|
|
Jan 5, 2021 |
Morrisville/Eagan, MI/Gatehouse, NC |
|
|
|
|
IDS/IPS Security Engineer knowledgeable in CISCO Firepower platforms, Next Generation firewalls, intrusion detection and protection systems.
Responsibilities: • Operate, maintain, and deploy IDS and IPS devices. • Maintain intrusion ruleset, optimizing detection, configure NGFW ACLs, general device configuration and maintenance, troubleshoot the devices when needed, • Provide operational requirements and recommendations to the Security Architects for service enhancements and system improvements. • On-call availability for network impacting or network outage situations outside of business hours • Effectively work within a Security team, and support and collaborate with other teams • Conduct Intrusion event analysis and support security operation center (SOC) incident response, threat detection teams. • Develop documentations, e.g. standard operating procedures (SOP), and support audit events • Develop reports on systems status and performance.
Required Skills: • CISCO Firepower Threat Defense IDS/IPS, FMC • Prior job experience maintaining and troubleshooting IDS/IPS devices • Experience with Splunk and other SIEM tools. • Proficiency with packet analysis/Wireshark • Networking – routing and switching, TCP/IP stack, IP subnets, VPN • Scripting – python, perl, javascript. • Experience with threat analysis, triage, and mitigation • Experience with Linux • Experience with packet analysis • Knowledge of databases • Knowledge of networking and network protocols • Certification in one or more of the following: Security+ or CISSP
Desired Skills: • Networking+, CEH, GCIH, CCNA Route Switch or CCNA Security, CCNP Route Switch or CCNP Security, CCIE Route Switch or CCIE Security • Experience with threat analysis, triage, and mitigation • Tipping Point IDS, ATD, DDI, DDD, SPS, SMS • Understanding of NGFW ACLs • Experience writing Snort rules • Proficiency with Wireshark • Experience with Splunk • Ability to write clear procedural and technical documentation • Knowledge of external authentication and user management • Experience troubleshooting network problems at layers 1, 2, and 3
|
|
|
|
|
|