Network Services/Support

Description

DESCRIPTION
The Network Services/Support consultant will provide security analysis, notification and reporting for clients based on anomaly detection and defense alerts. The consultant will utilize a variety of network analysis tools, device management platforms and security event/information management (SEIM) systems. Will conduct in-depth analysis based on IP information, protocol headers, data payloads, log data, alert trends and correlated event data. Identify security incidents, provide supporting information to clients, and support the client through containment and remediation. Will differentiate valid alerts from false positives, tune the IDS/IPS/ADS configurations, update device policy, establish filters, and install updates. Ultimately responsible for defining, tracking and maintaining the standard baselines and configuration sets of all managed and/or monitored security devices and implementing industry best practices with regards to IDS/IPS, anomaly detection and network configurations. The consultant must also spend a proportion of their time keeping up with current vulnerabilities, attacks and appropriate countermeasures.

Qualifications:

• B.A. in tech field or equivalent combination of education, training & work experience. Security Certifications such as CISSP, GIAC or Security+ desired but not required.
• Minimum 4 years Network Security experience.
• Must have demonstrated success in managing, analysing and solving complex network technical issues.
• Strong TCP/IP Networking and packet analysis skills, plus a solid understanding of common network and application layer protocols.
• Experience with log analysis and Windows/Linux/Unix security configurations. SEIM platform experience desired but not required.
• Proficient in one or more industry IDS/IPS technologies such as Cisco IPS, Enterasys Dragon IDS/IPS, Fortinet IPS, Juniper IDP, McAfee IPS, Snort IDS, Sourcefire IPS and/or TippingPoint IPS.
• Experience with anomaly detection systems or netflow analysis desired but not required. Examples include Arbor Peakflow and Lancope Stealthwatch.
• Must have a solid understanding of network attacks and exploits, including detection and various categories/types of attacks.
• System administration or network administration experience desired but not required.
• Experience with Scripting or programming desired but not required.

SKILLS
TCP/IP Knowledge, Intrusion Detection/Prevention (IDS/IPS), IP Packet Analysis, Attack Recognition, Anomaly Detection
System/Network Administration, Firewall Knowledge, Routing/Switching, Unix/Linux Knowledge

Synectics offers competitive salaries and a full suite of benefits. EOE.