je.st
news
Tag: security
COVID-19 and Computer Security, Part 1: Telecommuting Risks
2020-03-12 18:33:30| TechNewsWorld
The United States Office of Personnel Management last week urged agencies to prepare to allow federal employees to telework -- that is, work remotely.This came on the heels of the Department of Homeland Security closing its facilities in Washington state, after learning an employee had visited the Life Care facility in the city of Kirkland, which is ground zero for the state's COVID-19 outbreak.
Tags: part
computer
security
risks
ESCRYPT and the Security division of NTT form automotive cybersexurity partnership
2020-03-12 09:55:39| Green Car Congress
Tags: form
security
automotive
division
IT Security Engineer
2020-03-11 11:14:05| Space-careers.com Jobs RSS
Position Reference 129 You will have the opportunity to provide the ESA IT Department with professional IT services that are essential to ensure the confidentiality, integrity, availability and business continuity of the agencies Communication and Information Systems, in compliance with the ESA Security Directives. Tasks and Activities The scope of work will include ECRD Operations Support Operate the ESA Classified RESTRICTED Documents services for the tasks allocated to the ECRD Services Team. This involves but is not limited to management, monitoring and support of the ECRD infrastructure, ECRD Encryption services, key management, user service requests, troubleshooting coordination between all ECRD Service Providers, etc. Produce, document, optimize and maintain operational processes and procedures to run the service in line with ESAs requirements, to be defined by the ESA TR at the beginning of the activity. Collect and assess user and service provider requests related to the current ECRD services and the evolution of the service. Complement the ECRD Evolutions Service Resources with providing practical input, suggestion and possible solutionsimprovements, derived from the daily operations of the service. ECRD Evolution Engineering Assess the user and Service Provider requirements for service evolution and propose corresponding solutions improvements that will need to be validated and approved by Corporate IT, the Security Architect, Security Officer, the ESA Security Office and ultimately by the Member States. The proposed solutions will also require approval from ESAs IT Governance Board for budget approval. Prepare the implementation planning, Bill of Material, follow up delivery of required elements, interface with vendors, implement the approved solution against the agreed implementation plan, prepare test plans and validate the implemented solution accordingly. Prepare and maintain all documents required for the Service Readiness Review and Transfer To Operations. The ESA ISO9000 based QMS will be followed. Support the Security Section in its meetings with the user community, ESA Security Office, the Member States. This may entail for instance to prepare and deliver presentations, demonstrations clarifications etc. CIAM Engineering For ESAs External Community Identify, collect and prepare the requirements for the different use cases of ESAs external user community with regards to External Directory Services, MultiFactor Authentication, use of Federated authentication, authorization and integration in ESAs existing CIAM services. Design a solution in line with these use case requirements, the Corporate IT technologies, services and processes in place, the ESA Security Policies. Implement a Proof of Concept PoC and validate the solution against all requirements. Prepare all documentation for taking this PoC to the full implementation phase of this service. Vulnerability Management System Engineering and PoC Identify, collect and prepare the requirements and interlocks for an ESAwide vulnerability management service using Skybox technologies, the various data sources available in ESA. To this end, close interaction with ESACERT, Corporate IT Service Providers and possible other Directorate peers will be needed. Automation of data collection and vulnerability management tasks is a major aim of theses activities. Design a solution in line with these requirements and boundary conditions, the Corporate IT technologies, services and processes in place, the ESA Security Policies and Directives. Implement a Proof of Concept PoC for the Corporate IT provided services and validate the solution against all requirements and boundary conditions. The PoC shall be extensible to other areas in ESA. Prepare all documentation for taking this PoC to the full implementation phase of this service. Skills and Experience The following skills and experience are mandatory You have a Technical Degree Bsc., Diploma or equivalent from a recognised Institution or you ideally have a PhD or Msc Engineering from a recognised Institution of secondary studies University, Ecole suprieure, etc.. You have expertise in the following technical domains IT Security Architecture Modern IT technologies used for securing endpoints PCs, Mobile devices, IoT, etc., Infrastructure network, storage, computing infrastructure and cloud, Operating Systems and Applications. Information Security Management according to ISO 27001 You have experience and expertise in the following specific IT technologies In depth Windows Active Directory, Windows and Linux Open standards based federated Identity and authentication technologies e.g. SAML, oAuth2, OpenID F5 Big IP Trusted List for Approved cryptographic products EU VMware Virtualization and VDI technologies Thales encryption solutions Zabbix, Advenica encryption and data protection technologies Varonis Data Advantage Directory Services Skybox vulnerability management solution technologies You must be eligible for obtaining a personnel security clearance at ESA SECRET level. You are regularly kept uptodate in terms of technologies and methods. The following skills would be highly desirable You hold a specific IT Security industry certificationspecialisation e.g. CISSP. How to Apply Looking to take your career to the next level? Interested applicants should submit their CV and Cover Letter to RHEAs Recruitment team at careersrheagroup.com no later than 07042020. About RHEA Group RHEA Group is a leading engineering consultancy firm with demonstrated expertise in space, system and secure software solutions. We attract skilled engineers, scientists and management professionals and offer a range of exciting career paths working alongside clients such as the European Space Agency, the European GNSS Agency, EUMETSAT and NATO.
IoT is infiltrating the business world despite security risks
2020-03-10 01:00:00| Total Telecom industry news
The boom of the IoT ecosystem is a beautiful thing for many, offering a whole new world of possibilities for enterprises, including new revenue streams and vastly improved efficiency. A new report from Kaspersky shows that IoT implementation is growing throughout a host of industries, with IT and telecoms, perhaps unsurprisingly, at the forefront of IoT adoption, with 71% reporting using these devices within their business…read more on TotalTele.com »
Tags: business
world
security
risks
Cyber Safety and Security Manager mfd
2020-03-03 10:11:20| Space-careers.com Jobs RSS
ID 3810 ROLE FUNCTION Cyber Safety and Security Manager TASKS Task 1 Management Ensure and document the correct and timely process of the CSOC 1st Phase Project, including Management of all activities of the consortium. Identify, rectify, followup and closeout all problems or underperformance. Ensure timely closure of all actions agreed with Client. Ensure timeliness and quality of all deliverables. Take all recovery actions required to maintain schedule quality of deliverables. Report to Client monthly. Maintain Project Actions Database. Organise and minute progress meetings with Client. Output Approval conditions Project Management Plan Monthly Report of the Activities Milestone Report Task 2 Assessment Interview and multiple dedicated workshops with Client ad hoc stakeholders. Applicable documents shall be provided by Client and shall be taken into account by the Contractor at no further costs to the Agency Identify and analyse the existing Client functionalities in place used in Client to perform ITOT Monitor and Control, Threat and Vulnerabilities Analysis and Security Risk Management. Cyber and security MC capability assessment document Task 3 Analysis and Evaluation Client Cyber and security MC capability assessment document Analyse the full scope of the cyber and security requirements including gapsmaturity and define the required capabilities in terms of Cyber Security Operational Centres, Threat and Vulnerabilities Processes and Risk Management Tools in order to be integrated in a coherent CSOC capability. This requires a benchmarking exercise to establish the current status of existing capabilities wrt. current state and best practices on cyber security features and functionalities inside Europe and in the World both in the IT and OT domain. CSOC definition perimeter and Gapmaturity current cyber capability analysis Task 4 Concept and Security Risk Analysis Client Cyber and security MC capability assessment document CSOC definition perimeter and Gapmaturity current cyber capability analysis Describe and formally document the preliminary architecture and conduct a preliminary CSOC Security Risk Analysis. CSOC preliminary conceptual architecture document CSOC preliminary security risk analysis CSOC preliminary accreditation plan Task 5 Requirements CSOC preliminary conceptual architecture document CSOC preliminary security risk analysis CSOC preliminary accreditation plan Describe and formally document the preliminary requirements of the Client Cyber Security Operational Centre. CSOC Requirements document CSOC Mission Requirements CSOC Functional Requirements CSOC Operational Requirements CSOC Security Requirements Task 6 System Requirements Definition CSOC preliminary conceptual architecture document CSOC preliminary security risk analysis CSOC preliminary accreditation plan CSOC Requirements document CSOC Mission Requirements CSOC Functional Requirements CSOC Operational Requirements CSOC Security Requirements Describe and formally document the preliminary System Definition files of the Client Cyber Security Operational Centre to support the SRR Milestone CSOC Design and Definition File within SRR scope CSOC Design Justification File within SRR scope CSOC Concept of Operation, Governance, including Security Operation CSOC preliminary DDVP CSOC Accreditation plan updated CSOC Risk Assessment updated RAMS and PA files Update of task 5 documents In addition to the documentation required for the SRR as per ECSS Standards. REQUIRED SKILLS Developingmaintaining specific Cyber Security capabilities for protecting Client Mission Critical infrastructure, defending Client space programs from targeted attacks or scenarios. Coordinating and integrating Corporate and Mission Critical Information Technology under a common Cyber Security Management framework, based on a holistic risk assessment of Client assets. This complements the existing Cyber Security and Operational functions, ensuring that all parties work toward a common Cyber Security goal. Management of all activities of the consortium Maintain Project Actions Database Security Risk Management Conceptual architecture document Accreditation plan Concept of Operation, Governance, including Security Operation GENERAL CONDITIONS START ASAP LOCATION Noordwijk, Netherlands TYPE OF BUSINESS Aerospace CONTRACT Freelancing Contract WORKING LANGUAGE English DEADLINE 07.02.2020
Tags: security
manager
safety
cyber
Sites : [41] [42] [43] [44] [45] [46] [47] [48] [49] [50] [51] [52] [53] [54] [55] [56] [57] [58] [59] [60] next »