Vacancy caducado!
- Bachelor's degree in Computer Science, Information Services or IT Security related field or a related field from an accredited college or an equivalent combination of education from an accredited college and experience may be considered in lieu of a degree.
- Minimum of 1 years' experience installing, maintaining and supporting security technologies in an office environment.
- Highly skilled technical position which requires individual with up-to-date expert security knowledge of Enterprise Network, Applications, Endpoint and Security infrastructure. Individual should possess advance knowledge of network communications, internet security systems, SIEM (Splunk), Firewalls, Intrusion Protection Systems, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Database, computer systems, Operating systems, Programming languages (Scripting and coding), Active Directory, Cloud Technologies (especially Azure) security event analysis and forensic investigation etc. Candidate should have industry standard security information on current trends, and evolving security of vendor products utilized in enterprise security.
- Utilizing this experience, this position will assist the CSOC Management in effectively maintaining an efficient Security Operation Center at the agency. More specifically, this position is part of the team charged with cyber security incident response, performing digital forensics, cyber threat research and hunting, vulnerability mitigation and incident investigation support activities related to the Cyber Security Operation Center (CSOC) This position will operate as part of a Cyber Security Threat Intelligence team within agency IT Security Operations unit and provide cyber security threat & vulnerability awareness to CSOC management with respect to current infrastructure security events, reporting cyber investigations and day to day security operation.
- The position requires continuous learning and up to date knowledge of all newly discovered threat and issues in cyber security world and to find ways to combat and detect security incident and breaches.
- The Security Specialist will be required to stay up to date with technical knowledge on all security products as well as any product that is used within organization that support critical and internet facing infrastructure.
- This position will require 24x7 on call availability.
- Provide real time monitoring, analytics and alerting on events occurring across the agency Enterprise Network & Security Infrastructure utilizing Splunk.
- Analyze, correlate, and report on security incidents trends occurring in the perimeter/internal infrastructure utilizing security event analysis tools such as Splunk.
- Provide Tier one security support to all agency users.
- Work with IT staff and customers to ensure awareness of security concerns, mitigation techniques and assist in following procedures or implementing controls as necessary.
- Knowledge of all associated Security Monitoring devices & tools which includes but are not limited to Splunk, Fire eye, Checkpoint, Palo Alto, Juniper firewall, McAfee IDS/IPS, McAfee DLP, Bluecoat and Websense Proxy, AD, Remote Access / VPN, Wireless etc.
- Knowledge of PCI-DSS/HIPPA/PPSI Compliance Controls and risk assessment.
- Assist and serve as backup to other staff members in supporting Cyber Security Operation Center 24x7x365.
- Perform cyber security incident response activities and digital forensic investigations
- Obtain / collect malware samples and decipher the underlying programming code using inhouse commercial and open source tools
- Provide real time monitoring, threat hunting, analytics and alerting on events occurring across the agency Enterprise Network & Security Infrastructure utilizing Splunk
- Review and analyze CSOC Analyst identified incidents and report on security incidents trends occurring in the perimeter/internal infrastructure utilizing security event analysis tools such as Splunk
- Provide Tier One & Two security support to all agency users
- Work with partners, vendors, departments, and law enforcement agencies to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets
- Work with IT staff and customers to ensure awareness of security concerns, mitigation techniques and assist in following procedures or implementing controls as necessary
- Maintain compliance of PCI-DSS/HIPPA/PPSI Compliance Controls and risk assessment
- Assist, document, and serve as backup to other staff members in supporting Cybersecurity Operation Center 24x7x365
- Process Threat Intelligence information, process indicators of compromise, and provide notifications from subscription based and other external sources
- Process cyber forensic evidence according to agency policies requirement
- Assist with refining cyber incident policies and procedures based on lessons learned
- Participate in cyber tabletop exercises
- Basic knowledge and familiarity with various components of an information security systems, including firewalls, authentication protocols, encryption software, remote access systems, and commercial off the shelf security products.
- Basic knowledge of analyzing, monitoring, investigating and troubleshooting methodologies appropriate to the implementation platform, e.g., servers, desktops, laptops, or mobile devices and various operating systems.
- Basic knowledge and familiarity with internet technologies and computer networking.
- Basic knowledge of troubleshooting and supporting technical issues both remotely and on-site using standard agency tools and techniques.
- Must possess a basic knowledge and familiarity with maintaining and supporting security hardware, software, network resources and protocols.
- Ability to read and understand schematic diagrams, technical manuals and documentation such that supported equipment and software can be maintained with minimal training.
- Ability to analyze, co-relate and investigate computer logs and incidents, requiring strong analytical thinking and understanding of various security technologies
- Strong oral and written communications skills.
- Strong analytical skills.
- Strong people skills.
- Must be able to move and lift up to 25lbs of equipment such as monitors, keyboards, CPUs, laptops, firewalls, etc.
- Possess working knowledge of programming languages and scripting tools such as: PowerShell, SQL, JAVA, HTML, JavaScript, C, C#, XML, Perl, and Python
- Proven knowledge and familiarity with various components of information security systems, maintaining and troubleshooting security resources including, but not limited to Firewall software, Encryption software, remote access solutions, SIEM Authentication and commercial off the shelf security software with the ability to support this software on servers, desktops, laptops, and mobile devices and various operating systems
- Demonstrated knowledge of analyzing, monitoring, and investigating various internet security technologies and computer networking.
- Strong critical thinking skills
- Ability to troubleshoot and support technical issues both remotely and on-site using standard agency tools and techniques
- Strong presentation skills
- Bachelor's degree in Computer Science, Information Services or IT Security related field or a related field from an accredited college or an equivalent combination of education from an accredited college and experience may be considered in lieu of a degree.
- Minimum of 1 years' experience installing, maintaining and supporting security technologies in an office environment.
- Bachelor's degree in Computer Science, Information Services or IT Security related field -Or- A satisfactory equivalent with at least 2 years of Information Technology experience.
- 1 - 2 years of experience Tier 1 & 2 support for cyber security operation center. Experience with performing network security administration such as firewalls, IPS, Proxy, VPN, Wireless Security, NAC, security event correlation tools etc.
- 1 - 2 years of experience with application security, data encryption, identity management, policy & procedure. Experience with Perform log correlation between security, network and application logs including troubleshooting and performing root cause analysis of complex IT solutions.
- Must possess a minimum of 1 - 2 years' experience with security analysis and forensic investigation.
Vacancy caducado!