Estimated Length: 12 Months Work hours:37.50 Est. OT Hrs/Wk:0.00
Requirements
The IT Security operations team is seeking a seasoned Firewall administrator that can help with design configuration, installation and maintenance of Palo Alto firewall infrastructure.
The resource will be managing all aspects of Security Administration in support of business requirements in all data centers and office locations.
RESPONSIBILITIES:
• In depth knowledge of Enterprise Network/Security Infrastructure, able to investigation techniques of security incidents occurring in the perimeter/internal infrastructure utilizing security event analysis tools such as Splunk, Panorama logs, and Wireshark.
• Maintain security and networking devices and upgrade, as necessary.
• Provide support for other engineers on Palo Alto firewall equipment and application
• Understanding of routing, switching, IP subnet, NAT and security technologies
• A high-level Palo Alto expertise in design, configuration, migrations, tuning and customization of features.
• Understanding of Zones and virtual routers – ability to understand and troubleshoot routing issues
• knowledge of Panorama, Wildfire, and other Palo Alto features including but not limited to SSL decryption
Lead the planning and coordination of security tasks and activities in support of IT related projects and initiatives.
• Assume complete ownership of the firewall and network security elements of a project or the implementation of any large-scale system.
• Maintain and enhance forensic infrastructure (hardware and software), processes and procedures, along with supporting documentation, based on industry best practices.
• Coordinate across Client , including various departments and Cyber Security Operations Center, in operations and the revision of processes and technology.
• Research and develop evidence collection, protection, and analysis techniques for Client owned and maintained hardware and software.
• Provide real time monitoring and alerting analytics and security incident investigation on perimeter/internal infrastructure and applications security events across the Client Enterprise Environment.
• Examine malicious software (bots, worms, and Trojans) to understand the nature of the threats. Perform reverse engineering to examine how the program interacts with the environment and Document the attack capabilities, understand the characteristics, and define signatures to detect malware.
• Work with partners, vendors, departments, and law enforcement agencies to maintain an understanding of security threats, vulnerabilities, and exploits that could impact systems, networks, and assets. Liaise with legal staff efficiently and effectively, provide evidence, and testify as required.
• Oversees and perform administration of all associated Security devices & tools which includes but are not limited to Palo Alto firewall, Remote Access / VPN, Wireless etc. for all Client network 24x7x365 to make sure all Client critical (PCI) and non-critical infrastructure and applications are secure.
• Escalate complex issues to next level security support and report it to CSOC lead and organize, participate in and, if required, chair post incident reviews for presentation to the senior management.
TECHNICAL QUALIFICATIONS:
• Expert knowledge of and familiarity with installing and maintaining various components of an information security system, including firewalls, authentication protocols, encryption software, remote access systems, and commercial-off-the-shelf security products. Knowledge of troubleshooting methodologies appropriate to the implementation platform.
• Expert knowledge of and familiarity with various components of an information security system, including Palo Alto firewalls, authentication protocols, encryption software, remote access systems, and commercial-off-the-shelf security products. Knowledge of troubleshooting methodologies appropriate to the implementation platform, e.g., servers, desktops, laptops, or mobile devices.
• Expert knowledge of and familiarity with internet technologies and computer networking.
• Demonstrated ability to investigate, troubleshoot, lead and support technical issues both remotely and on-site using standard Client tools and techniques.
• Demonstrated ability to read, understand and develop schematic diagrams, technical manuals and documentation such that supported equipment and software can be maintained with minimal training.
• Experience with forensic investigations of diverse platforms including Windows, *nix, Android, OSX, etc.
• Knowledge of Domain structures, user authentication and authorization, encryption and networking
• Experience with escalation, notification, and after-action review processes for security incident management and recovery.
• An advanced degree and/or professional certification is desirable.
• Ability to reverse engineer binaries of various types
• Expert understanding of Microsoft Windows Internals
• Ability to analyze shell code
• Understanding of software exploits
• Ability to analyze packed and obfuscated code
• Capable of identifying host- and network-based indicators
• Experience mitigating anti-reverse engineering techniques
Additional Skills and Information:
Demonstrated leadership and people skills.
Demonstrated ability to perform research and recommend solutions for security problems to management.
Demonstrated ability to plan, design and engineer solutions and projects for the security team.
Demonstrated ability to perform project management tasks related to solutions and projects for the security team.
Demonstrated ability to be able to lead the planning and coordination of security tasks and activities within the security team.
Demonstrated ability to perform all technical and non-technical tasks, such as procurement, while ensuring that security tasks are completed on time
Must demonstrate highly developed knowledge of current industry standard information security and market trends.
Demonstrated ability to plan, present and apply complex technology solutions to solve critical business requirements effectively and efficiently.
Proven experience working with senior level staff contributing to both short and long-term technology related plan
|