Information Security Breach

Personal Finance Predications for 2010: ID Theft

http://www.foxbusiness.com/story/personal-finance/personal-finance-predictions–id-theft/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+foxbusiness/latest+(Text+-+Latest+News)

Cyber Security Breach

Penn State notifies 30,000 of computer security breach

http://www.post-gazette.com/pg/09364/1024438-454.stm?cmpid=news.xml

Senior IT Auditor

Position Summary

Successful candidate will have 5 – 10 years of IT internal audit and/or related work experience in the financial or securities industry.

Successful candidate must have a CISA –no exceptions.

Experience Needed

Strong knowledge of IT systems configuration and operations to include;

• operating systems – Windows, Linux
• databases – Sybase, Oracle, SQL Server
• security & access configuration – infrastructure & application level
• business applications  - general ledger, trading & clearing, risk management, etc.
• programming experience a plus  - SQL, Java, C
• Strong knowledge of securities trading & back office activities – equities & fixed income: order routing & execution, settlement & clearing

Position Responsibilities:

• Assess the IT control environment for audits assigned, develop audit scoping and test document (RAM) and effectively execute audit fieldwork.
• Identify and communicate audit issues and develop practical recommendations to assist departments to better control businesses and processes.
• Draft audit reports, identifying audit scope, findings, and conclusion.
• Meet with Senior Management to discuss audit coverage and the status of audit issue follow up.
• Appropriately update and execute the Sarbanes Oxley IT Program and identify control design and operational deficiencies.
• Maintain current in relevant technology trends, standards, requirements, and best practices.
• Assist in preparing presentations for management and the Finance & Audit Committee.
• Keep IT Audit Director and IA Managing Director updated on work in process.
• Execute special projects as required.

For full details please contact:

Wils Bell

Information Security Recruiter

SecurityHeadhunter.com, Inc.

POB 620298

Oviedo, FL 32762

Desk: 407-365-2404

Cell: 407-718-7764

Email: Bell@SecurityHeadhunter.com

Security Job:

Cyber Counterintelligence Instructor

SecurityHeadhunter.com has been tasked with identify and recruiting a senior level candidate to work as an Instructor for Cyber Counterintelligence.

Please note that the education and security clearance requirements are FIRM, BUT the client will have some flexibly on other requirements SO please read this entire spec closely!!

JOB SUMMARY

The real key to this position is Counterintelligence experience even though you must have Cyber Security experience also. The students to be taught are already trained in Counterintelligence, but need to be brought up to speed on Cyber Counterintelligence.

As an Instructor, the courses are to be fairly basic and will principally be for familiarizing the counterintelligence agents / students with cyber threats and the capability to deter and exploit. Under this premise, the Cyber Security experience level can be 3-5 years as long as the overall counterintelligence experience is solid and credentialed. What is needed is a candidate that can “walk the walk & talk the talk” relating to “counterintelligence” and has worked with / has experience in cyber security applications. What the client does not need is a pure computer forensics / security type individual with no counterintelligence.  Again, (some – see below) previous counterintelligence experience is a must.

Client would like someone who has conducted (or closely supported) investigations of cyber threats and approaches and/or has exploited any such approach (operations).  They also would be interested in anyone with a strong (3-5 years) cyber analysis background…having looked at the threats, capabilities, and patterns.

Counterintelligence experience through Military or Federal (FBI, etc,) service is great, but client will also look at civilians that have been /are accredited / certified in CI.

The ideal candidate will have 10-15 years of counterintelligence with 3-5 years cyber investigations, operations, or analytic experience. ENCASE trained.

The client will possibly consider  5-7 years in the military or a civilian with a technical (computer forensics / security) background who can at least claim they are experienced in Counterintelligence and is also ENCASE trained.

Specific expertise in the area of CI Force Protection, CI Investigations, CI/CE Operations and/or CI analysis is desired.

INSTRUCTOR DUTIES:

As a Cyber Counterintelligence (hereinafter CI) Instructor, you will be responsible for:

• The development and delivery of training courses for Cyber CI and Information Operations.
• Maintaining a working knowledge of the subject matter, the class dates, and any and all problems associated with delivery of training materials.
• Coordinating with the Joint CI Training Academy (JCITA) and the military Board of Governors (BoG) and their field units to identify training requirements.
• Ensuring course materials are maintained, updated / improved to meet current training requirements of the DOD and the Defense Counterintelligence and Human Intelligence Center (DCHC) under the supervision of the Defense Intelligence Agency DIA.
• Routinely providing timely responses to queries and support requests from DCHC staff and military services.
• Providing sound & accurate advice, guidance and counsel on any issues dealing with training.
• Appropriately handling and safeguarding classified / sensitive information in accordance with applicable security directives and where needed, incorporate policy changes into the course curriculum.
• Maintaining liaison contacts with appropriate national agencies and their officials to ensure timely exchange of training related material and information.
• Ensuring remote learning packages/computer based training (CBT) on information operations meet the needs of field personnel.
• Developing, preparing, and presenting briefings/lessons to students and senior level community officials. Briefings need to be clear, concise, well researched, and well organized in a logical and easy to understand fashion. Briefings and lectures need to be up-to-date, timely, adequately address the subject matter, and meet the expected level of information by the intended audience.For consideration on this or other Security positions, please contact:

Wils Bell

Information Security Recruiter

SecurityHeadhunter.com, Inc.

POB 620298

Oviedo, FL 32762

Desk: 407-365-2404

Cell: 407-718-7764

Email: Bell@SecurityHeadhunter.com

LinkedIn Profile: http://www.linkedin.com/in/wilsbell

Web: SecurityHeadhunter.com

Blog: SecurityHeadhunter.wordpress.com

Twitter: security_REC

“I’m a great believer in luck, and I find the harder I work, the more I have of it.” — Thomas Jefferson

P Go Green – print only if necessary

Security Recruiter – Daily Security Breach Notification.

Today Post from the Washington Post:  http://voices.washingtonpost.com/securityfix/2009/12/jmtest.html?wprss=securityfix

La. firm sues Capital One after losing thousands in online bank fraud

By Brian Krebs  |  December 7, 2009; 4:15 PM ET
Categories:  Small Business Victims | Tags: ach fraud, jm testShare This:  E-Mail | Technorati | Del.icio.us | Digg | StumblePrevious: Phishers angling for Web site administrators

An electronics testing firm in Louisiana is suing its bank, Capital One, alleging that the financial institution was negligent when it failed to stop hackers from transferring nearly $100,000 out of its account earlier this year.

In August, Security Fix wrote about the plight of Baton Rouge-based JM Test Systems, an electronics testing firm that in February lost more than $97,000 from two separate unauthorized bank transfers a week apart.

According to JM Test, Capital One has denied any responsibility for the losses. On Friday, JM Test filed suit in a Louisiana district court, alleging breach of contract and negligence by the bank. The firm says it is still out a total of $89,000, and that it has spent roughly $70,000 investigating and responding to the breaches.

“Capital One was not willing to make good on our losses or attempt any type of settlement,” said Happy McKnight, JM Test’s controller. “The banks are clearly taking a ‘Hey, don’t look at me!’ stance. It is so sad to wonder how many business failures this type of fraud has caused.”

Capital One declined to comment for this story.

The lawsuit is the latest to challenge whether banks are doing enough to help customers prevent losses when a virus infection, phishing attack or hacker break-in jeopardizes a company’s online banking credentials, said David Johnson, a digital media lawyer with the Los Angeles law firm Jeffer Mangels Butler & Marmaro LLP.

Johnson said that under the Uniform Commercial Code, banks generally are required to maintain “commercially reasonable” methods of providing security against unauthorized payment orders.” But he said just what constitutes “commercially reasonable” security practices has only recently been challenged, citing a recent court case in Illinoisexpected to go to trial soon in which a couple is suing their bank over $26,500 lost when cyber thieves stole the user name and password needed to access their home equity line of credit.

“The banks try to limit their responsibility by saying that customers have to monitor their accounts and notify the bank immediately if there is some kind of suspicious transfer,” Johnson said. “And it’s very rare that businesses are going to be that diligent in reviewing their online accounts.”

For its part, JM Test maintains that it alerted Capital One to the fraud on the same day as the fraudulent activity, and that the bank still failed to stop the fraud. The plaintiffs charge that Capital One violated its ownonline banking terms and conditions, which it said provide that once a Capitol One customer calls to report fraudulent activity, Capital One will close the affected customer’s existing account to prevent further unauthorized charges.

According to court documents, on Feb. 20, 2009 JM Test discovered that an unauthorized $45,640 wire transfer had been made against its account to an account at Alpha-Bank in Moscow. JM Test claims that it alerted Capital One by telephone of the fraudulent wire transfer that same day, and that the bank said it would investigate.

JM Test alleges that five days later, Capital One issued it a new user name and password. But then on March 2, the company found that thieves had broken into its online bank account yet again, this time initiating a batch of unauthorized payroll payments totaling $51,556.44. The money was sent to at least five different money mules, individuals who the attackers had apparently hired via online job Web sites to receive the transfers and then wire them out of the country.

The lawsuit further states that neither of the fraudulent transfers was initiated from an Internet address that JM Test had used previously to conduct online banking. In addition, court documents state that Capitol One advised JM Test on March 3 that it had blocked JM Test’s account, and that March 4 was the first day that it was contacted by a fraud investigator for the bank.

Businesses do not have the same legal protections against online banking fraud that consumers enjoy. Consumers generally have 60 days from receiving a bank statement to dispute any fraudulent charges, and typically those charges will be reversed. But organizations that experience fraud with their online banking accounts usually lose any money from unauthorized transactions that aren’t immediately reported to the bank, and even then there is no guarantee that all or any of the fraudulent transfers will be reversed or halted.

Cases such as JM Test’s may become more common. Many of the more than six dozen companies that I have interviewed over the past six months, and who have been vicitims of similiar fraud, said they are weighing whether to sue their banks. In September, Security Fixpublicized the case of Patco Construction, a firm in Maine that sued its bank after thieves stole the company’s online banking credentials and used them to transfer at least $588,000 to dozens of money mules throughout the United States.

“The banks cannot let this situation go on or people will start to lose confidence in them.” Johnson said. “If people start thinking they can lose real money when they deposit their money into the bank…that becomes a real business issue. If they’re going to survive, the banks are going to have to crack down on this type of fraud and stop it, and I think they know this.”

A copy of the petition filed with the Louisiana court is available here.

I should note that I finally got around to creating a separate category –Small Business Victims — that tracks this series of stories I’ve been writing about small businesses hit by cyber fraud. This piece marks the 25th story in that series.

By Brian Krebs  |  December 7, 2009; 4:15 PM ET
Categories:  Small Business Victims | Tags: ach fraud, jm testShare This:  E-Mail | Technorati | Del.icio.us | Digg | StumblePrevious: Phishers angling for Web site administrators

Security Recruiter - Daily Security Breach Report from the Web

Security breach compromises information on 1,400 District 86 grads

A security breach discovered last month at the University of Nebraska involved the names, addresses and Social Security numbers of 1,400 Hinsdale High School District 86 graduates.

The breach involved a computer in the College of Education and Human Sciences at the Lincoln campus. The university’s investigation revealed the computer had not been adequately secured, allowing unauthorized external access to the computer and its information.

Associate Dean Deb Mullen said the information about students who graduated between 2002 and 2005 was used in a study intended to analyze the practices of school districts and what could be done to improve test performance.

“The district was doing it for school improvement,” Mullen said.

The information was provided to the university by the ACT organization, with permission from District 86, according to Mullen. She said it is not uncommon for researchers to obtain student information from school districts. The difference, she said, is that these days the students are identified by randomly assigned student identification numbers.

“Back in those days Social Security numbers were used as ID numbers,” she said.

Letters were sent to all 4,000 students whose information was made accessible through the security breach. Although no one has reported the misuse of information involved in the security breach, Mullen said she has fielded many calls from former students who did not understand how the University of Nebraska had their information. She said many people involved also have accepted the university’s offer to pay for a year of LifeLock identity protection.

Also included among the 4,000 names involved in the security breach were students from Glenbard District 87 and students from schools in South Sioux City, Neb. Mullen said all of the information has been purged from the university’s records.

Representatives from District 86 could not immediately be reached for comment Friday.

Source: http://www.pioneerlocal.com/clarendonhills/news/1921349,hi-d86security-120409-s1.article

Presented by:

Wils Bell – Security Recruiter

SecurityHeadHeadhunter.com

407-365-2404

Bell (at) SecurityHeadhunter.com

Web: SecurityHeadhunter.com

LinkedIn Profile: http://www.linkedin.com/in/wilsbell

“Why work with a generalized recruiter when you could work with a specialized Security Recruiter!!”

Why I Don’t Share the Name of Client on First Recruiting Call

When I am recruiting for an open Security Job that is not a retained search, I usually do not share the name of my client with a cold called candidate for several reason,  until we have talked in detail.

First, I interview many candidates daily, and unfortunately I must tell several that they are not a match for “this job”.  Perhaps future jobs, but not this one. It does not mean that are not a good security candidate, just not a good match for this job. Sometimes, they on the other hand, feel that they are a great fit and want to proceed with the interview process. When I explain that the client wants and expects me  to pre-screen heavily so as only to present dead on matches, they get upset.  I have had these people try to go directly to the client themselves or call other recruiters and ask them to present them. If the company name has not been discussed, it protects me.

Also, I have had some very good intentioned people that knew my client name simply mention  to a friend or co-worker that I called and discussed a great opportunity with them at XYZ company and the friend or co-worker simply goes directly to the company without thinking about me. They did not mean to cut me out, they just did not realize they should call me to present them. After all, I am dealing directly with the hiring authority and can make things happen.

Please be aware that I do share the client name as soon as we (you and I) determine that it is a good match and worth proceeding forward with the process.

Since this is how I earn a living for me and my family please don’t be insulted by the process and my guarding my client name until we agree it’s a match.

Happy Holidays,

Wils Bell – Security Recruiter

Bell (at) SecurityHeadhunter.com

SecurityHeadhunter.com, Inc.

SecurityHeadHunter.com

Desk: 407-365-2404

I recently completed a search for a new client.

It was a situation I have come to see very often lately.

Here’s the scenario.

The client was a previous candidate of mine who had recently gotten a CIO job with a mid size company. Unfortunately, I  had not placed him in his job. He found it on his own, but he liked the efforts I had made on his behalf.

They had a Security Manager position that was about to become open due to someone relocating to follow a spouse. The current Security Manager had given 3 months notice of his relocation and two months had already past. They had tried advertising on 2 of the major job boards and received lots of resumes, but not a single one that was worth calling.

They had used a couple recruiters that were on the “Approved Vendor” list but simply got many of the same resumes they got from the job boards themselves.

When the CEO told my contact (CIO) to fill the position anyway he could, I got the call. I went in and meant with the CIO and current Security Manager to get a full job spec as I always do.

Since time was critical in locating local talent I also told them that I would only work the job as a exclusive search under exclusive search terms. They agreed!

Within 1 week  I  direct cold called recruited several candidates and was able to present 3 candidates that were all on target, followed up by 2  more a couple days later. The client listened to me and spoke to all 5 candidates by phone and decided to interview 3 in person. Of  those 3 he brought 2 back (the 3rd he felt was to heavy – not unqualified) for final interviews.

He decided one, with the second candidate being his backup. The offer was made and accepted by the candidate.

What makes this a nice placement is hearing the client say over and over during the process how please they were and that they should have called me first and not gone through the aggravation of the previous search efforts.

Once again, job boards and e-cruiting did not get results. There is a whole word of untapped candidates waiting to be found that most employers never know exists, because they are not answering ads and posting resumes online.

Direct Recruiting fills jobs with top talent.

Also, guess who’s the preferred vendor now.

LINUX Systems Administrator (senior)

Job Type:	Full Time
Job Location:	NJ
Compensation:	$120,000 base (maybe more) + 20% -30% bonus
Telecommute:	No
Education:	Degree a plus, but not required –will consider experience
Certifications:
Travel %:	minimal
Relo Paid:	N/A

RESPONSIBILITIES:

•     Provide engineering direction and implementation for the firms Linux systems inclusive of:

o     System performance tuning

o     Kernel configuration and memory management

o     Development and implementation of security polices in coordination w/ Security officer

o     System hardening for DMZ and like implementations

o     Establish consistency of server configuration and build process

•     Production support of 30+ trading systems

•     System admin of 1300+ growing Linux (CentOS/Red Hat) and 150+ shrinking Solaris server environment

•     Setup & manage Linux clusters for High Availability

•     Write complex Shell and Perl scripts

•     Benchmark server and storage systems

•     Manage FC/ iSCSI SANs (NetApp & EMC) using Veritas and LVM

•     Administration of SNMP based monitoring system

•     Support firm-wide Legato backup systems

TARGET CANDIDATE QUALIFICATIONS:

•     5 plus years of experience with Linux and Solaris OS (emphasis on Linux)

•     4 year degree or equivalent experience

•     Must have excellent communication skills and be customer focused

•     Engineer level understanding of Linux memory & Kernel systems

•     Strong middleware messaging configuration & troubleshooting experience (TIBCO/RV, Wombat, 29West, etc)

•     Strong understanding of TCP/IP + UDP and network concepts

•     Strong knowledge of client/server services like NIS, NFS, X …

•     Strong understanding of DNS

•     Strong troubleshooting skills in a high pressure environment working with network, security and development teams

•     Experience with large storage systems like NetApp, EMC, HP …

•     Shell and Perl scripting and/or C or C++

•     Experience in low latency/high performance environment in a financial setting or equivalent

•     Understanding of storage principles in high performance environment (RAID, file systems, etc)

•     Knowledge of Oracle, Sybase and MySQL performance tuning principles

For additional information on this outstanding opportunity please contact:

Wils Bell

Recruiter

407-365-2404

Security Jobs That Require Relocation

Recently I recruited a candidate for a Security position with a large company in the SE USA. This candidate was a cold called recruit as most of my candidates are. He lived in the NE part of the country.   I presented the opportunity to him and he was very interested in talking in detail about his skills and the job.

During my interview of the candidate, which lasted well over an hour, we discussed his skills, goals and of course his personal situation since the position requires relocation . By personal situation, I mean such items as;

*Homeowner or Renter

* Married or Single

*Does he have children at home

*If children at home, how old

* Would relo to this town be OK for him

* More importantly, how would his wife & children react to a relocation

After a full interview he said he had no problem with the location and he would discuss with his wife.  Children were young so that was not the issue.

He called me back the next day and let me know that his wife had not really thought about relocation, but said if it was a great opportunity for him then of course he should pursue the opportunity.

At that point I discussed the candidate with the hiring manger and we schedule a phone interview for the candidate about  10 days later. The interview last 2 hours and went great. The candidate loved what he heard and the hiring manager wanted to schedule a 2nd interview with another person on his staff before committing to fly the candidate down for an in house interview. That interview was set up also during the next 10 days and also went well.

At this point the client wanted to fly the candidate AND his wife down to see the area and interview for the job. The client however wanted to be sure the candidate and his family were OK with a move if the interview went well and they liked the area. Candidate assured me he wanted to go since it was a great opportunity and his wife was open to seeing the area also.

The client even sent a full detailed email they put together themselves about the area and it benefits. It included where others that worked for the company had come from and there likes and dislikes of the area.

Unfortunately it took several weeks for the candidate and client to come up with some mutual dates they could meet.

When we finally got a date that would work I called the candidate to confirm.

As you can probably guess at this pint he started to waiver. Appears that his wife now has second thoughts.  He said that she had no problem with him interviewing  for a position out of the area because she never thought it would go anywhere. When it was time to fly down, she thought if she kept stalling on the dates it would be dropped. The candidate informed me that his wife would fly down to the new city, but regardless how how nice the city was, or housing, or better cost of living she had already made up her mind that she would hate the city. He also stated that his wife would move, BUT she would be miserable everyday she was there and she would make sure he knew it.

Well, after some real digging on my part the truth came out.  The candidate admitted that he had suspected all along that his wife really was going to be an issue but he never really sat down with her and talked it out fully with her. He simply felt that she “would come around” to the idea. He was wrong.

Relocation for some people is not an issue,, but for others it is not. That’s why I spend so much time talking to candidates about the personal side of a relocation /job change.

As a candidate, if a new job opportunity comes along that requires relocation it is very important that you sit down and talk to the family about the relocation in the beginning. Once the interview with the client begins relocation is a real possibility. If your spouse or children or partner, etc are resistant that must be dealt with prior to interviewing.

If  it can’t be resolved then this position is not a match for you at the present time. Let it go.

If the candidate above had done what I asked in the beginning and was 100% honest then we could have found out why the resistance and perhaps solved the issue before he wasted my time and the client time.

Wils Bell

Bell@SecurityHeadhunter.com

SecurityHeadhunter.com