This will be followed by a moderated CISO panel on the state of information security, cloud computing, mobility, advanced threats of malicious software and more.

Presenters

1. Amad Fida, President at brinQa
2. Phil Venables, CISO at Goldman Sachs
3. Thomas Doughty, CISO at Prudential Financial
4. Mark Clancy, CISO at DTCC
5. Dov Yoran, Co-founder at MetroSITE Group

• Venue: KPMG, 345 Park Ave, New York, NY

• Dress Code: Business Casual

CLICK HERE for agenda and registration.

Responsibilities:
Manage applied research and software development projects in the areas of information security, homeland security, information visualization, network simulation, and computer network defense training. This position includes, but is not limited to, the following activities:

• Participate in writing proposals to potential funding agencies for applied research and advanced technology development, with an emphasis on software development projects
• Conduct requirements analyses of analysts responsible for defending large enterprise networks from attack.
• Ensure technology being developed meets requirements.
• Monitor usability and quality assurance of technology under development.
• Track schedule and budget.
• Perform market analyses and competitive assessments to position advanced technology to fulfill information security market needs. Regularly meet with technical staff to track progress towards goals.
• Perform literature reviews of peer-reviewed journals that publish scientific articles on information security, information visualization, and network simulation.
• Document all processes, prepare briefings on project status, write technical reports.
• Contribute to scientific publications related to the advanced technology

Qualifications:

• Experience managing technical staff and technical projects
• Demonstrated ability to prepare detailed written reports, prepare budgets, and deliver first-rate briefings.
• Ability to impose organization and structure on ambiguous or ill-defined requirements.
• B.S. or B.A. in Computer Science, Engineering, Human Factors or related disciplines
• Expert use of Microsoft Word, Excel and PowerPoint
• Excellent leadership, problem solving, and communication skills.
• U.S. Citizenship Required.

Pluses:

• CISSP or other information security certification
• Experience conducting R&D or developing advanced technology
• Experience writing grant proposals.
• Recent military experience
• Currently active U.S. Secret clearance.

Due to the nature of our work, we can only accept applications from U.S. citizens and individuals that are willing and able to obtain a security clearance.

Seeking a project manager to manage advanced technology & research for FTE postions in Northport, NY. Individuals must be able to gain US Security Clearance. Apply at http://avi.catsone.com/careers.

The NY Metro ISSA is delighted to host a “Summer Networking Event” designed to provide their membership with an environment in which to share their experiences and discuss best practices for protecting their organizations. The event is complimentary for NYMISSA members. The event is open to members of sister organizations such as OWASP, ISACA, etc for a nominal fee. Attendees will have a chance to network with professionals in cross disciplines such as audit and privacy.

The networking event will feature a keynote address by the world renowned security expert and author, Ira Winkler, President of the Internet Security Advisory Group.

While overlooking beautiful Central Park, you can enjoy refreshments, explore some of the latest technologies and solutions offered by NY Metro ISSA Sponsors, and network with your colleagues. Attendees will also have an opportunity to win prizes offered by the event sponsors at the conclusion of the event.

CLICK HERE for event details, agenda and registration.

Presentation: Russian-Chinese Espionage

Recognizing the risks and identifying a technology are only at the beginning of the curve when dealing with data loss prevention. In this interactive session we will discuss essential components of a successful DLP strategy including development of business requirements, data classification, compliance to regulatory standards with particular attention to the Massachusetts Data Breach law, phases of deployment and avoiding common pitfalls experienced by CSO’s, practitioners and business leaders alike.

Presenters

1. Ron Baklarz, CISO at Amtrak
2. Don Garvey, CISO at Chubb Insurance
3. Jay Leek, Manager Corporate IT Security Services at Nokia
4. Paul Roberts, Senior Analyst, The 451 Group
5. Paul Rogers, IT Security Manager, Philadelphia Insurance Co.

• Venue: PriceWaterhouseCoopers, 300 Madison Ave, NY,  NY

• Dress Code: Business Casual

CLICK HERE for registration and full details.

Please bring a laptop and LAN cable to this event to fully benefit from the material that will be presented. If you do not have a laptop, you can still benefit by sharing with another member, or following along on the big screen.

• Venue: PriceWaterhouseCoopers, 300 Madison Ave, NY,  NY

• Dress Code: Business Casual

Registration and full details at cvent.

• Venue: KPMG, 345 Park Avenue,   New  York, NY

• Dress Code: Business Casual

Registration and full details at cvent.

Updated (04/27/2010)
Here are the presentations for this event:

• Three Critical Factors for PCI Assessment (PDF, 3MB)
• PCI Compliance and the Cloud (PPT, 2.7MB)

In this interactive session you will learn how to perform effective security metrics reporting and how to implement an Identity and Access Management project. A key takeaway from this session is how one can use metrics and reporting for their IAM program and to ensure that ones identity management tools are meeting their SLAs.

• Venue: PriceWaterhouseCoopers, 300 Madison Avenue,   New  York, NY

• Dress Code: Business Casual

Registration and full details at cvent

Update: Here are the presentations for this event:

• NYMISSA – Metrics that Matter (ver2)
• Identity and Access Management for Security, Productivity, and Compliance

The first session will cover emerging technologies, legal, and regulatory issues and reducing spending on legal risks.

In the second session we will learn how to proactively use corporate data and integrate information to thwart attacks and mitigate business risks.

The final session will deal with tools, processes and software used to perform forensics and e-discovery, related developments in the legal and regulatory environment and why organizations have information risk and control on the top of the list.

• Venue: Credit Suisse, 11 Madison Avenue(corner 24th Street ) New  York, NY

• Dress Code: Business Casual

Registration and full details at cvent.

Update: Here are the presentations from this event:

• Converting Data Into Meaningful Information
• Discovering Unexpected ROI for Emerging Technologies

Our first speaker will discuss how you critically examine your plan for “Black Swans”, those incompletely addressed aspects of your plan which can cause your recovery activities to grind to a complete stop. Our second speaker will deal with the potential of using Cloud Computing technologies as vehicles to cost-effectively support both resilience and availability by utilizing an increasingly popular IT business solution.

UPDATED (01/21/2010): Download the presentations for the sessions mentioned above:

• NYMISSA Presentation: Hunting Black Swans (01/13/2010)
• NYMISSA Presentation: Cloud Recovery (01/13/2010)

The session will conclude with an interactive panel discussion on the saga of the H1N1 virus. This panel will attempt to determine whether H1N1 has been a real threat or if it’s just yesterday’s old news. Our panel of BCP consultants will discuss what they have seen (or not seen) at client engagements in terms of preparation for a possible outbreak. We will also call on members of the audience to share their corporate and personal experiences with the group.

• Venue: KPMG, 345 Park Avenue (corner 51st  Street), New York, NY
• Dress Code: Business Casual

Registration and full details are now available at cvent

TITLE: Contractor Program Security Officer
LOCATION: Danbury, CT
SALARY: Open
RELOCATION: Yes

SUMMARY: Our employer is a Fortune 500 company, is a global supplier of systems and services to the aerospace, defense and homeland security markets. With more than $6 billion in annual revenues, Goodrich has one of the broadest portfolios of products in the aerospace industry. The company serves a global customer base, with over 24,000 employees across approximately 90 manufacturing and service facilities in 16 countries worldwide. This is a new position with 10-20% travel.

RESPONSIBILITIES: This position is responsible for security for one or more programs, providing day-to-day security advice and direction at our facility. Successful candidates will have demonstrated the technical skill, motivation, independence, and creativity necessary to complete difficult security tasks. This position will advise on a broad range of program security issues. Performs day-to-day security activities in order to maintain a compliant security program per company and government directives that ensures the protection of sensitive and classified information. Prepares security plans outlining regulations and establishes security procedures for programs. Reviews and writes evaluations of security proposals and plans. Monitors security programs and coordinates communications and network security requirements. Coordinates other documents and procedures prepared by customer government and contractors. Advises team members on program or operational security risks, explains security risks, mitigation strategies, and resolution options. Works with customers and staff to perform security testing of releases.

COMPETENCIES/ABILITIES

• Strong Audit Skills
• Experience with computer/network security
• Ability to interpret regulations (DCID, JAFAN, NISPOM, etc)
• Minimum 8 years relevant experience
• Ability to create internal policies to meet government and customer requirements
• Prior government contract or Agency experience
• Eligibility to obtain Security Clearance (TS with SSBI)

RESUME SUBMITTAL
Interested candidates should submit their resumes via the position posting on the SMR website at: http://www.smrgroup.com/SMR-Jobs.htm