A technical expert in Information Security who is fully qualified and an individual contributor. The engineer will need to show advanced knowledge of information security services/analysis concepts, practices and procedures. The engineer will be expected to work on the most complex assignments and perform a comprehensive range of information security services operations activities. The engineer will work under demanding deadlines and often handles heavy workloads, operating with only limited supervision.
- Install/maintain/support/diagnose IDS/IPS.
- Install and configure upgrades/updates
- Produce and distribute weekly reports to identify the state of the environment. Specifically, identify non-compliant platforms
- Follow up with site administrators for status on non-compliant platforms and maintain any necessary exception documentation.
- Configure and maintain Web/Email and IDS/IPS policies
- Perform database maintenance on Web/Email and IDS/IPS management consoles
- Maintain documentation for exceptions to standards.
- At least 5 years of experience supporting a multiple customer base system and network environment using Cisco, Symantic, O365 EOP, MXLogic, IIS, Sendmail, Brightmail, EXIM, PGP, Websense, Bluecoat, TMG, Scansafe, ISA, McAfee Web Gatway and IDS\IPS, Firepower, Palo Alto, Fireeye, Cisco Ironport\WSA and IDS/IPS, TACACS, Sourcefire and Snort products.
- Excellent verbal and technical writing skills, as well as the ability to effectively convey information security concepts and requirements to a non-technical audience, including both internal and client-facing engagements.
- Provides timely and adequate response to threats/alerts, including off-hour support.
- The ability to assess securityevents to drive to a resolution.
- Provides timely and sufficient response to security incidents and assessment services. Documents findings.
- Promotes security awareness.
- Works towards exceeding service levels and customer expectations.
- Assists in defining processes to carry out all security operations functions.
- Continuously works to improve the quality of information security services.
- Provides data for operational metrics and progress reports.
- Experience in a 24x7 SOC (Security Operations Center is a plus
- Bachelor’s degree in computer science, specialized systems training, or equivalent work experience
- Network engineering knowledge
- Strong, organizational, analytical, and interpersonal skills
- Ability to execute with a sense of urgency