Home security
 

Keywords :   


Tag: security

Information Security Engineer

2020-11-10 11:12:46| Space-careers.com Jobs RSS

EUMETSAT is Europes meteorological satellite agency monitoring the weather and climate from space 24 hours a day, 365 days a year Working for EUMETSAT, you can make a world of difference and be a part of something that makes a positive impact on society. You will be at the cutting edge of satellite technology, with a meaningful role in an organisation focused on spacebased observations of the Earths weather and climate. In the EUMETSAT matrix organisation, the Technical and Scientific Support TSS department provides support to the development and operations of EUMETSAT satellite systems, in particular ground systems, and contributes to the operational management of the crossorganisational Information Security Management System. As a member of the Security Team of the Generic Systems and Infrastructure GSI division, the Information Security Engineer will supervise, coordinate and assess the implementation of IT security for all operational and corporate IT systems, and support security aspects of the development of new ground systems. What youll be doing Supervise, coordinate and verify the implementation of the Information Security Management System ISMS at operational level, including infrastructure, network, storage, computers and software, for all IT security aspects Organise, execute, evaluate and followup information security assessments Identify, report and followup on relevant information security risks Provide expertise on information security requirements, architecture definition and implementation, to the development andor procurement of new systems and security solutions Act as one point of contact for all information securityrelated aspects Maintain appropriate contacts with special interest groups relating to information security, andor other specialist forums Provide information security training and contribute to security awareness initiatives at organisational level. What we offer Excellent salary, of up to Euro 7,500 NET after tax based on skills and experience Flexible working time including additional flexileave Full medical coverage for employee and family Attractive pension 30 days of annual leave 14.5 days public holidays Training and development support Relocation allowance and support if applicable Requirements Qualifications A university degree in a relevant discipline e.g. Computer and Network Security. CISSP or a similar certification are an advantage. Skills and Experience Requirements Definition of information security and related requirements Architecture of IT Security solutions for networks, computer systems and application software Implementation and maintenance of an Information Security Management System ISMS, including security software and tools, preferably in 247 highavailability environments Security assessments and ethical hacking on operational systems Incident response and forensics Security standards like ISOIEC 27001 27002. Excellent interpersonal, communication and team working skills Critical thinking, methodical and organised approach to work combined with an aptitude for detail and accuracy. More about us EUMETSATs role is to establish and operate meteorological satellites to monitor the weather and climate from space 24 hours a day, 365 days a year. This information is supplied to the National Meteorological Services of the organisations Member and Cooperating States in Europe, as well as other users worldwide. EUMETSAT also operates several Copernicus missions on behalf of the European Union and provide data services to the Copernicus marine and atmospheric services and their users. As an intergovernmental European Organisation, EUMETSAT can recruit nationals only from the 30 Member States Austria, Belgium, Bulgaria, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, The Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.

Tags: information security engineer information security

 

Zero Trust security will be key in the new normal

2020-11-09 20:49:52| The Webmail Blog

Zero Trust security will be key in the new normal nellmarie.colman Mon, 11/09/2020 - 13:49   This time last year, I was planning an overseas vacation to Mount Fuji in Japan. Prior to booking that trip, I had met with a large traditional insurance organization to discuss the merits of cloud security. The organizations IT structure had been the same for the last 15 years, powered by on-premises server infrastructure. The teams position was firm: Why fix something thats not broken? The team was most skeptical about data security in the cloud. Outside of the organizations walled garden, they didnt believe it was possible to ensure data confidentiality and integrity. However, despite their apprehension, they agreed to start their cloud journey over the course of the next few years.      Adjusting to a new normal [Because of COVID-19], we saw two years of digital transformation in two months. Satya Nadella, Microsoft CEO   Fast forward to 2020. COVID-19 has challenged the norms for organizations around the world. From an IT standpoint, weve also been forced to work differently. Where choices had been a balance of doing it right versus keeping the business afloat, COVID tipped the balance toward staying afloat. As a result, businesses were forced to make unprecedented, risky changes in an instant. COVID-19 was a major shock for traditional enterprises. For many, continuity planning had only been theoretical and never properly tested. The walled garden security strategy finally broke, creating a hindrance in this new normal. VPNs were suddenly overwhelmed, causing significant usability problems. The traditional enterprise is in a better state today, but not without drastic and potentially risky changes to their security stance.   Now a good chunk of your critical assets are behind the firewall, but all of your employees are not. Christopher Kenesssey, NetMotion CEO   Businesses that were well into executing on their cloud strategy pre-COVID-19 are faring better than those that werent. This is because those businesses had the opportunity to strategize and prepare for the new normal before it arrived. As IT teams around the world pivot toward remote and distributed services, a new model of security is needed. The Zero Trust security strategy is best aligned to provide security across environments.   What is Zero Trust security? Never trust, always verify. The view of Zero Trust security is that we should not trust anything inside or outside of our system perimeters. The strategy enforces the lowest common denominator of trust zero.  As we begin to blur the boundaries between trusted and untrusted, Zero Trust security becomes more relevant. Not owning your cloud-based infrastructure or having end-users connect via untrusted, BYOD devices means not trusting anything without verification users, devices or systems. Contrast this against the traditional walled garden or perimeter approach, where a clearly defined firewall perimeter exists between trusted and untrusted. People, data or systems in the perimeter are considered trusted and anything outside of that is untrusted. Traditional security approaches simply dont work in a world where cloud and remote services are now the rule, not the exception.   Zero Trust security principles Zero Trust security is a strategy, a mindset and an incremental journey for IT security. While there are technologies and products to help with achieving Zero Trust, it is not a specific technology or product. Instead of a rip and replace of your current IT security, Zero Trust augments and enhances your current security strategy.  The key principles of Zero Trust security are: Verify explicitly: Authenticate and authorize based on all available data points (identity, location, device health and an AI/ML derived behavior baseline). Use least-privileged access: Provide just-in-time and just-enough access to the user. Assume breach: Constantly think about breach scenarios including post-breach attacker lateral movement, and work to prevent these scenarios. For example, ensure end-to-end encryption between sessions, leverage micro segmentation, and maintain security analytics to provide a deeper view of threats.   A comprehensive Zero Trust security strategy applies those principles to provide end-to-end protection across your IT components and digital estate, including: Identities: People and services accessing the system. Devices: Devices used to access services, such as BYOD devices. Applications: Applications and APIs that consume services. Data: Information that sits in parallel with applications. Infrastructure: Platforms that provide the environment to host these components (cloud VMs, servers or containers). Networks: Links that allow these components to interact.   Start your Zero Trust security journey We were lucky enough to go on our Japan holiday before COVID-19 took over the world. On that trip, my wife, an avid snowboarder, convinced me to try snowboarding. I thought that I would hate it due to my poor hand-eye coordination.  We started on the beginners slope, where my wife taught me how to turn and stop. Though it initially felt counter-intuitive, I managed to keep my feet locked on the board and maintain my balance. Soon after, we transitioned to more advanced skills like flat-spins and small jumps. It was great! I quickly transitioned to more advanced courses on the slopes. The Zero Trust security journey follows a similar path of learning, practice and confidence. Start with a specific use case within your organization and rethink it in the context of Zero Trust security. Slowly expand your approach across more use cases to increase the maturity of Zero Trust in your organization. How do you rethink security architecture and processes in the context of Zero Trust security? Start by taking our free, online Cybersecurity Risk Self-Assessment to uncover common security gaps in minutes.   Zero Trust security will be key in the new normalTo best protect the increasing numbers of remote users and devices, organizations need a Zero Trust security posture. Read on to find out what that means and where to start. Know your cybersecurity risk score. /node/21749Take the assessment

Tags: new key security normal

 
 

Cyber security round-up

2020-10-30 12:12:29| Oil IT Journal - www.oilit.com

Lloyd's Register reports on IIoT cyber-risk. NIST publications: Zero Trust architectures, Recovering from ransomware. OGTC/Baringa study of Cyber security in UK oil and gas. Acronis Cyber Backup for 'air-gapped' environments. Asigra's Deep MFA cloud-based backup. Noble Group deploys Alsid's Active Directory security. SCADAWall, new 'data diode' from Bayshore Networks. Chevron selects SecurityGate.io for OT cyber security. Cynet's breach prevention platform. RigNet's Cyphre encryption for the harsh edge. CME Software Engineering Institute open sources Kalki IoT security platform. SEI announces 'Vince' vulnerability reporting platform. IIC white paper on software trustworthiness best practices. Surge Engineering joins ISA Global Cyber Security Alliance. ISA/Saudi Aramco host ISA/IEC 62443 OT cyber security webinars.

Tags: security cyber roundup cyber security

 

Zoom Beefs Up User Security With End-To-End Encryption

2020-10-28 12:22:00| TechNewsWorld

Zoom gave its users a big security upgrade Monday when it rolled out end-to-end encryption for its online meetings network. E2EE puts control of the keys for scrambling data in the hands of meeting organizers. Before the E2EE rollout, encryption was done on Zoom's servers, where someone with access to those servers could intercept the data. When used correctly, E2EE can make it difficult for even the best-resourced intelligence agencies to eavesdrop on communication.

Tags: user security zoom encryption

 

Quality Assurance Engineer for Operations and Information Security

2020-10-26 11:12:48| Space-careers.com Jobs RSS

EUMETSAT is Europes meteorological satellite agency monitoring the weather and climate from space 24 hours a day, 365 days a year This is your chance to contribute to a world leading earth observation programme, set to generate global weather forecasting and climate monitoring benefits. As a Quality Assurance Engineer you will be at the heart of ensuring all elements of this complex system work together to deliver world leading meteorological products. The Technical and Scientific Support TSS department provides support to the development and operations of EUMETSAT satellite systems, in particular ground systems, as well as quality assurance and management support services to the full organisation, through its Process Assurance and Management Support Division PRS. The Quality Assurance Engineer for Operations and Information Security delivers QA support services to operations of satellite systems, services to users and other activities performed under the responsibility of the Operations Services to Users OPS Department, including the definition and implementation of Quality Assurance requirements and processes for the EUMETSAT Information Security Management System. Duties Deliver quality assurance support services to the operations of all EUMETSAT satellite systems, including Monitoring of the satisfactory implementation of applicable QA requirements Support to investigations and problem solving on detected anomalies, nonconformities and operational incidents. Provide, for the projects led by the OPS Department, quality and product assurance for the maintenance and evolution of operational ground systems and support services, including organisation of reviews, support and follow up of technical investigations Facilitate the risk management in the area of satellite systems operations and information security, including organisation and followup of risk reviews at profect and departmental levels Support the implementation of lessons learned in the area of satellite systems operations and information security Support the definition, documentation, implementation, analysis and continual improvement of operations processes and associated working practices, and the assessment of their compliance with the EUMETSAT Management System Support the definition, documentation, implementation, analysis and continual improvement of Information Security processes and associated working practices, and the assessment of their compliance with the EUMETSAT Management System Support the harmonisation and standardisation of organisational processes for all QA aspects, contributing to their continual improvement Perform andor support EUMETSAT internal quality audits, as well as audits on contractors and suppliers What we offer Generous salary, of up to Euro 7,500 month NET after income tax based on skills and experience Flexible working time including additional flexileave Excellent medical coverage for employee and family Attractive pension 30 days of annual leave 14.5 days public holidays Training and development support Relocation allowance and support if applicable Requirements Skills and Experience Proven experience of minimum five years in the area of quality or product assurance on complex softwareintensive systems, preferably in operational or 247 working environment Experience in the definition and assessment of processes, good practices andor standards in the field of quality assurance, combined with good knowledge and practice of the ISO 9001 andor other relevant QA standards Working knowledge of the standards related to information security, in particular ISO IEC 27001 and 27002 Excellent interpersonal and team working skills, combined with analysis, synthesis and presentations ability to ensure effective and efficient work and interactions both within and across teams Direct experience with ECSS standards would be an advantage. Qualifications A university degree in engineering or computer science or another relevant discipline. Certification in quality assurance, management or auditing would be an advantage. More about us EUMETSATs role is to establish and operate meteorological satellites to monitor the weather and climate from space 24 hours a day, 365 days a year. This information is supplied to the National Meteorological Services of the organisations Member and Cooperating States in Europe, as well as other users worldwide. EUMETSAT also operates several Copernicus missions on behalf of the European Union and provide data services to the Copernicus marine and atmospheric services and their users. As an intergovernmental European Organisation, EUMETSAT can recruit nationals only from the 30 Member States Austria, Belgium, Bulgaria, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, The Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom.

Tags: information quality security operations

 

Sites : [20] [21] [22] [23] [24] [25] [26] [27] [28] [29] [30] [31] [32] [33] [34] [35] [36] [37] [38] [39] next »