Monthly Archives: March 2018

Apple Admits iCloud is really Google Cloud

Student Editorial

Apple has been very inventive, creating its own way of doing things, and therefore made themselves capable of saying “our way is better.”  The frequent debate of Apple and Android comes from Apple’s exclusivity and notoriety of iMessage, FaceTime, and Apple Music.

Now, Apple has expressed that it uses Google cloud, much like Android uses Google Cloud.  If there are any concerns about this being unsafe, it is important to know that Google Cloud services that are being used by Apple only store the encrypted version of your saved files; Apple uses AES-128 and a key derived from each file chunk’s contents, utilizing SHA-256.  While AES can be deemed insecure by many, it in combination with SHA-256 adds decent security.  It is after that that they are saved onto a Google Cloud Platform.

This may not affect Apple as much as this agreement has affected Google; this has given their cloud services a major boost in use in comparison to its Amazon and Microsoft Cloud competition.

Need more Proof?  The iOS Security Guide is frequently updated, and has recently confirmed use of Google Cloud for iCloud services.

 

Sources:

https://www.cnbc.com/2018/02/26/apple-confirms-it-uses-google-cloud-for-icloud.html

https://www.entrepreneur.com/article/309756

 

Highmark Health Enterprise/Mainframe Openings

Highmark Health has openings in enterprise/mainframe areas for new graduates.  You may qualify if you will be graduating in May and have experience with any mainframe courses such as:
INFS2130 / INFS6130  COBOL
INFS3130 / INFS6320  Advanced COBOL
INFS3212 / INFS6212   Enterprise Operating Systems (zOS)
INFS4242 / INFS6242  Enterprise DBMS (DB2)
INFS3131 / INFS6231  Enterprise TPS (CICS)
Interested students should contact Ashley Wodarek, University Relations Program Manager, ashley.wodarek@highmarkhealth.org

Internship and Full-Time Positions at Calgon Carbon

Calgon Carbon Corporation is looking for an Information Systems & Security Intern and a Governance, Risk and Compliance Security Analyst. Calgon Carbon is the leader in activated carbon technologies. Its Corporate Headquarters is located in Moon Township.

For the Internship:

The intern will be tasked with assisting with the development of the Calgon Carbon Governance, Risk and Compliance (GRC) development. They will work 40 hours per week.

Responsibilities:

  • Work with the GRC software to grow the platform and its use.
  • Work with our Managed Service Provider to align them to the GRC program and needs whether defining new policy or remediation of vulnerabilities.
  • Develop training for the required teams on how to use the GRC tool based on the modules that are built out. Example would be training audit on how to use the audit automation within the GRC tool.

Requirements:

  • Current undergraduate or graduate student, focused on Information Security, Information Systems, IT Risk, or related field of study.
  • Solid technical understanding of infrastructure and security operations.
  • Excellent analysis skills.
  • Excellent process engineering skills.
  • Solid understanding of Governance, Risk and Compliance and the benefits it provides to the company.
  • Ability to communicate in small or large groups and influence individuals to complete assigned deliverables.
  • Able to present findings or training session for users.

For the Analyst Position:

Calgon Carbon is seeking a Security Analyst with cyber security experience that extends into experience in Governance, Risk and Compliance (GRC) to assist Calgon Carbon in aligning with NIST SP 800-53/171 standards.

Responsibilities:

  1. IT security and audit experience with extensive knowledge of national/international security standards including NIST, PCI, DFARS, SOX, ITAR and other regulatory requirements. Conduct security audits and provide recommendations to mitigate risks, including anti-virus solutions, vulnerability scans, and disaster recovery and business continuity work practices.
  2. Design and implement solutions based on the requirements for the various standards that need to be implemented and followed.
  3. Conduct Information Risk Assessments as assigned. Clearly and concisely document and communicate risk assessment results as appropriate.
  4. Conduct and formulate appropriate risk scoring, as it relates to threat, vulnerability, likelihood, impact, security controls/counter-measures, etc.
  5. Create and maintain security policies and procedures including general corporate policies and specific technology requirements including build and hardening guidelines.
  6. Evaluate, configure and support security tools and solutions, i.e. SIEM, MFA, DR/BC, etc.
  7. Conduct gap analysis and create action plans.
  8. Monitor and/or complete daily, weekly, monthly and quarterly security tasks and work with Calgon Carbon’s Managed Service Provider (MSP) to execute and remediate as required.

Requirements:

  1. 3-5 years experience in cyber security space and building a GRC program against an industry standard, preferably NIST SP 800-53 and/or 800-171.
  2. University degree (B.A. or B.S.) – preferred IT, IT Cyber Security, Computer Technology or comparable
  3. Experience in managing and directing resources from contractor and vendors to achieve desired results
  4. Excellent organization, communication, presentation skills.
  5. Preference given for certifications, such as, CISSP, CISM, CEH, etc.
  6. Possesses a strong entrepreneurial spirit.

For the internship, students can apply here. For the analyst position, students can apply here.