* Candidates must have - vulnerability management and penetration testing (nessus etc). The job role requires daily operational usage of vulnerability management, pentesting tools and SIEM/Log reviews
*Must have extensive Hands on Exp with CISCO security devices
Senior Systems & Network Security Engineer Position Summary
seeking a senior Systems and NetworkSecurity Engineer for support of its cloud datacenter
The primary responsibility includes managing and maintaining the security and compliance for a FedRAMP authorized cloud operation.
Ideal candidate will have experience with Federal Information Security Act (FISMA) and/or FedRAMP, National Institute of Standards and Technologies (NIST) security controls and their implementation for a secure environment.
Open to national search as a remote position based out of any state (but prefer Southern California). If out state, must be able to work a base schedule that coincides with California working hours of 8:00 AM to 5:00 Pacific Time, Monday through Friday.
Key Job Duties
· Identifies, responds to, and mitigates sophisticated threats to computer networks, IT infrastructure, and information systems
· Extensive knowledge of firewalls with configuration experience with Cisco ASA in various setups such as single and multi-context. Must be able to build complex NAT and access control rules, document configurations for compliance review and maintain configuration baseline in accordance with security benchmarks
· Build, maintain and support multiple IPSEC site-to-site and/or DMVPNs across Cisco IOSrouters and ASA firewalls. Troubleshoot VPN connectivity issues
· Basic understanding of routing and switching technologies (Cisco based will be advantageous)
· Experience with designing, implementing and operating Cisco ISE platform for access control using TACACS, RADIUS and MAB. Implement and support802.1x capable networkinfrastructure using Cisco ISE
· Maintain and support multifactor authentication deploying using RSA SecurID with Active Directory, ASA, and Cisco ISE integration
· Implement and maintain IDS/IPS systems using Cisco Firepower appliance, Snort and Suricata. Understanding of Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS), Proxies (Web and Email), and Data Loss Prevention tools
· Experience with vulnerability scanners like Nessus and Acunetix. Conduct information assurance compliance testing using automated tools and manual tests. Use Nessus for configuration baseline testing such as CIS benchmarks, database and web applicatinning.
· Compile and correlate compliance testing results for weekly and monthly reporting, working withengineering staff to ensure that identified vulnerabilities are addressed. Support CISO maintaining POA&M
· Understanding of PKI using internal Root Certificate Authority. Deploy and maintain certificate lifecycle across infrastructure
· Serve as a deeply skilled and knowledgeable resource within the SIEM technology area. Experience with implementation, management and operation of Security Information and Event Management (SIEM) tools
· Participate on interconnecting the SIEM tool with sources of security incidents – e.g. logs from servers, network and security devices, Vulnerability Management system, Antivirus system, etc
· Conducts security monitoring and incident response activities, including advanced investigation (forensic, malware analyses, root cause analysis etc.) to examine potential intrusions, security incidents, incident prioritization and false positives
· Secure systems and perform hardening based on security benchmarks, vendor provided guidance and custom developed baseline
· Deploy and operating Symantec Antivirus, application whitelisting, and application level firewalls
· Generation of technology documentation and diagramming with tools such as MS Word, Excel and Visio
· Supportssecurity review and documentation processes
· Familiar with various Risk and Compliance management frameworks such as NIST800-53, PCI etc.
Minimum Qualifications (regard as necessary requirements unless specified as “preferred” or “highly desirable”):
· Bachelor’s degree in Computer Science, Information Technology, Information security or a related field
· Minimum 4 years of experience in a similar role, networksecurity
· 3+ years of strong experience with SIEM tools
· 3+ years of experience with scanning tools such as Nessus
· 3+ years of strong experience with Cisco Firewall management.
· 2+ years of experience with TACACS,RADIUS (Cisco ISE, RSA SecurID preferred)
· 2+ years of experience with intrusion detection and intrusion prevention systems
· 2+ years of experience with Multifactor authentication
· 2+ years of experience with enterprise level anti-virus such as Symantec endpoint protection
· Knowledge of PKI operations
· Knowledge of Windows and Linux Operating systems
· Strong troubleshooting skills
· Process both technical and non-technical problem solving and troubleshooting skills with the ability to conceptualize, plan, develop and deliver a variety of creative solutions.
· Ability to identify, develop and document business requirements, technical requirements and functional design.
· Ability to document and explain complex technical concepts.
· Ability to write, edit, and prepare graphic presentations of technical information for both technical and business personnel.
· Experience in organizing information in a way that is appropriate for technical explanations without losing sight of the needs and aptitude of the audience
· Technologies: TACACS / Radius, AAA, Firewalls, VPN, Intrusion Prevention Systems, MAC Authentication Bypass, PKI, Dynamic routing, L2 / L3 Switching Equipment: Cisco ISE, ASA Firewall, IPS Module,, RSA SecurID, Syslog servers, Orion monitoring tools, AlienVault SIEM
· Certifications - CISSP
· Prior experience in government agencies subject to FISMA
· Experience with Cloud environments is highly desirable