Description
Indefinite contract for a Network FirePower Security Engineer.
We need a contractor in the position for many years. Responsibilities include design, implementation and support of Cisco's FirePower Firewall.
Major Duties:
Assist with the transition from the current Cisco ASA FW platform to the Cisco FirePower FPR 4150 NGFW(Management 2500 and 4150 NGFW. Maintain FMC 2500 Management device.
Administer Cisco AMP endpoint security infrastructure, set policy and monitor endpoints for threats.
Manage and monitor OpenDNS service, analysing all events and reporting alerts to management
Hardening of network, software and firmware
Security tool development (eg scanning tools)
Consult across different software development teams
promote, maintain and validate the availability, integrity, and confidentiality of the organizational information assets
Manage/administer corporate-wide endpoint security solution
Develop and implement IT Security strategies, policies, and procedures
Assist with vulnerability assessments of information systems including regular audits
Analyze Intrusion Detection and Intrusion Prevention logs under technical direction
Present security status reports and project status to management and business
Assist with patch management of all systems
Recommends short-term alternatives when appropriate
Provides Tier 2/3 support
Successful providers should have a solid understanding of hardware and software network configuration and experience interacting with people at a variety of levels. The position requires demonstrated ability to communicate technical concepts. We are looking for someone who has a good mix of technology interaction skills and hands-on technical ability.
Required Skills and Experience in a majority of the following skills:
FirePower implementation and support
Experience in securing systems and network platforms, such as Active Directory or Cisco technologies
Knowledge of various aspects and components of information security such as encryption methods/standards, Real Time intruder detection, perimeter security, event correlation, authentication services, vulnerability analysis, and incident handling and forensics
Threat identification and isolation
Network Access Control
IPS/IDS Technologies Next Generation Firewalls
Web Application Firewalls
Cryptography
Virtual Private Networks Site-to-Site and Client
Anti-Malware tools
Anti-Spam tools
Identity and Access Management.
Content Filtering
Data Classification
Network and Architecture
System administration
Multi-factor authentication
Patch and configuration management