Join the Community Helping Secure the Connected World
CIS(R) Center for Internet Security, Inc. is a not-for-profit organization that uses a global community of volunteers to develop and verify best practice configuration security guidance for a wide variety of commonly available technologies used by people worldwide.
These documents are called CIS Benchmarks(TM) and there are over 140 Benchmarks freely available on the CIS website (www.cisecurity.org/cis-benchmarks/) for technologies ranging from Linux(R) servers to iOS tablets to networking equipment. These security configuration standards are being used by a wide variety of global industries to secure their systems (financial, healthcare, manufacturing, etc.).
Unlike vendor-provided security guidance, CIS Benchmarks are developed using a consensus-based methodology, which draws from and depends on a diverse community. This diversity ensures that a broad range of application types are taken into account and results in more globally applicable security guidance.
We are looking for qualified individuals to join this global volunteer community!
What technology experience is of interest?
Our communities are constantly looking to secure a wide variety of technologies, and these are always changing. Some areas of current interest are:
Microsoft Windows (Workstation and Server)
Linux(R) (Red Hat(R), CentOS(R), Debian(R), Ubuntu(R), etc. (Workstation and Server)
Hypervisors (VMWare, Hyper-V(R), etc.)
Mobile devices (iOS and others)
Cloud systems Networking equipment (Palo Alto, F5(R), etc.)
Who are we looking for?
Successfully developing CIS Benchmarks requires a wide variety of skills. In general, we are looking for individuals with one or more of the following types of skills and capabilities willing to contribute some of their time to the common cause:
Technical and Security Subject Matter Experts: Individuals with expertise in a given technology family and/or in broad security issues and system interactions. Generally, experienced security-focused system and network administrators have filled this role.
Technical Writer: Individuals with expertise in communicating technical subjects clearly to a diverse audience. Generally, individuals who are good writers/proofreaders have filled this role (English is the standard language of the CIS Benchmarks).
Tester: Individuals with expertise in testing various criteria/rules against specific target systems and reporting results. Generally, individuals with access to relevant test systems (network devices and other special hardware) have filled this role.
If you can help in any area, even only a few hours a month, please come join the team!
How can I contribute?
People contribute in a wide variety of ways, some contribution examples include:
Reviewing and submitting spelling corrections to CIS Benchmark documents
Drafting a new set of configuration items for a CIS Benchmark document
Reviewing and commenting on the technical details of open discussions and tickets on a specific CIS Benchmark
Leading the development of an entire CIS Benchmark document
It varies tremendously, but all contributions are meaningful and valued.
What is in it for me?
Besides the fun of being part of an active community of your peers working toward a common goal, and a warm feeling inside knowing you are making the world a safer place, other perks include:
Listing of key contributors on the public CIS Benchmark document
Continuing Professional Education credits (CPEs) for various certifications
Bragging rights to your friends and family about how you are now helping keep them all safe! :-)
CIS swag at regular intervals
The opportunity to work with security professionals from all over the world on a common goal
What is the next step?
If you are interested please click on the "I What to Help" button above for more information and I can walk you through how to get started.
No additional volunteer opportunities at this time.
About CENTER FOR INTERNET SECURITY INC
31 TECH VALLEY DR, E GREENBUSH, NY 12061, US
The CIS Vision: Leading the global community to secure our connected world The CIS Mission: - Identify, develop, validate, promote, and sustain best practice solutions for cyber defense - Build and lead communities to enable an environment of trust in cyberspace
CIS(r) (Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats.
The CIS Controls(tm) and CIS Benchmarks(tm) are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals.
Our CIS Hardened Images(tm) are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud.
CIS is home to both the Multi-State Information Sharing and Analysis Center(r) (MS-ISAC(r)), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center(r) (EI-ISAC(tm)), which supports the cybersecurity needs of U.S. State, Local and Territorial elections offices.
Computers & Technology
We'll work with your schedule.
This is a Virtual Opportunity, with no fixed address.
July 12, 2020
Microsoft Office Suite
Security / Network Administration
SQL / MySQL
Time - It varies tremendously depending on your level of commitment. We have valuable contributors that contribute a few hours a month and others that contribute many hours a week. Time is not important, quality contributions are.
Other - It is expected you have your own computer and Internet connection to access our Benchmark development environment.