5-7 years' experience in the Information Technology industry, with minimum of 3 years of experience in Information Security.Experience deploying and maintaining security technologies and the systems they run on to support MSSP environment.Experience in Cloud and/or Data Center technologies and knowledge of VMWare and virtual technologies.Vendor certifications on one or more core technologies (VMWare, McAfee, Fortinet, Cisco) are preferred but may be compensated by experience.
- Provisioning security tools for customer.
- Develop and maintain tool rules sets for security tools such as firewalls, IPS/IDS, MPS/MDS
- Help determine tactics, techniques, and procedures (TTPs) for security tools.
- Recommend computing environment vulnerability corrections.
- Work tickets escalated from Tier One service desk personnel and escalate to Tier Three as needed.
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or observed threats within the network environment or enclave.
- Perform patch management for MSSP Security tools and customer's security tools.
- Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
- Ability to work with provided security policies to design and implement network and security rules and configurations across various security platforms.
- Mentor and train Tier One Service Desk personnel as needed.
- Be able to work a rotating on-call schedule as needed.Qualifying Experience and Attributes
Qualifying Experience and Attributes
- 5-7 Years’ experience in IT
- Ability to configure and troubleshoot Cisco and Fortigate Firewall Platforms
- Working knowledge of VMWare NSX or Fortigate VMX
- Ability to configure and troubleshoot various Security Platforms including various Firewalls, IPS/IDS, MDS/MPS and Security Management platforms (McAfee ePO/FortiManager/Cisco FMC, Tipping Point etc.)
- Security related certifications (CISSP, GPEN, CEH, etc.) are desirable.
- McAfee EPO Management/Troubleshooting
- McAfee SIEM/Security Suite knowledge preferred
- Able to work tickets inside of Service Now.