MINIMAL RISK is advertising on behalf of a client for a Tier 2 Medic/ Deputy Team Leader to work in the Middle East. The role of the Tier 2 Medic/ Deputy Team Leader is to support the Team Leader, providing the link between the Team Leader and the remainder of the team in addition to providing medical support to the client and team. The Tier 2 Medic/ Deputy Team Leader shall provide general medical care, emergency medical care (when required), conduct training to ensure the team remains medically trained to the standards laid down by Olive Group.
The Tier 2 Medic/ Deputy Team Leader shall also supervise and conduct team administrative duties as directed by the Team Leader. KEY TASKS AND RESPONSIBILITIES 1. Medical First response medical emergency cover, trauma or primary care Working within a strictly applied and audited clinical governance structure, liaison with reach-back support to a clinician in the UK as required Medicine management for the controlled drug register, storage and accountability of medical equipment Generate and maintain accurate confidential patient reports Exercising professional judgement and personal initiative to make informed decision in relation to patient care Data management, weekly medical returns to Olive Group s nominated medical governance provider Ensuring all medical equipment issued is serviceable and in date Authorisation of the Remote Medical Support Function Total familiarity with standards applied to the Health Profession Council s Standards of Practice for Paramedics Maintaining and practicing within the legal and ethical boundaries applying appropriate professional accountability 2.
Operational Delivery Supports the Team Leader in the command and control of the mission, to ensure that team members are equipped and supervised in accordance with Olive Group Standard Operating Procedures In consultation with the Team Leader, he is dually responsible for ensuring the team fully understand and remain compliant with the Rules for the Use of Force (RUF) and Graduated Force Response (GFR) Assisting in the planning and execution of missions as directed by the Team Leader Prepared to assume the role of Team Leader when required Dually responsible with the Team Leader for vehicle maintenance and oversight Comprehension of the need to comply with local security forces directives whilst operating Responsible with the Team Leader for ensuring communications checks are conducted prior to mission commencement Responsible with the Team Leader for maintaining the communications link with Olive Group Operations Room management during the mission with an understanding of Operational Communications back up plan in the event of communication breakdown For more information follow the link below.
Tier 2 Medic/ Deputy Team Leader, Middle East. – PALADIN JOBS
See more here: Tier 2 Medic/ Deputy Team Leader, Middle East.
Are you exhausted by the vast number of measures your organization needs to keep its systems and data safe ? You’re not alone.
The last thing any company stakeholder wants is to be in the headline of a news story about a security breach . Not only does it do irreparable damage to your reputation, but it could also have a huge monetary impact on both revenue and the overall value of your company . Just ask Yahoo, which, after reports of being hit by two major data breaches last year, had to settle for a $350 million price cut in its sale to Verizon1. In 2016 alone, 1,093 US companies and agencies were breached, a 40% increase from 2015, according to the Identity Theft Resource Center2 . Cyberthreats will continue to expand, whether ransomware, phishing, or a full system takeover . But while cybercrime continues to rise, so does the number of companies and point solutions attempting to keep your system safe .
All of these factors are causing security spending to go up, increasing from $68.2 billion in 2015 to $73.7 billion in 2016 . Herein lies the problem. Enterprises are now receiving so much noise from so many point solutions that it’s become incredibly difficult to discern the false positives from actionable information . In today’s environment, that’s exhausting for the security practitioners and can cause them to become apathetic and disillusioned in trying to support too many disparate data sources . In other words, the lack of a solid strategy can lead to security fatigue . This can manifest in the operations environment wherein important alerts are ignored . The objective for a security team is to build programs that deliver actionable intelligence .
That doesn’t necessarily mean security teams need to build an empire. The security fatigue phenomenon affects consumers and enterprises alike . According to the National Institute of Standards and Technology3 (NIST), security fatigue is also causing consumers to make poor security decisions, such as reusing the same password across all online accounts . But what enterprises can glean from this report is NIST’s suggestions to combat security fatigue, including limiting the number of security decisions that users need to make; making it simple for users to choose the right security action; and designing for consistent decision making whenever possible. But up until a few years ago, many enterprise networks in Fortune 500 companies didn’t have the ability to identify a compromised network or subnet in a timely manner .
Now, the sheer amount of security measures used to detect a network compromise can create this fatigue . Without knowing what to pay attention to, identifying an inside threat is like trying to find a needle in a haystack. There are two methods to find that needle . The first is to burn the entire haystack and make it so that the only thing left is the needle itself . The second is to correlate the data and identify the needle expeditiously . The average dwell time before identifying a network breach is approximately 200 days; however, with the proper tools it should take only a matter of hours or a few days, depending on the sophistication of the attack.
To identify the correct path, the security team needs to correlate data in a meaningful, actionable way and present the right information to executives and C-suites, such as log files, metadata, and vulnerabilities . Instead of throwing money at a new security service, this allows C-suites and executives to ask the right questions and figure out if new offerings are relevant to their own security program, and how well it will be integrated with their data feeds. Together, the C-suite and security team should be asking how their security program can determine if someone made it through their security defenses . Breaches are usually found and reported through third-party sources and not the company itself . If security team members are asked these questions and they’re left with a blank look on their faces, there are holes in the security program.
In 2013, hackers stole up to 40 million credit and debit card accounts in the now infamous Target breach4 . After the company’s forensic team went in, it also realized that up to 70 million customer names, emails, and phone numbers were stolen . Their ability to go in and find new vulnerabilities after the fact shows that the information was there the whole time, but they may not have been correlating the data/logs to make them useful and actionable. Some industries do a better job with security than others, but ultimately most enterprise environments should improve their ability to correlate security data in real-time to get actionable insights and have situational awareness . Correlating data means taking a look at everything from logs to metadata to find abnormalities and quickly catch potential breaches.
Security fatigue has taken its toll on industries and enterprises, but it’s time to create a plan to corral security software and investments and create an environment that will properly protect the crown jewels . If breaches keep slipping through the cracks and customer and company data continues to be stolen, the role of chief security officer could leapfrog the chief information officer in the reporting structure . But in the end, it falls on the company as a whole, and it is time for everyone to start finding the needles in the haystack before everything gets burned down needles and all.
Rick has more than 20 years of deep information security experience . Prior to joining Code42, Rick was VP and chief information security officer at eBay, led and built a variety of global security programs at Apple, and directed global security at Lam Research .
Persirai malware has infected 120,000 Chinese-made IP cams
IT IS A WEDNESDAY, so it will come as no surprise that there’s a new Internet of Things (IoT) threat dong the rounds. Trend Micro has uncovered this latest threat, dubbed Persirai, which has reportedly been infecting Chinese-made wireless cameras for around a month now. The Mirai-like threat1, which is said to have infected 120,000 IP cameras so far, exploits flaws in the cameras that a security researcher reported back in March, Trend Micro claims2.
What’s more, owners of affected cameras unlikely will know that they have been affected, which the security firm says “makes it significantly easier for the perpetrators behind the malware to gain access to the IP Camera web interface via TCP Port 81.”
“IP cameras typically use Universal Plug and Play (UPnP), which are network protocols that allow devices to open a port on the router and act like a server, making them highly visible targets for IoT malware,” the researchers explained.
Once a hacker logs into the interface, he or she can then carry out a command injection to force the IP camera to connect to a download site to issue commands that download and execute malicious shell scripts . After the samples are downloaded, the Persirai malware deletes itself and runs only in memory.
“After receiving commands from the server, the IP Camera will then start automatically attacking other IP Cameras by exploiting a zero-day vulnerability that was made public a few months ago,” Trend Micro notes.
“Attackers exploiting this vulnerability will be able to get the password file from the user, providing them the means to do command injections regardless of password strength.”
Trend Micro warns that owners of a Chinese-made wireless camera should be on guard and should make sure that they are not using the default password. However, the real problem is the maker of these cameras, the security firm adds.
“The burden of IoT security does not rest on the user alone it’s also dependent on the vendors themselves, as they should be the ones responsible for making sure that their devices are secure and always updated,” Trend Micro concludes.
- ^ Mirai: Windows Trojan helps hackers infect Linux-based devices with IoT malware (www.theinquirer.net)
- ^ Trend Micro (blog.trendmicro.com)
- ^ BrickerBot: Mirai-like malware threatens to brick insecure IoT devices (www.theinquirer.net)