News

Interested candidates please contact Barry Jones at bjones@secureworks.com

JOB DESCRIPTION:  Security Operations Analyst

Dell SecureWorks is a market leading provider of world-class information security services with over 2,800 clients worldwide spanning North America, Latin America, Europe, the Middle East and the Pacific Rim. Organizations of all sizes, including more than ten percent of the Fortune 500, rely on Dell SecureWorks to protect their assets, improve compliance and reduce costs. The combination of strong client service, award-winning security technology and experienced security professionals makes Dell SecureWorks the premier provider of information security services for any organization. Positioned in the Leader’s Quadrant of Gartner’s Magic Quadrant for MSSPs, Dell SecureWorks has also won SC Magazine’s “Best Managed Security Service” award for 2006, 2007, 2008 & 2009.

POSITION SUMMARY

Security Analysts perform real-time log analysis to provide network and data security for Dell SecureWorks client leveraging Dell SecureWorks’ Sherlock technology platform. Analysts provide excellent client service while evaluating the type and severity of security events by making use of packet analyses, and an in-depth understanding of exploits and vulnerabilities. Resolve client issues by taking the appropriate corrective action, or following the appropriate escalation procedures. Document all client communications. Work in a team environment and monitor the health and wellness of security devices on our client’s networks.

Preferred Technical Experience:

• Significant experience with Linux, TCP/IP, UNIX, NT, IP Routing
• Firm understanding of regular expressions
• Understanding of database structure and queries
• Understanding of basic network services, vulnerabilities and attacks
• Good knowledge of NDIS platforms, as well as exploits and vulnerabilities

Essential Duties & Responsibilities

• Respond to inbound phone and electronic requests for technical assistance with Dell SecureWorks products
• Manage all customer situations in a professional manner with emphasis on customer satisfaction
• Configuration and troubleshooting of Dell SecureWorks iSensor and associated infrastructure
• Assess incident severity and escalate to the next level as needed
• Keep customers abreast of changes in status during issue resolution
• Set clear expectations and provide timely follow-up to customers as appropriate
• Utilize internal guidelines for effective call processing and escalation and client service
• Interact with network intrusion detection devices and other security systems via proprietary and commercial consoles, both local and remote

Additional Responsibilities

• Must be able to manage customer accounts and confidently communicate technical information to Dell SecureWorks client base
• Maintain keen understanding of evolving Internet threats to ensure the security of Dell SecureWorks Client networks
• Learn prerelease products in the area(s) of support responsibility in order to support them when released
• Write technical articles for internal knowledge base
• Participate in knowledge sharing with other analysts and develop customer solutions efficiently
• Coordinate or participate in individual or tem projects to ensure quality support for our clients
• Perform other essential duties as assigned

Knowledge, Skills, & Abilities

• Must have strong written and verbal communication skills
• Customer Service background and good written and verbal communication skills
• Cisco Security Agent experience is a plus
• Attention to detail and great organizational skills
• Good interpersonal, and organizational skills, as well as phone and customer service skills
• Ability to maintain focus while performing in depth log analysis

Education and Experience:

• Bachelor’s Degree or equivalent in Computer/Electrical Engineering or Computer Science or equivalent work experience.

Desirable:

• three or more of experience as Network Intrusion Analyst
• Experience / Knowledge of Cisco NIDS devices
• Experience / Knowledge of Cisco Security Agents, Cisco Pix , ASA or CheckPoint Firewalls desirable
• Experience / Knowledge of variety of Intrusion Detection platforms
• Experience with VPN, SSL, other encryption methodology / technology a plus

Certifications Desired

• CCNA, CCSP, CSPFA Certifications a plus
• GIAC, GCIA, GCIH, GCFW, GHTO, GSEC or similar certification desirable

Cyber Citizen Forum—University Focus
~ November 16, 2011
5:00-7:30pm ~ Open to the Public
8 St. Mary’s Street, Photonics Building, Room 206,
Boston University

or join by video conference at http://bu.adobeconnect.com/cyberforum
Select “Enter as guest” and type in your name, then select “Enter Room”

Join

• Rear Admiral Michael A. Brown, Director, Cybersecurity Coordination
• Leading cyber security researchers and educators from New England
• Representatives from the Departments of Homeland Security and Defense

for presentations and discussions on

• Careers in Cyber Security                                           5:00 p.m. – 6:30 p.m.
• Cyber Risks, Cyber Protection &
  Living in an Interconnected World                             6:30 p.m. – 7:30 p.m.

Hear from experts:

• Department of Homeland Security:
  Rear Admiral Michael A. Brown, Director, Cybersecurity Coordination;
  Nicole Dean, Director, National Cyber Security Division;
  Patrick Beggs, Director of Operations, National Cybersecurity and Communications Integration Center
• Industry:
  Robert F. Brammer, President and CEO, Brammer Technology, LLC, Strategic Consultant, Advanced Cyber Security Center
• National Security Agency, DoD:
  Janet Anderson, NSA, Security Education Academic Liasion (SEAL) for Boston University and Northeastern University;
  Michael Hylkema, NSA;
  Richard M. George, Technical Director, National Security Agency (retired)
• U.S. Secret Service and Homeland Security Investigations
• Leading cyber security researchers and educators from New England

Hosted by Boston University’s Center for Reliable Information Systems and Cyber Security (RISCS at http://www.bu.edu/riscs/ ) and the Hariri Institute for Computing and Computational Science & Engineering (HIC at http://www.bu.edu/hic/ )

Congratulating the following students from BUILDS http://builds.cc for their success in the first round of CSAW Capture The Flag Cybersecurity Competition http://www.poly.edu/csaw2011/csaw-CTF:

Kyle Brogle – Computer Science / Mathematics Danny Cooper – Computer Science Jeff Crowell – Computer Engineering John-Nicholas Furst – Computer Engineering Monica Gribouski – Computer Science Andrew Mohn – Biomedical Engineering George Silvis – Mathematics / Ancient Greek Liam Wang – Computer Science

They placed in the top ten out of 74 teams, which means they get to send a four-person team to New York City for the finals in early November.

The four people planning to go to NYC are Kyle, Danny, John-Nicholas, and Andrew.

Wish them luck in the finals in November!

“Hackers Breach Tech Systems of Oil Companies” New York Times, February 10, 2011

“IMF Reports Cyberattack Led to „Very Major Breach‟” New York Times, June 11, 2011

“Nation‟s Fight Against Cyber Intruders Goes Local” Associated Press, July 20, 2011

SAVE THE DATES

The Institute for Information Infrastructure Protection (I3P) and the CERT® Program at Carnegie Mellon University‟s Software Engineering Institute Present

Cyber Security CPR: Coordinated Private Response to Computer Security Incidents

October 12-13, 2011

at the National Rural Electric Cooperative Association (NRECA) Conference Center, 4301 Wilson Blvd, Arlington, VA

Pre-Workshop Historical Perspectives Discussion: September 8 (online event)

What happens when a cyber incident brings down something essential to public welfare?  Since many critical infrastructures are privately-owned, who is responsible for planning a response?  In what situations can government direct private enterprise to take action? These are just three of the many questions facing public and private sector practitioners, policy-makers, and researchers.  Over the last two decades, these communities have formed a new and essential collaboration: Incident Response has emerged from the shadows of IT and risk management to meet these challenges.

The I3P invites you to join a distinguished group of researchers, practitioners and security experts to:

• Understand which scenarios call for a coordinated effort within the private sector, when to seek assistance from the public sector, and how to facilitate information sharing without compromising sensitive data.
• Gain a better understanding of previous responses in similar situations: when they have been necessary, how they have been effective, and why were they constrained.
• Discuss current response realities and how they intersect with technology, policy and individual organizations.
• Identify priority research areas to enhance effective public-private incident response.
• Recommend issues for policy makers to consider in legislation supporting incident response.

This event will engage participants by presenting response realities, sharing research ideas, brainstorming new approaches, and forming collaborative partnerships to address key challenges. We hope that you can join us.

An agenda and further details will be forthcoming. Register here, or, for more information, please contact Heather Drinan, I3P associate research director, at heather.drinan@dartmouth.edu or 603-646-6472.

www.cert.org

www.thei3p.org

Information Assurance Internship-Summer 2012

An exciting summer internship opportunity for undergraduate students in Information Assurance at the Air Force Research Laboratory (AFRL/RI) under the auspices of the Air Force Senior Scientist for Information Assurance.

INFORMATION ASSURANCE INTERNSHIP

The Information Directorate seeks outstanding undergraduate students for paid research internships. The summer 2012 internships focus on the science of mission assurance in a cloud computing environment, with emphasis on assuring Air Force mission essential functions in a contested environment. We invite applications from juniors and seniors in mathematics, computer engineering, electrical engineering, physics and computer science.

THE SCIENCE OF MISSION ASSURANCE

We seek to investigate information assurance at all six phases of the information life cycle:

1. Information generation
2. Information processing
3. Information storage
4. Information transmission
5. Information consumption
6. Information destruction

We aim to develop mathematical representations of critical functions, decompose them into atomic elements, define the relationships among elements, assess fractal properties of subsystems and systems, identify potential vulnerabilities and risks, and develop mitigation strategies for assured operation in a contested environment.

Interns will work on teams with government mentors to research vulnerabilities and threats, participate in facilitated discussions, solve complex problems, present and discuss solutions, and write and submit reports on time.

APPLICATION PROCESS

Candidates who hold US citizenship and qualify for a Department of Defense security clearance may apply by emailing a resume, an unofficial transcript of grades, a 100-word biography, two letters of recommendation and a headshot photo to iast@rl.af.mil no later than 2 December 2011. For more information contact: IAST 315-330-4370.

For more information visit AFRL Information Directorate at http://www.wpafb.af.mil/afrl/ri/ or the IA Internship website at http://iainternship.com/

reference: Dr. Kamal Jabbour, ST & Dr. Sarah Muccio, “The Science of Mission Assurance” Journal of Strategic Security Volume IV Issue 2 2011, pp. 61-74.

Approved for Public Release; Distribution Unlimited (88ABW-2010-4756)

Feel free to contact Regina Recco with questions on the logistics of this internship.

Regina Recco, Contractor (ITT)
Director of Operations, IA Internship Program
Office of the Senior Scientist for Information Assurance
Air Force Research Laboratory Information Directorate
525 Brooks Rd
Rome NY 13441
315-330-4833

Corporate Information Security – Job Description
Information Systems Security Analyst, AVP
Job Code: IT 1221

Background
The Corporate Information Security team is managed by State Street’s Chief Information Security Officer and consists of approximately 20 people located in North Quincy, Massachusetts. The group’s charter revolves around 7 programmatic Information Security cornerstones, encompassing:
1) Policies
2) Measurement of controls effectiveness
3) Risk Reviews
4) Information Security Risk Management
5) Vendor Management
6) Education and Awareness
7) Customer and business support
Currently the team is overseen by two senior managers each reporting directly to the CISO

Description
Entry level Information security analyst focused on identifying, gathering, analyzing, and reporting of key information security/ risk indicators. The candidate must be able to leverage his/her understanding and analysis of the key data points to produce meaningful reports to be used to drive business value via the promotion of changes in business and information technology operations that improve security, lower cost and enrich the quality of the company’s processing environment.
Leverage models, data bases and spreadsheets to create management reports used to illustrate risk relevance gleaned from statistical and correlated data.
Ensure work is completed within budget and on schedule.
Competencies
Qualified candidates enjoy a fast paced work environment with many time deadlines and have an interest in Information Security in the financial sector. The successful candidate will demonstrate:
• The ability to work with a reasonable level of guidance and be a self-starter
• Excellent teamwork
• Strong analytic skills / Systems thinking
• Good communication skills
• Ability to learn quickly and work on multiple projects concurrently
• A strong penchant for driving processes through to completion
Education/Experience
A Bachelor’s Degree is required. An understanding of the concepts of LEAN and/or Six Sigma is beneficial. An understanding of key infrastructure technologies such as Active Directory, UNIX, Open systems, Emails, and other platforms is a plus.

Key Responsibilities
This position will affect the operation of a programmatic cornerstone; Measurement of controls effectiveness. Day to day responsibilities include:
• Perform identification, quantification and research for business cases to be provided to Sr. Management, recommending mitigation of Information Systems risks and vulnerabilities for the Corporation
• Acquire information security metrics, implement models that leverage metrics data to provide business value
• Support and maintain Enterprise-wide Information Security programs that maintain State Street as a market leader
• Respond to management to provide Information Systems Security recommendations in support of business strategies and goals

Application Deadlines
Applications are accepted February 1st – May 15th and September 7th – December 15th of each year.

About the Program
You will operate under a rotational program, alternating semesters of full-time work with full-time study from entry into the program until graduation. We require a minimum of 52 weeks of co-op work experience prior to graduation. During your work tour, you will work a regular 40-hour week. Each work tour is designed to reveal the specific areas you may want to focus on as a career.

For more information and how to apply please visit http://www.nsa.gov/careers/opportunities_4_u/students/undergraduate/co-op.shtml

Boston University is designated as a Center of Academic Excellence in Information Assurance Education by a program administered through the Department of Defense and the Department of Homeland Security.   The program assigns a Senior Executive (SEAL) to work with each Center of Excellence and our SEAL, Janet Anderson, will be visiting BU Thursday, April 21, 2011.   Janet is and Enterprise Security Management (ESM) Project Director at the National Security Agency and will hold a

Student Information Session on Career Opportunities at NSA,

Thursday, April 21, 4—5 pm at

808 Commonwealth Avenue (Fuller Building), Room 267

She will also be available for individual meetings

10:30 am—noon and 3:00 pm – 4:00 pm

If you are interested in possible future employment at NSA you should submit your resume at http://www.nsa.gov/careers/index.shtml (click on apply online).

You may also join the meeting via videoconferencing:

To connect to the online webcast on Thursday, April 21 at 4pm:

1. 5-10 minutes before the start of the session, point your Internet browser to: http://bu.na5.acrobat.com/nsa

2. Enter as guest by typing in your name and pressing “Enter Room”

button to enter the virtual meeting room.

3. You can listen in by using a headset or speakers connected to your computer.  Please use the chat window at the bottom of the screen to ask questions and communicate with presenter.

4. We strongly recommend that you test your computer setup prior to the meeting.  Attached are the setup instructions.

You can also dial into the meeting from your phone by using the following numbers:

US/CANADA Toll Free:  1-888-850-4523

International Toll:    1-719-234-7800

Passcode: 577908

We will hold a test session for everyone who wants to test the connection to the webinar on Thursday, 4/21/11 3-4pm EST.

Dear BU Students, Faculty and Members of the Information Systems Security Association – You are invited to the BU/ISSA New England Chapter Meeting on May 18.

Please R.S.V.P. at the ISSA-NE website:  www.issa-ne.org

There is a fee of $40 for non-ISSA members: This will be waived for BU Students, Faculty and anyone joining ISSA for a $0 trial membership. The Agenda is:

WEDNESDAY MAY 18 ISSA NEW ENGLAND CHAPTER MEETING

Who: Invited are all BU faculty and students, ISSA members, & all Information Security professionals.

What: ISSA of New England chapter meeting co-sponsored with Boston University Metropolitan College – Computer Science Department, and the BU RISCS Center: http://www.bu.edu/riscs

When: Wednesday, May 18, 2011:  1:00 PM to 4:45 PM

Where: BU, Photonics Center Auditorium, Room 206, 8 St. Mary’s Street

(South of Commonwealth Avenue)http://www.bu.edu/maps/

MBTA Green Line - Boston University Central Stop

Parking: Warren Towers, 700 Commonwealth Avenue (Eastbound)

Lot N, 665 Commonwealth Avenue (Westbound )

Why: You will see and hear informative and useful new information to can bring back to your workplace.

You will gain valuable new insight on both the business side and the technical side of Information security today.

You will meet your peers in the Information Security industry.

How: Register here: http://issa-ne.org or at the door on Wednesday, May 18 by 1:00 PM

Program:

1:00 PM to 1:15 PM:  Welcome from Teresa Hummel, President of ISSA of New England and Dr.Lou T. Chitkushev, Ph.D., Chairman and  Associate Professor, Department of Computer Science, Metropolitan College & Associate Director, Center for Reliable Information Systems and Cyber Security (RISCS) Boston University

1:15 PM -2:00 PM:  Peter Kuper, Vice President at In-Q-Tel:

Theme: “Financials for the IT Security professional: how finance truly affects IT security.”

Bio: Peter runs the security practice for In-Q-Tel directly working with the US Intelligence Community in advancing security software solutions. At Morgan Stanley, Peter covered all of enterprise software especially security. Peter was their lead Internet Security stock analyst, wrote industry-defining reports and made market-moving stock calls. Previously, he was a director and equity analyst at SG Cowen, where he covered the software sector with a particular focus on security.

Topic:

-         How does economic pressure affect information security professionals beyond just their budget?

-         The 2008 Wall Street crash and it’s lingering impact on our industry

-         Public vs. Private vendor viability

-         Mergers and Acquisitions: my vendor was acquired. Now what?

-         Stating the case for security to the CFO and other financial management

2:00 PM- 2:15 PM:  Refreshments and Networking

2:15 PM – 3:00 PM:  Stuart Jacobs, MSc, CISSP, Lecturer, Computer Science Department, Boston University Metropolitan College on:

Theme: “WiMAX Subscriber and Mobile Station Authentication Challenges”

Topic:

-         IEEE 802.16 (WiMAX) Authentication Challenges

3:00 PM – 3:45 PM Josh Huston, Founder and Chief Technologist at Exultium on:

Theme: “The Future of Endpoint Security and HIPS:”

Topic:

The turbulent past of the Host Intrusion Prevention (HIPS) space and lessons learned from the trenches will be detailed. Covered will be:

– Why is protection at the endpoint important?

– What is behavioral protection and why is it valuable?

– What are the challenges of enterprise endpoint management?

– What could be coming in the future for endpoint security?

3:45 PM – 4:00 PM:  ForeScout presentation

4:00 PM – 4:15 PM:   TripWire presentation

4:15 PM – 4:30 PM:   Vormetric presentation

4:30 PM to 4:45 PM: Closing Remarks from BU and ISSA of New England

A special bonus for those who participate for the entire meeting: Join us at the end of the meeting for a gift card drawing. You must be present to win, and an active paid up member of the New England Chapter of the ISSA.