MAINSAIL Group’s Post

#hiring *Senior Model Based Systems Engineer (MBSE) with Security Clearance*, Arlington, *United States*, $180K, fulltime #opentowork #jobs #jobseekers #careers $180K #Arlingtonjobs #Virginiajobs #ITCommunications *To Apply -->*: https://lnkd.in/dFrBSV7t LinQuest is seeking a Senior Model Based Systems Engineer to support Headquarters, US Air Force (HAF) A5/7, Air Force Futures (AFF), at both client sites in the Pentagon/JBAB and telework sites in the National Capital Region. An active DoD TS/SCI clearance is required. The applicant will join a team that employs Model-Based Systems Engineering (MBSE). MBSE utilizes digital Mission Thread (MT) and Mission Engineering Thread (MET) models to provide a mission context to concept exploration, capability development, and throughout the systems engineering and acquisitions life cycles. MT models capture the sequence of operational objectives and tasks to achieve a desired mission effect. METs include the technical details of the capabilities and systems assigned to execute the mission. MBSE allows for virtual integration of innovative concepts and will streamline analysis to support planning and programming decisions. MBSE is used to support the analysis of HAF A5/7 (AFF) concepts and requirements to assist with the development of Program Objective Memorandum (POM) recommendations. Such recommendations are based on coherent, analytically-sound evidence as captured in credible, validated digital models. Models are used to facilitate robust collaborations among Subject Matter Experts (SMEs) in the three Centers of AFF and across stakeholder organizations, such as HAF A8 and A9, AFRL, and the Space Force. Models of the different AF missions and functions form constituent parts of a Mission Architecture that over time can become an Authoritative Source of Truth (ASoT) about future AF operations. Responsibilities: Engage with Analysis Team leadership to prioritize focus areas of MBSE efforts supporting AFF organizations. Determine data needed to support prioritized MBSE focus areas. Conduct modeling sessions to build SME-informed future MT models, consistent with guidance from Joint Warfighting Concepts, National Defense Strategy, National Military Strategy, Joint Force Operating Scenarios, and other authoritative sources identified by AFF SMEs. Incrementally build the Mission Architecture as described in the Mission Engineering Guide through development of MT and MET models using commercial-off-the-shelf visual modeling tools, such as Magic Draw/Cameo. Maintain awareness of concurrent activities by working in a common modeling database across the organization. Define and incorporate mission success parameters against which candidate solutions can be measured (i.e., Measures of Success/ Effectiveness/ Performance). Develop MET models to define where innovative solutions (materiel and/or non-materiel) may be

#hiring *Senior Model Based Systems Engineer (MBSE) with Security Clearance*, Arlington, *United States*, $180K, fulltime #opentowork #jobs #jobseekers #careers $180K #Arlingtonjobs #Virginiajobs #ITCommunications *To Apply -->*: https://lnkd.in/dFrBSV7t LinQuest is seeking a Senior Model Based Systems Engineer to support Headquarters, US Air Force (HAF) A5/7, Air Force Futures (AFF), at both client sites in the Pentagon/JBAB and telework sites in the National Capital Region. An active DoD TS/SCI clearance is required. The applicant will join a team that employs Model-Based Systems Engineering (MBSE). MBSE utilizes digital Mission Thread (MT) and Mission Engineering Thread (MET) models to provide a mission context to concept exploration, capability development, and throughout the systems engineering and acquisitions life cycles. MT models capture the sequence of operational objectives and tasks to achieve a desired mission effect. METs include the technical details of the capabilities and systems assigned to execute the mission. MBSE allows for virtual integration of innovative concepts and will streamline analysis to support planning and programming decisions. MBSE is used to support the analysis of HAF A5/7 (AFF) concepts and requirements to assist with the development of Program Objective Memorandum (POM) recommendations. Such recommendations are based on coherent, analytically-sound evidence as captured in credible, validated digital models. Models are used to facilitate robust collaborations among Subject Matter Experts (SMEs) in the three Centers of AFF and across stakeholder organizations, such as HAF A8 and A9, AFRL, and the Space Force. Models of the different AF missions and functions form constituent parts of a Mission Architecture that over time can become an Authoritative Source of Truth (ASoT) about future AF operations. Responsibilities: Engage with Analysis Team leadership to prioritize focus areas of MBSE efforts supporting AFF organizations. Determine data needed to support prioritized MBSE focus areas. Conduct modeling sessions to build SME-informed future MT models, consistent with guidance from Joint Warfighting Concepts, National Defense Strategy, National Military Strategy, Joint Force Operating Scenarios, and other authoritative sources identified by AFF SMEs. Incrementally build the Mission Architecture as described in the Mission Engineering Guide through development of MT and MET models using commercial-off-the-shelf visual modeling tools, such as Magic Draw/Cameo. Maintain awareness of concurrent activities by working in a common modeling database across the organization. Define and incorporate mission success parameters against which candidate solutions can be measured (i.e., Measures of Success/ Effectiveness/ Performance). Develop MET models to define where innovative solutions (materiel and/or non-materiel) may be

AWS Opportunities

CrowdStrike's Global Outage: A Deep Dive into the Technical Failures Warning: IT language to follow In a detailed technical root cause analysis, CrowdStrike has revealed the intricate series of events that led to a significant global outage of its Falcon sensor platform. The incident, which began on July 19, 2024, was traced back to a mismatch in input parameters for a newly introduced Template Type in sensor version 7.11. This Template Type was designed to enhance detection capabilities for advanced attack techniques exploiting Windows interprocess communication (IPC) mechanisms. The crux of the issue lay in the discrepancy between the number of input parameters required and those provided. The new IPC Template Type was defined to require 21 input parameters. However, the integration code erroneously supplied only 20. This mismatch evaded detection through multiple layers of validation and testing, including the sensor release testing process and stress testing of the Template Type. The problem came to a head when new IPC Template Instances were deployed on July 19, 2024. One of these instances introduced a non-wildcard matching criterion for the 21st input parameter, which had not been utilized in previous deployments. This led to the creation of a new version of Channel File 291, which required the sensor to inspect the 21st input parameter. The Content Interpreter, expecting only 20 inputs, attempted to access the 21st value, resulting in an out-of-bounds memory read and subsequent system crashes. CrowdStrike has since implemented several mitigations to *prevent a recurrence* of such issues. These include: Validation at Compile Time: A patch for the Sensor Content Compiler now validates the number of inputs provided by a Template Type at sensor compile time. Runtime Bounds Checks: The Content Interpreter has been updated to include runtime bounds checks to prevent out-of-bounds access. Improved Testing: Automated tests now include non-wildcard matching criteria for each field, and additional scenarios reflecting production usage have been incorporated. Staged Deployment: New Template Instances are now deployed in a staged rollout to mitigate the impact of potential failures. Customer Control: The Falcon platform has been updated to provide customers with increased control over the deployment of Rapid Response Content updates. Additionally, CrowdStrike has engaged independent third-party software security vendors to conduct further reviews of the Falcon sensor code and the end-to-end quality process from development through deployment. This incident underscores the complexity of maintaining robust cybersecurity defenses and the importance of rigorous validation and testing processes. CrowdStrike's swift response and comprehensive mitigations aim to enhance the resilience of its platform and prevent similar issues in the future. Dave Poole Ron Savoia Patrick Garrity 👾🛹💙Matthieu Garin

Too many false positives, challenges securing cloud-centric infrastructures, and lean teams... Do these challenges sound familiar? Learn how JupiterOne's security team addressed them with Panther. Here's what the customer had to say: "More teams are going to have to go towards engineering first, they’re going to have to. The environment is changing and the nature of security engineering and security operations are changing. It’s scaling to the point where you can’t hire enough people anymore to do all the work, you have to get smarter about it and engineer for security." Learn more in the JupiterOne customer case study: https://lnkd.in/eCrwCf2e

When you check all the boxes... well, almost. So, I recently had an interview that I thought I "nailed". 10 years as a Senior Network Security Engineer, Cisco Data Centre expertise – check. Handling complex security challenges – check. But when it came down to automation, they felt I wasn't quite there yet. Now, don't get me wrong – automation isn't foreign to me. I've implemented it from a "network security" perspective. But apparently, that wasn't enough. They were looking for a master coder, and well, that’s not me (yet). Is this the new hiring norm? No matter how much experience or adaptability you bring to the table, you're still measured on one checkbox? But hey, let’s give credit where it’s due. If there’s one thing I’ve learned from 10 years in this industry, it’s that nothing is beyond learning – and I’m up for the challenge. To all hiring managers out there – give people the chance to grow with you. Experience is important, but so is the willingness to learn and adapt. After all, isn't that what innovation is all about? #NetworkSecurity #InterviewStories #LearningNeverStops #Adaptability

💡Generating Security Findings for Incident Response Simulations This is a well prepared practice for security solution architects and blue team members especially to enhance your incident response capabilities by understanding the technical aspects of generating and utilizing security findings in simulated scenarios. https://lnkd.in/eDuXabTW #awscloud #awssecurity #AmazonInspector #AmazonGuardDuty #WellArchitected #solutionarchitect #CERT #IncidentResponse

Whenever a global scale outage happens, I get asked by friends and family how such a thing could happen. This is usually my canned answer. Engineering is the art of problem solving and the science of tradoffs. Site Reliability Engineering puts a heavy emphasis on the second part. Given a set of parameters and risks, we make decisions about implementing reliability at the expense of velocity, cost, complexity, etc. The early gains to reliability are usually the cheapest, less complex ones, and as we progress the cost of reliability goes up. It’s relatively cheap to add a load balancer and a few hosts, it is much more expensive to build a staging environment and a CI/CD pipeline and hire staff dedicated to this role. Yesterday’s massive Crowdstrike bug has exposed reliability gaps on both the vendor and customers sides. Massive outages of this scale never happen because of a single factor or single person, they are caused by successive layers failing one after the others. The upcoming weeks will be full of reliability engineers analyzing these gaps and the new sets of trade offs to address. Meanwhile, to the end user, none of that matters. The only thing that matters is that missed flight, or the doctor appointment rescheduled. An end-user first approach to reliability should and must be our priority. Otherwise everything else is useless.

Here are some thoughts from my manager on the recent global IT issues. They are well said and I especially love the points about trade offs. Check it out!