- 13,057
- 8,805
- Joined
- May 31, 2006
The holy trinity. What's next? Moving to a entry-level, intermediate, advanced cert?
CCNA.
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: this_feature_currently_requires_accessing_site_using_safari
The holy trinity. What's next? Moving to a entry-level, intermediate, advanced cert?
Nice. What kind of job you aiming for?
What route are you looking to go career wise lol? I’m trying to tie all that togetherThat's my next move too, got sec+, ccna, aws sa, azure sa, lpic1, ccsp and degree all on the docket I need to kill by end of summer. Need to hunker down and disappear.
congrats zaddyJust passed the Security+
Joint was lowkey a beast.
$70 an hour seems low for a CISSP, that cert is not one you just pick up in a week. Unless you have worked in the field for a while. I think recruiter might need to go back to prime and find more money. Regarding your original question no I never heard of that exam.Anybody into PCI Compliace? I kept seeing those ads for Boyd Clewis academy, apparently people are getting the cert or whatever in it in 90 days. I had a call with them and everything, seemed like a nice opportunity and much more preffered to trying to go back into Grad school again if I decide to make a move for my next level of my career, trying to bust through that 6 figure wall. Also, small chance someone in this threadis interested, here's a job I was offered. Just tell them you have an associate who it was offered to who sent it to you (pm me for my real name if you want). I never got into CISSP so all this RMF stuff is over my head, but $70/hr is like $145, and on Texas (arlington of course a suburb of Dallas) cost of living with no state income tax. Sheeyit
[TABLE]
[TR]
[TD][TABLE]
[TR]
[TD]Max Cameron <[email protected]>[/TD]
[/TR]
[/TABLE][/TD]
[TD]10:22 AM (1 hour ago)
[/TD]
[TD][/TD]
[TD]
[/TD]
[/TR]
[TR]
[TD][TABLE]
[TR]
[TD]to me
[/TD]
[/TR]
[/TABLE][/TD]
[TD][/TD]
[TD][/TD]
[TD][/TD]
[/TR]
[/TABLE]
Hello ,
We just received a new work order and wanted to know if you would be interested in this position – see below.
If not, please forward this email on to anyone you know who might be interested, thanks!
Information Systems Security Engineer Job#189709
ACTIVE SECRET CLEARANCE REQD
Category: IT
Region: TX-Texas
City: Arlington
State: TX
Rate: Up to $70.00 DOE
Duration: 9 months
Description:
Chipton-Ross is seeking an Information Systems Security Engineer for an opening in Arlington, TX.
RESPONSIBILITIES:
Implement security and anti-tamper controls into training and simulation solutions
• Define DoD cybersecurity and anti-tamper requirements and interact with external stakeholders to refine/derive/allocate security control requirements
• Perform trades studies, cost analysis, risk assessments, impact analysis, and effectiveness studies
• Customize cybersecurity solutions based on cost and effectiveness
• Assist programs and monitor program execution throughout product development lifecycle to ensure cyber and anti-tamper objectives are met
• Lead, advise, and educate engineers on cybersecurity and anti-tamper concepts and solutions
• Prepare briefings to obtain approvals by government agencies for contracted efforts
• Perform cybersecurity tasks in each phase of the Risk Management Framework (RMF)
• Create entire authorization packages to obtain an Authority to Operate (ATO) for DoD Information Systems
• Interact with System Program Office and Authorizing Official key personnel during all phases of the RMF
• Support Information System Security Managers and Officers (ISSM/ISSO) during Continuous Monitoring Phase of the RMF as technical Subject Matter Expert
Applies current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and integration of systems and networks to maintain system security
• Works closely with Government customers to ensure that the security protection needs, concerns and requirements are defined and implemented with appropriate fidelity early and in a sustainable manner throughout the life cycle of system that will allow for the security authorization of the system of interest
• Works with systems developers or commercial product vendors in the design and evaluation of state-of-the-art secure systems, networks, and database products
• Uses methods such as encryption technology, vulnerability analysis and security management
• Responsible for integration of multiple methods into a cohesive system security perimeter and environment and the policies and procedures necessary to monitor and maintain such an environment
• Will prepare Certification and Accreditation documentation, using multiple standards such as DITSCAP, NIACAP, DCID 6/3, Common Criteria, and NIST 800-37, to achieve security authorization of supported systems. Represents program security needs, concerns and requirements at customer meetings
REQUIREMENTS:
6+ years of relevant experience in fields of cybersecurity, anti-tamper, or engineering computer technology
• Defense industry experience
• Experience creating authorization packages for DoD Information Systems
• Experience implementing security controls
• Experience with security control testing to include use of vulnerability and compliance scanners, creating test reports, and analyzing test results
• In-depth knowledge of all phases of the RMF
• Knowledge of all phases of the Systems Development Lifecycle
• Knowledge of NIST 800-53 security controls including their implementation and testing
• Interpersonal soft skills to effectively and smoothly interact with both internal and external stakeholders
• Experience in requirements management to include deriving, allocating, and tracing
• Ability to work alone or in a team environment
• Self-motivated with substantial problem-solving abilities
• Proficiency with Microsoft Office products
Additional Desired Qualifications and Experience
• JSIG compliance and implementation experience
• Proficiency in anti-tamper techniques for verification and protection of Critical Program Information (CPI) per DoDI 5200.39
• Systems Administrator Experience
• Significant knowledge of Security Technical Implementation Guides (STIGs)
• Design and Architect experience of cybersecurity solutions
• Multiple DoD 8570.01-M certifications
• Prior experience utilizing systems engineering principles for requirements on a technical effort
• Previous experience developing and accessing various artifacts such as SOWs, requirements, and test documents
• Experience with DOORS requirements management software
• Experience in eMASS and Xacta RMF flow software
• Experience in cybersecurity activities associated with aircraft and aircraft simulators/training devices
• Ability to travel up to 15%
EDUCATION:
• Bachelors degree in a technical field, such as Cybersecurity, Electrical Engineering, Systems Engineering, or Computer Science
Masters degree preferred in related field
IASAE level II or III certification
SHIFT:
9/80
MISCELLANEOUS:
Applicants responding to this position will be subject to a government security investigation and must meet eligibility requirements by currently possessing the ability to view classified government information.
Contact:
Max Cameron at [email protected]
CHIPTON-ROSS INC.
420 Culver Boulevard
Playa Del Rey, CA 900293
Phone: (310) 414-7800 x242 or (800) 927-9318
Not in the security field, but whenever I interview people it’s a mix of technical and personable questions.spiderjericho or titang545 or any other security dudes
I have a technical interview Friday and want some advice on how preparation.
If any of yall have some time to give me some pointers/advice I would appreciate it.
PM me if anyone wanna discuss the role and preparation
TY
Can you share the job title or technologies being used?spiderjericho or titang545 or any other security dudes
I have a technical interview Friday and want some advice on how preparation.
If any of yall have some time to give me some pointers/advice I would appreciate it.
PM me if anyone wanna discuss the role and preparation
TY
Yeah my bad here it isCan you share the job title or technologies being used?
Oh you good man, seems more like a thinking position speak concise. Ask about situations they had in the past or ones you resolved and explain to them the thought process you used. Windows stuff is pretty cut and dry, most jobs would like you to know everything from Microsoft word for word. If you don't know something let them know you will look online and find the answer. Talk about times where you might of been the senior person and showed new employees how things work. Process and procedures you might of come up with or use a process or procedure someone else created but you could duplicate. They won't know if you were the author of the document before or just fine tuned it.Yeah my bad here it is
Security Analyst Responsibilities
The right candidate will have the following skills:
- Triage and respond to security events
- Document and automate response actions
- Help implement and configure new security products
- Perform manual and automated threat hunting across the environment
- Create and update correlated event rules
- Assist in the assessment of the constituencies overall security posture
- Tune security technologies
- Mentor junior analysts
- Early hires also need to help support front line customer service/support
- A good understanding of the Windows operating system
- Experience with incident response
- Good communication skills
- The ability to execute independently and as part of a group
Oh you good man, seems more like a thinking position speak concise. Ask about situations they had in the past or ones you resolved and explain to them the thought process you used. Windows stuff is pretty cut and dry, most jobs would like you to know everything from Microsoft word for word. If you don't know something let them know you will look online and find the answer. Talk about times where you might of been the senior person and showed new employees how things work. Process and procedures you might of come up with or use a process or procedure someone else created but you could duplicate. They won't know if you were the author of the document before or just fine tuned it.
You good man just stay calm and listen to what they say then regurgitate it an the answers you provide to them on your background. Good Luck.
Yeah not a security guy currently. But looks like a senior SOC analyst focused on Windows.
Technical questions could be tools like security onion, Splunk, Windows Defender, McAfee, Wireshark, etc. How to look for anomalies in network traffic or operating systems.
thank you all greatly appreciatedYou got this MakeNTGreatAgain I used to write a short outline script of questions I'd expect to be asked and bullet points to make sure I hit in my answer and things in your experience you want to highlight, real or fake, they don;t know. They love a problem solver so tell about a scenario like maybe you guys were doing work but not tracking in Remedy or Servicenow, so you called a meeting and implemented a new SOP where every action is documented in a ticket and shared across everyone and it prevented duplicate work and made everyone more efficient, or find a way to frame it like that.
spiderjericho titang545 I was working on CISSP as in trying to teach myself by reading the book, maybe lasted half a week it was dull, but if you think CISP ****** can shun at 145k maybe I should revisit. That listing never directly says CISSP I just know most of the time when I got calls about something dealing with RMF and Emass and DIACAP they wanted it, but maybe I'm wrong since they're lowballing.
Yeah I might do PMP in a year or two, ain't NEVER doing CISSP. Going to keep my CASP up to date and I am good. F that CISSP. I have worked with some of the dumbest people that have CISSP in there email signature.I just bought the new PMP book by Andrew Crowe so I’ll be battling yawns too soon.
CISSP and PMP are the easiest money makers today.