability and Attack Surface Management. Responsibilities will be to: * Oversee our Container Security Vulnerability tool(s) to include managing the output and working hands on with the DevOps and Infrastructure teams to drive remediation * Support the building, production and maintenance of metrics associated with the container security program * Advise and educate development teams in best practices across all stages of the SDLC * Monitor and respond to Open Source Software weaknesses and exposures * Evangelize and drive Cyber Security inside the company * Build a very close working relationship with DevOps, cloud engineering, application development and QA teams. * Perform research and develop whitepapers/presentations/etc. regarding application security * Develop and update security patterns and user stories aligned with security requirements * Special projects as assigned Qualifications Required Skills and Experience: * 8 years of applicable security experience * Expert understanding of Cloud platforms such as AWS, Azure, and GCP * Deep understanding of container orchestration technologies such as Docker, Kubernetes, Mesos , Openshift * Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructure * Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats * Hands-on experience with Agile, DevOps and DevSecOps methodologies * Assist in developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions * Understanding of Infrastructure as Code * Experience moving to a DevOps / DevSecOps environment * Experience with agile development and CI/CD pipelines * Experience with container / orchestration tools * Deep understanding of CloudFormation / Terraform * Hands on experience AWS / Windows / Linux Security * Highly proficient in at least one major scripting / programming language (Python, Ruby, Node, Java, R, Go…) Proficient in shell scripting (Bash, PowerShell…) * Deep understanding of container security tools, and experience with products such as Aqua, Twistlock, Qualys Container Security, Layered Insight Preferred Education and Certifications: * Bachelor's degree preferred * Security related certifications such as CSSLP, GWAPT, GWEB, GPEN, CEH, CCSK, CCSP preferred Hours & Work Schedule Hours per Week: 40 Work Schedule: Monday-Friday 8am-5pm This position is not available in Colorado. #LI-Sourcer1 Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityIt is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent's reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.
Cloud Security Architect. Summary Description: Teradata is seeking a highly skilled and experienced Cloud Security architect in Teradata SQL Engine Engineering team. As a Cloud Security Architect, you will be responsible for evaluating new solutions and developing the supporting elements required to incorporate new technologies in a safe and secure manner. The ideal candidate will have broad experience in cloud-based development and security management in IaaS, PaaS and SaaS environments. For consideration to this job posting candidates must possess hands-on experience in designing for both small and large-scale solutions with an emphasis on security and performance. You will be responsible for gathering technical requirements, architecting solutions and executing on deliverables addressing Teradata's on-premise and off-premise Cloud solutions. You will lead and coordinate the work of an integrated project team comprised of multiple technical disciplines, including developers, subject matter experts, database engineers, Micro services developers, and system architects to implement and maintain enterprise-level information technology applications. You will also serve as a advisor to leadership concerning development, design, maintenance and implementation of enterprise-level Cloud systems. Other key responsibilities will be to produce architecture diagrams, blueprints and to bring solutions to reality with a DevSecOps mindset & culture. Responsibilities: : Provide domain expertise around public cloud and enterprise technology. Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environments (AWS/Azure/GCP). Make recommendations to management on enhancements to existing and new security software or related tools. Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current tool sets. Ensure security standard methodologies are identified and integrated into all facets of Development and deployments including network, system designs/configuration and implementations. Make recommendation on secure integration strategies, global enterprise architectures and application infrastructure based on best practices. Develop security architecture strategies that align to enterprise architecture strategy and that of the business strategy for cloud. Develop in depth security architecture standards, frameworks and design patters spanning all layers of security in the cloud from host, server and network to application and data security. Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risk and recommends solutions to mitigate them. Develop, perform, and analyze vulnerability assessments and penetration tests using generally accepted tools, and recommend remediations. Review and enhance security policies that cover cloud platforms. Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements. Evaluate risks that the applicable vulnerabilities pose to the Teradata deployments and understand the technical implementation details in order to assess and recommend security control improvements or identify mitigating controls. Develop technical solutions to help mitigate security vulnerabilities. Work Environment: Primary Location: Teradata Rancho Bernardo location in San Diego, but can also be located Austin, Santa Clara, LA/El Segundo, or Seattle. Qualifications: : Bachelors degree or/equivalent and at least 10 years related work experience required. 10 years experience as a Security Architect and/or Engineering. 5 years experience with Cloud platforms such as Amazon Web Services (AWS), Azure, Google Cloud. Experience architecting solutions within Amazon Web Services (AWS), Azure, Google Cloud. Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments. Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc). Experience with service-oriented architecture for cloud-based services. Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies. Experience with enterprise applications (architecture, development, support, and troubleshooting). Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies. Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions. Experience with enterprise architecture and working as part of a cross-functional team to implement solutions. Strong interpersonal and communication skills; ability to work in a team environment. Ability to work independently with minimal direction; self-starter/self-motivated. Technical writing experience. Teradata helps businesses unlock value by turning data into their greatest asset. We're the cloud data analytics platform company, built for a hybrid multi-cloud reality, solving the world's most complex data challenges at scale. Collectively, we endeavor to serve equal parts innovator and contributor. Because our mission isn't just about the collection of data it's about revolutionizing the future of transportation to save lives, optimizing energy costs to make the planet a cleaner place, and using data to predict and identify cancer risks.
04/30/2021
Full time
Cloud Security Architect. Summary Description: Teradata is seeking a highly skilled and experienced Cloud Security architect in Teradata SQL Engine Engineering team. As a Cloud Security Architect, you will be responsible for evaluating new solutions and developing the supporting elements required to incorporate new technologies in a safe and secure manner. The ideal candidate will have broad experience in cloud-based development and security management in IaaS, PaaS and SaaS environments. For consideration to this job posting candidates must possess hands-on experience in designing for both small and large-scale solutions with an emphasis on security and performance. You will be responsible for gathering technical requirements, architecting solutions and executing on deliverables addressing Teradata's on-premise and off-premise Cloud solutions. You will lead and coordinate the work of an integrated project team comprised of multiple technical disciplines, including developers, subject matter experts, database engineers, Micro services developers, and system architects to implement and maintain enterprise-level information technology applications. You will also serve as a advisor to leadership concerning development, design, maintenance and implementation of enterprise-level Cloud systems. Other key responsibilities will be to produce architecture diagrams, blueprints and to bring solutions to reality with a DevSecOps mindset & culture. Responsibilities: : Provide domain expertise around public cloud and enterprise technology. Configure, implement, monitor, and support network security software/systems that will help ensure compliance with CSA Cloud Controls Matrix in cloud environments (AWS/Azure/GCP). Make recommendations to management on enhancements to existing and new security software or related tools. Assist in evaluating, planning and implementation of new/existing security applications/tools that integrate with current tool sets. Ensure security standard methodologies are identified and integrated into all facets of Development and deployments including network, system designs/configuration and implementations. Make recommendation on secure integration strategies, global enterprise architectures and application infrastructure based on best practices. Develop security architecture strategies that align to enterprise architecture strategy and that of the business strategy for cloud. Develop in depth security architecture standards, frameworks and design patters spanning all layers of security in the cloud from host, server and network to application and data security. Analyzes business impact and exposure based on emerging security threats, vulnerabilities and risk and recommends solutions to mitigate them. Develop, perform, and analyze vulnerability assessments and penetration tests using generally accepted tools, and recommend remediations. Review and enhance security policies that cover cloud platforms. Partner with internal teams to ensure successful security and compliance programs that align with client and regulatory compliance requirements. Evaluate risks that the applicable vulnerabilities pose to the Teradata deployments and understand the technical implementation details in order to assess and recommend security control improvements or identify mitigating controls. Develop technical solutions to help mitigate security vulnerabilities. Work Environment: Primary Location: Teradata Rancho Bernardo location in San Diego, but can also be located Austin, Santa Clara, LA/El Segundo, or Seattle. Qualifications: : Bachelors degree or/equivalent and at least 10 years related work experience required. 10 years experience as a Security Architect and/or Engineering. 5 years experience with Cloud platforms such as Amazon Web Services (AWS), Azure, Google Cloud. Experience architecting solutions within Amazon Web Services (AWS), Azure, Google Cloud. Experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments. Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc). Experience with service-oriented architecture for cloud-based services. Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies. Experience with enterprise applications (architecture, development, support, and troubleshooting). Experience performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologies. Experience representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions. Experience with enterprise architecture and working as part of a cross-functional team to implement solutions. Strong interpersonal and communication skills; ability to work in a team environment. Ability to work independently with minimal direction; self-starter/self-motivated. Technical writing experience. Teradata helps businesses unlock value by turning data into their greatest asset. We're the cloud data analytics platform company, built for a hybrid multi-cloud reality, solving the world's most complex data challenges at scale. Collectively, we endeavor to serve equal parts innovator and contributor. Because our mission isn't just about the collection of data it's about revolutionizing the future of transportation to save lives, optimizing energy costs to make the planet a cleaner place, and using data to predict and identify cancer risks.
Description The Cyber Defense Cloud and Container Security Manager will identify, interpret and help drive vulnerability remediation in our Container and Cloud ecosystem and will be responsible for participating in the coordination and presentation of vulnerability reviews to development, risk, audit and business teams. This role is hands on and technical and you will be the subject matter expert and advisor on within the team for all matters Cloud and Container Security respective to Vulnerability and Attack Surface Management. Responsibilities will be to: * Oversee our Container Security Vulnerability tool(s) to include managing the output and working hands on with the DevOps and Infrastructure teams to drive remediation * Support the building, production and maintenance of metrics associated with the container security program * Advise and educate development teams in best practices across all stages of the SDLC * Monitor and respond to Open Source Software weaknesses and exposures * Evangelize and drive Cyber Security inside the company * Build a very close working relationship with DevOps, cloud engineering, application development and QA teams. * Perform research and develop whitepapers/presentations/etc. regarding application security * Develop and update security patterns and user stories aligned with security requirements * Special projects as assigned Qualifications Required Skills and Experience: * 8 years of applicable security experience * Expert understanding of Cloud platforms such as AWS, Azure, and GCP * Deep understanding of container orchestration technologies such as Docker, Kubernetes, Mesos , Openshift * Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructure * Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats * Hands-on experience with Agile, DevOps and DevSecOps methodologies * Assist in developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions * Understanding of Infrastructure as Code * Experience moving to a DevOps / DevSecOps environment * Experience with agile development and CI/CD pipelines * Experience with container / orchestration tools * Deep understanding of CloudFormation / Terraform * Hands on experience AWS / Windows / Linux Security * Highly proficient in at least one major scripting / programming language (Python, Ruby, Node, Java, R, Go…) Proficient in shell scripting (Bash, PowerShell…) * Deep understanding of container security tools, and experience with products such as Aqua, Twistlock, Qualys Container Security, Layered Insight Preferred Education and Certifications: * Bachelor's degree preferred * Security related certifications such as CSSLP, GWAPT, GWEB, GPEN, CEH, CCSK, CCSP preferred Hours & Work Schedule Hours per Week: 40 Work Schedule: Monday-Friday 8am-5pm This position is not available in Colorado. #LI-Sourcer1 Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityIt is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent's reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.
04/30/2021
Full time
Description The Cyber Defense Cloud and Container Security Manager will identify, interpret and help drive vulnerability remediation in our Container and Cloud ecosystem and will be responsible for participating in the coordination and presentation of vulnerability reviews to development, risk, audit and business teams. This role is hands on and technical and you will be the subject matter expert and advisor on within the team for all matters Cloud and Container Security respective to Vulnerability and Attack Surface Management. Responsibilities will be to: * Oversee our Container Security Vulnerability tool(s) to include managing the output and working hands on with the DevOps and Infrastructure teams to drive remediation * Support the building, production and maintenance of metrics associated with the container security program * Advise and educate development teams in best practices across all stages of the SDLC * Monitor and respond to Open Source Software weaknesses and exposures * Evangelize and drive Cyber Security inside the company * Build a very close working relationship with DevOps, cloud engineering, application development and QA teams. * Perform research and develop whitepapers/presentations/etc. regarding application security * Develop and update security patterns and user stories aligned with security requirements * Special projects as assigned Qualifications Required Skills and Experience: * 8 years of applicable security experience * Expert understanding of Cloud platforms such as AWS, Azure, and GCP * Deep understanding of container orchestration technologies such as Docker, Kubernetes, Mesos , Openshift * Advanced knowledge of security capabilities and constraints related to deploying cloud native and multi-cloud applications and infrastructure * Ability to present complex, technical information to a variety of audiences, both technical and non-technical, in written and/or oral formats * Hands-on experience with Agile, DevOps and DevSecOps methodologies * Assist in developing an automated framework for Security Tool deployment and development, leveraging various scripting languages and open source solutions * Understanding of Infrastructure as Code * Experience moving to a DevOps / DevSecOps environment * Experience with agile development and CI/CD pipelines * Experience with container / orchestration tools * Deep understanding of CloudFormation / Terraform * Hands on experience AWS / Windows / Linux Security * Highly proficient in at least one major scripting / programming language (Python, Ruby, Node, Java, R, Go…) Proficient in shell scripting (Bash, PowerShell…) * Deep understanding of container security tools, and experience with products such as Aqua, Twistlock, Qualys Container Security, Layered Insight Preferred Education and Certifications: * Bachelor's degree preferred * Security related certifications such as CSSLP, GWAPT, GWEB, GPEN, CEH, CCSK, CCSP preferred Hours & Work Schedule Hours per Week: 40 Work Schedule: Monday-Friday 8am-5pm This position is not available in Colorado. #LI-Sourcer1 Why Work for UsAt Citizens, you'll find a customer-centric culture built around helping our customers and giving back to our local communities. When you join our team, you are part of a supportive and collaborative workforce, with access to training and tools to accelerate your potential and maximize your career growth.Equal Employment OpportunityIt is the policy of Citizens to provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to race, color, ethnicity, religion, gender, pregnancy/childbirth, colleague or a dependent's reproductive health decision making, age, national origin, sexual orientation, gender identity or expression, disability or perceived disability, genetic information, genetic characteristic, citizenship, veteran or military status, marital or domestic partner status, family status/parenthood, victim of domestic violence, or any other category protected by federal, state and/or local laws.Equal Employment and Opportunity Employer/Disabled/VeteranCitizens is a brand name of Citizens Bank, N.A. and each of its respective affiliates.
