Description
Dear All
Greetings!
I am looking for a Sourcefire Consultant who has experience in IPS deployments/custom rules/policies/for a long term position in Abu Dhabi
- CSOC experience creating and deploying Source Fire policy (rulesets).
- This person will be responsible for that role as well as being a functional bridge between the Client Sensor Team and the CSOC Operations Team.
- She/He will ensure we have the right design for the mission and are in synch with SOPs being presented by CSOC ops.
- This person may also have to review documents by and make suggestions to that team.
- Operational experience designing and deploying SourceFire policies
- Must be especially strong in configuration to detect Command and Control Chanels;
- Strength in configuring to detect Indicators of Compromise is a bonus
- Experience creating custom rules for SourceFire
- Experience with new SourceFire IPS deployments inside and outside the enterprise network perimeter (outside the Firewall)
- Experience tuning the rules after deployment
- Experience handling SourceFire alerts in a SOC environment
- Operational experience customizing SourceFire dashboards to improve incident identification
- Experience documenting design and creating Work Instructions/Standard Operating Procedures
- Prefer experience writing Perl scripts
- Experience with SNORT a plus
Security Clearance must to DV level (Or having held one at some time in the past and not lost it for cause)
Must be a US/UK. Citizen in possession of a valid passport