Description
Job Description:
- Operational experience designing and deploying SourceFire policies
- Must be especially strong in configuration to detect Command and Control Chanels;
- Strength in configuring to detect Indicators of Compromise is a bonus
- Experience creating custom rules for SourceFire
- Experience with new SourceFire IPS deployments inside and outside the enterprise network perimeter (outside the Firewall)
- Experience tuning the rules after deployment
- Experience handling SourceFire alerts in a SOC environment
- Operational experience customizing SourceFire dashboards to improve incident identification
- Experience documenting design and creating Work Instructions/Standard Operating Procedures
- Prefer experience writing Perl scripts
- Experience with SNORT a plus
General Description of needs: Ideal Candidate is someone who has operational and CSOC experience creating and deploying SourceFire policy (rulesets). This person will be responsible for that role as well as being a functional bridge between the Client Sensor Team and the CSOC Operations Team. She/He will ensure we have the right design for the mission and are in synch with SOPs being presented by CSOC ops. This person may also have to review documents by and make suggestions to that team.
Note: UK citizen are eligible to apply