The Security Administrator, working in a team environment, maintains our clients Information Security systems. Primary activities include administration of Firewall, Intrusion Prevention System, Security Incident Event Manager (SIEM) and Vulnerability Management System with the ultimate goal of ensuring that data entrusted to our client remains secure.
ESSENTIAL JOB FUNCTIONS
- Documentation and Creation of Information Security System Administration procedures.
- Perform network security assessment, risk assessment, and vulnerability testing.
- Securely implement the addition of new network components.
- Vulnerability Management and Remediation: Review current environment for vulnerability exposure and emerging threats and manage remediation cycles.
- Monitor and investigate potential Information Security breaches.
- Perform day to day management of the Internet content filtering system, Patch Management, IDS/IPS, Anti-Virus system, and Security Incident and Event Management System. Includes policy management, systems administration and configuration, maintaining the systems noted above, and all underlying hardware, OS, and databases.
- Participate in investigations of SIEM items to determine root source and validity of reported events. Assist with ongoing tuning of the SIEM tool and reports.
- Works directly with the Information Security Officer (ISO) to implement appropriate content filtering rules, troubleshooting issues, and assist with Security specific reports.
- Proactively identifies or rapidly responds to customer security issues.
- Applies extensive technical expertise in the management of security tools and remediation of security events/incidents.
- Provide technical assessment of the security impacts from changes to operational networks.
- Develop secure network architectures, requirements, operational concepts, and security accreditation plans and procedures.
- Evaluate new hardware and software technology as it applies to information security.
- Participate in IT security incident response
What level of education or specialized training is required to perform the job?
- BA/BS in computer science, information systems or equivalent work experience, communications/networking or equivalent required.
List any special certifications, licenses, and/or knowledge requirements for this job:
- CISSP, GSEC, CEH certifications are a plus.
How many years of directly related job experience are required to be qualified to enter the job?
- 5 to 7 Years
- Experience administering data antivirus solutions; Symantec, McAfee, CA.
- Experience managing and maintaining a SIEM such as Nitro, Arcsight, Q1Radar, or SecureVue
- Experience administering Intrusion Detection and Intrusion Detection Systems (IDS/IPS)
- Experience managing and maintaining Vulnerability Scanners such as Qualys, NeXpose, or nCircle
- Experience administering Firewalls; Cisco ASA/PIX, Palo Alto etc.
- Experience administering web and email filtering solutions.
- Experience with Network traffic analysis tools; netmon or Wireshark.
- Sound Understanding of Microsoft Active Directory and Group Policy Objects.
- Solid understanding/troubleshooting of TCP/IP.
- Knowledge of network architectures: LAN, DMZ, WAN.
- Knowledge of Cisco routing and switching.
- Knowledge of VPN, IPSec, SSL, TLS,
- Knowledge of two factor authentication such as RSA or Entrust.
- Knowledge or experience with DLP tools such as McAfee, Websense, or Symantec
- Experience with Penetration Testing tools such as Metasploit,Kali, Backtrack, or Nessus is a major plus.
- Powershell, VBS, and BAT scripting experience is a plus.
|Job Category||Administrator, Security Officer|