MAINSAIL Group’s Post

ARCSight Administrater - Clearance Required @ Logistics Management Institute by via all InfoSec news ([Global] oracle cloud) URL: https://ift.tt/aeQIMl0 Overview LMI is seeking an experienced ARCSight/Splunk Administrator to support a Program Office for a Government Client, located in Virginia. Remote work is anticipated with travel to various Client sites as needed.   At LMI, we’re reimagining the path from insight to outcome at The New Speed of Possible™. Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success. We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability. LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.  Responsibilities Responsibilities are, but no limitted to the following: Perform all major Administrator functions to operate and tune ArcSight for current systems and prepare for migration to Splunk SIEM Coordinate and manage future Splunk SIEM migration and implementation. Ensure interoperability between Splunk and new tool/sensor data feeds. Design and architect logs IAW Army Cyber Technical Capabilities Requirements Provide data analysis, log analysis, logging solution details. Use Splunk SIEM tool to monitor and analyze network performance and Cyber Security incidents and reports to detect vulnerabilities and anomalies or problems or issues. Develop monitoring and response rules, reports, dashboards, data monitors, active channels, trends, and use cases to identify threats and optimize data mining. Perform analysis of current configuration and proposed configurations to ensure compatibility within the overall system. Analyze threat information gathered from logs, Intrusion Detection Systems, intelligence reports, vendor sites, and a variety of other sources. Research, plan, install, configure, troubleshoot, maintain, and back up all components in ArcSight first, and upon migration to Splunk, in Splunk Apply knowledge of SIEM tools expertise to conceptualize, design, and build secure technical solutions, including operationally viable and efficient applications, systems, architectures, and infrastructure. Direct on the design and integration of Cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture while reducing manpower requirements. Troubleshoot and develop solutions for anomalies both remotely and locally for Splunk based solutions. Experience with any or all of these technologies:  Splunk, Qmulos, AMQP (RabbitMQ), Nessus, SQL Server, PostGRE SQL, Red Hat Satellite, Nagios, McAfee ePO, Phantom, IPSEC, PKI, ForeScout, Qualys, CA PAM/Xceedium, CyberARK, SailPoint Experience in utilizing the COTS products identified such as the following: Operating System: IBM...

ARCSight Administrator - Clearance Required @ Logistics Management Institute by via all InfoSec news ([Global] oracle cloud) URL: https://ift.tt/elfIGQU Overview LMI is seeking an experienced ARCSight/Splunk Administrator to support a Program Office for a Government Client, located in Virginia. Remote work is anticipated with travel to various Client sites as needed.   At LMI, we’re reimagining the path from insight to outcome at The New Speed of Possible™. Combining a legacy of over 60 years of federal expertise with our innovation ecosystem, we minimize time to value and accelerate mission success. We energize the brightest minds with emerging technologies to inspire creative solutioning and push the boundaries of capability. LMI advances the pace of progress, enabling our customers to thrive while adapting to evolving mission needs.  Responsibilities Responsibilities are, but no limitted to the following: Perform all major Administrator functions to operate and tune ArcSight for current systems and prepare for migration to Splunk SIEM Coordinate and manage future Splunk SIEM migration and implementation. Ensure interoperability between Splunk and new tool/sensor data feeds. Design and architect logs IAW Army Cyber Technical Capabilities Requirements Provide data analysis, log analysis, logging solution details. Use Splunk SIEM tool to monitor and analyze network performance and Cyber Security incidents and reports to detect vulnerabilities and anomalies or problems or issues. Develop monitoring and response rules, reports, dashboards, data monitors, active channels, trends, and use cases to identify threats and optimize data mining. Perform analysis of current configuration and proposed configurations to ensure compatibility within the overall system. Analyze threat information gathered from logs, Intrusion Detection Systems, intelligence reports, vendor sites, and a variety of other sources. Research, plan, install, configure, troubleshoot, maintain, and back up all components in ArcSight first, and upon migration to Splunk, in Splunk Apply knowledge of SIEM tools expertise to conceptualize, design, and build secure technical solutions, including operationally viable and efficient applications, systems, architectures, and infrastructure. Direct on the design and integration of Cybersecurity toolsets to enable more automated discovery, remediation, and alerting of network and device vulnerabilities as a means of improving the security posture while reducing manpower requirements. Troubleshoot and develop solutions for anomalies both remotely and locally for Splunk based solutions. Experience with any or all of these technologies:  Splunk, Qmulos, AMQP (RabbitMQ), Nessus, SQL Server, PostGRE SQL, Red Hat Satellite, Nagios, McAfee ePO, Phantom, IPSEC, PKI, ForeScout, Qualys, CA PAM/Xceedium, CyberARK, SailPoint Experience in utilizing the COTS products identified such as the following: Operating System: IBM...

#hiring *Lead Database Engineer - Patch Deployment Team (Remote)*, Raleigh, *United States*, fulltime #jobs #jobseekers #careers #Raleighjobs #NorthCarolinajobs #ITCommunications *Apply*: https://lnkd.in/gW4eRQ3q Overview: This position leads support for software and hardware infrastructure related to database technologies at a high level of complexity. Supports database infrastructure for the Bank's sales, service, and corporate support applications through expertise and daily performance monitoring. Implements, upgrades, and tests technical systems. Resolves escalated technical issues reported by users or system alerts. Drives operational excellence and systems efficiency, providing continuous service both through daily activities and through on-call rotation for after hours support. Implements disaster recovery testing and may provide oversight to technical associates or projects. This role is remote eligible. Responsibilities: Technical Support - Provides support for technical systems that execute business applications at a high level of ability and expertise. Configures, installs, and upgrades systems. Resolves complex, escalated technical issues. Responsible for administration, communication, and documentation throughout technical support activities. Manages technical projects and assists management with other business initiatives.System Testing - Leads testing and monitoring activities that ensure all applications dependent on the infrastructure function without issues. Automates tasks or tests to provide continuous monitoring. Designs solutions that address system weaknesses or common issues and oversees their implementation.Data Security - Responsible for the security, management, and recovery of the Bank's distributed data assets. May lead disaster recovery efforts and other initiatives designed to protect the Bank's assets.Technical Expertise - Maintains a strong knowledge base of software, hardware, and related database infrastructure through ongoing research. Communicates effective and clear technical information to associates and management. Serves as a resource to wider business unit, management, and project teams.Vulnerability Assessment: Conducting vulnerability assessments using Qualys tools. Analyzing and interpreting vulnerability data. • Remediation Strategies: Developing and implementing remediation plans. Collaborating with IT and security teams to address vulnerabilities.Reporting and Documentation: Creating detailed reports on vulnerability findings and remediation actions. Maintaining documentation for compliance and audits.Continuous Improvement: Keeping abreast of the latest security trends and technologies. Improving and optimizing the vulnerability management process.Technical Skills:Profound knowledge of Qualys cloud solutions, especially in vulnerability management.Experience in deploying, configuring, and managing Qua

The CrowdStrike outages are another reminder of how critical it is to demand rigor and excellence in your patch management process (In CrowdStrike's case) as well as the importance of your on-the-ground incident response team (In 70% of F100 companies' case) Most of the fixes/work arounds to critical systems affected by the outage had to be done hands-on with machines by on-the-ground teams. Let's hope there's not a next time, but in case there is IT Leaders should consider where their staff/consultants who can respond to incidents like this are physically located. If you are looking into how to find & select top-tier US-Based Security, Incident Response, Software, or Infrastructure staff let's discuss how Software Resources can partner with you. #IncidentResponse #PatchManagement #ITTalent #Staffing #Recruiting #LocalTalent

#hiring *Lead Database Engineer - Patch Deployment Team (Remote)*, Raleigh, *United States*, fulltime #jobs #jobseekers #careers #Raleighjobs #NorthCarolinajobs #ITCommunications *Apply*: https://lnkd.in/gZFaASVY Overview: This position leads support for software and hardware infrastructure related to database technologies at a high level of complexity. Supports database infrastructure for the Bank's sales, service, and corporate support applications through expertise and daily performance monitoring. Implements, upgrades, and tests technical systems. Resolves escalated technical issues reported by users or system alerts. Drives operational excellence and systems efficiency, providing continuous service both through daily activities and through on-call rotation for after hours support. Implements disaster recovery testing and may provide oversight to technical associates or projects. This role is remote eligible. Responsibilities: Technical Support - Provides support for technical systems that execute business applications at a high level of ability and expertise. Configures, installs, and upgrades systems. Resolves complex, escalated technical issues. Responsible for administration, communication, and documentation throughout technical support activities. Manages technical projects and assists management with other business initiatives.System Testing - Leads testing and monitoring activities that ensure all applications dependent on the infrastructure function without issues. Automates tasks or tests to provide continuous monitoring. Designs solutions that address system weaknesses or common issues and oversees their implementation.Data Security - Responsible for the security, management, and recovery of the Bank's distributed data assets. May lead disaster recovery efforts and other initiatives designed to protect the Bank's assets.Technical Expertise - Maintains a strong knowledge base of software, hardware, and related database infrastructure through ongoing research. Communicates effective and clear technical information to associates and management. Serves as a resource to wider business unit, management, and project teams.Vulnerability Assessment: Conducting vulnerability assessments using Qualys tools. Analyzing and interpreting vulnerability data. • Remediation Strategies: Developing and implementing remediation plans. Collaborating with IT and security teams to address vulnerabilities.Reporting and Documentation: Creating detailed reports on vulnerability findings and remediation actions. Maintaining documentation for compliance and audits.Continuous Improvement: Keeping abreast of the latest security trends and technologies. Improving and optimizing the vulnerability management process.Technical Skills:Profound knowledge of Qualys cloud solutions, especially in vulnerability management.Experience in deploying, configuring, and managing Qua

The IT department, or Information Technology department, is the group within an organization that handles all things tech-related. Here's a breakdown of their typical responsibilities: Maintaining computer systems: This includes hardware and software. They keep everything running smoothly by installing, configuring, and updating devices, programs, servers, and databases [1]. Network management: The IT department oversees the organization's computer network. They make sure it's up and running, secure, and efficient [2]. Technical support: They're the ones to call if you have any computer problems - they help troubleshoot issues and answer your questions [5]. Data security: IT departments are responsible for safeguarding the organization's data from cyberattacks and other threats [6]. The size of the IT department can vary depending on the size of the organization. In a small business, there might be one IT person who does everything. Larger companies often have entire IT departments with specialists in different areas. #JobSearch #NowHiring #CareerOpportunities #JobOpening #JobListing #EmploymentOpportunities

The high-performance and resilient platforms satisfy critical roles, but software complexity and the graying of the specialist workforce are creating security challenges.

Privileged Access Management

When your #datacenters are impacted by a #cyber attack, software failure, human error, or natural disaster, do you have the right strategies in place to recovery quickly and confidently? Read these top tips for implementing and enhancing your data center disaster recovery processes.