Security Engineer/ IDS/ SIEM
Company Name:
On-Call Recruiting
Qualifications & Knowledge Requirements
Experience:
Experience: 10 years technically related experience with network and security operations
Desired Security Certifications:
CISSP
CCNA
CEH
Security Plus
Required skills:
Analytical
Experience:
Implementing Incident Response procedures
Solid understanding of performing risk and vulnerability assessments
Strong Security background and experience in large enterprise environment
McAfee Security Information and Event Management (SIEM)
Splunk ES
Regex
McAfee Web Gateway Proxy
Basic understanding of Web Gateway functionality and operations as they relate to Network Security in an enterprise environment.
Additional Applications:
VMWare (VCenter Server)
Snort
Dragon
Check Point Firewall (IDS Blade)
Sourcefire Defense Center and Sensors:
Experience with signature and rule creation
Deployment of Virtual Defense Center
Security Enhancement and Policy Updates
3D Sensor deployment
Whitelist compliance and traffic tuning
RNA and RUA functionality/management
ITOS Task 7 Intrusion Protection (Statement of Work)
Background
DISSAO provides intrusion protection and vulnerability assessments of the SSA Information systems at various inter-dependent levels. The assessment of the networks security is a crucial first step in providing intrusion protection. Additionally DISSAO provides remediation to security incidents. A key ingredient of this remediation is the recommendation of immediate corrective actions to systems known to have any security weaknesses or vulnerabilities.
Scope of Task
The objective is to evaluate, identify and classify all anomalous traffic across SSA net and then to provide corrective action.
In support of the task, the contractor shall perform activities such as those described in the sub-tasks below.
Sub-Task 1: Intrusion Protection and Vulnerability Assessments
Purpose: Provide intrusion protection and vulnerability assessments at all levels of the SSA computing enterprise including current SSA systems, SSA systems under development or scheduled for implementation.
Activities:
Provide senior-level advisement to division management and adjacent staff related to Intrusion Protection and Vulnerability Assessments.
Monitor Intrusion Detection System (IDS) sensors and infrastructure and other monitoring tools based on a schedule defined by SSA Management.
Monitor vulnerability scanning infrastructure based on a schedule defined by SSA Management.
Evaluate risk models developed by SSA and provide feedback to the Task Manager.
Perform ad-hoc scanning as defined by the Task Manager.
Develop scripts using UNIX shell scripting, Perl, PHP or Visual Basic for use in analyzing traffic patterns and anomaliesEstimated Salary: $20 to $28 per hour based on qualifications.
On-Call Recruiting
Qualifications & Knowledge Requirements
Experience:
Experience: 10 years technically related experience with network and security operations
Desired Security Certifications:
CISSP
CCNA
CEH
Security Plus
Required skills:
Analytical
Experience:
Implementing Incident Response procedures
Solid understanding of performing risk and vulnerability assessments
Strong Security background and experience in large enterprise environment
McAfee Security Information and Event Management (SIEM)
Splunk ES
Regex
McAfee Web Gateway Proxy
Basic understanding of Web Gateway functionality and operations as they relate to Network Security in an enterprise environment.
Additional Applications:
VMWare (VCenter Server)
Snort
Dragon
Check Point Firewall (IDS Blade)
Sourcefire Defense Center and Sensors:
Experience with signature and rule creation
Deployment of Virtual Defense Center
Security Enhancement and Policy Updates
3D Sensor deployment
Whitelist compliance and traffic tuning
RNA and RUA functionality/management
ITOS Task 7 Intrusion Protection (Statement of Work)
Background
DISSAO provides intrusion protection and vulnerability assessments of the SSA Information systems at various inter-dependent levels. The assessment of the networks security is a crucial first step in providing intrusion protection. Additionally DISSAO provides remediation to security incidents. A key ingredient of this remediation is the recommendation of immediate corrective actions to systems known to have any security weaknesses or vulnerabilities.
Scope of Task
The objective is to evaluate, identify and classify all anomalous traffic across SSA net and then to provide corrective action.
In support of the task, the contractor shall perform activities such as those described in the sub-tasks below.
Sub-Task 1: Intrusion Protection and Vulnerability Assessments
Purpose: Provide intrusion protection and vulnerability assessments at all levels of the SSA computing enterprise including current SSA systems, SSA systems under development or scheduled for implementation.
Activities:
Provide senior-level advisement to division management and adjacent staff related to Intrusion Protection and Vulnerability Assessments.
Monitor Intrusion Detection System (IDS) sensors and infrastructure and other monitoring tools based on a schedule defined by SSA Management.
Monitor vulnerability scanning infrastructure based on a schedule defined by SSA Management.
Evaluate risk models developed by SSA and provide feedback to the Task Manager.
Perform ad-hoc scanning as defined by the Task Manager.
Develop scripts using UNIX shell scripting, Perl, PHP or Visual Basic for use in analyzing traffic patterns and anomaliesEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
