Description
Responsibilities:
Responsible for the deployment, engineering/configuration and maintenance of network security infrastructure and monitoring tools, Includes Gigamon bypass taps, SourceFire IDS/IPS, FireEye Web, Industrial Defender, Ironport Web Filtering, Custom Sensors, and Splunk forwarders/indexers.
Includes implementation of new security tool stacks in key network segments, including those related to mergers/acquisitions and third-party services, to improve monitoring visibility
Support transition of security tools from a detection to in-line active prevention configuration.
Coordinate installations/implementations through direct collaboration with IT Infrastructure/Network, Architecture and Operational teams
Develop logical network diagrams depicting the location/specifications of security tools across the corporate IT network
Create and maintain documentation, including support/maintenance/troubleshooting procedures, for the suite of security tools
Supporting the tuning, including rule/signature development, for IDS/IPS
Develop and tune performance/health monitoring of security tools
Assist with acquiring security system/tool quotes and placing orders
Participate in on-call security system engineering rotation. Be available for after-hours troubleshooting in the event of a problem with a security tool (eg, security tool adversely impacting legitimate network traffic)
SKILLS:
Qualifications:
Bachelor's degree in Cyber/Information Security or related discipline
Cyber Security certifications and industry recognized training programs
Working knowledge of log management, security event, and application monitoring practices
Good understanding of Linux and Windows operating systems and internals
In depth understanding of network architecture fundamentals including TCP/IP, DNS, Firewalls, routing, and troubleshooting
In depth understanding of IT system management practices and processes including troubleshooting, optimization, system hardening, and change management
Slunk Desired