Estimated Length: 12 Months Work hours:37.50 Est. OT Hrs/Wk:10.00
• Security Monitoring, Infrastructure Implementation, Security Enforcement and Support activities related to Cyber Security Operation Center (CSOC)
• Security infrastructure implementation, monitoring/analytics support of perimeter network security devices including Firewalls, IPS/IDS, Proxy, Application Security
• Events, Security Enforcement activities, and associated tool administration.
• Provide information to senior management with respect to current infrastructure security events, reporting, investigation monitoring, and day to day security operations.
• Work alongside/within a group of technical security staff responsible for the security infrastructure, implementation of perimeter network security devices such as Firewalls, IPS/IDS, VPN, Proxy, DLP, Two factor authentication technology and Wireless Security, and Security Enforcement activities.
• Provide tier 1 and tier 2 security operation and event support, real-time monitoring & analytics on both perimeter and internal infrastructure, monitor application security events and administer associated security tools. These tools include but are not limited to Security Events and Incident Management (SIEM) tools, firewall traffic monitoring tools, IDS / IPS tools, DLP, Proxy Server, and applications such as I-DAP, AD, Email, MDM etc. for entire Client network 24/7/365 to make sure all Client critical and non-critical infrastructure and applications are secure.
• Participate / assist with the management and monitoring of security change process and day to day security events as it relates to highly critical systems holding PPSI, PCI and HIPPA data to make sure proper security controls are in place.
Participate / assist with change control of firewall, proxy, Intrusion Prevention System, Remote Access, VPN, internet access, Wireless Security Systems and coordinate changes with all Client agencies and departments.
• Perform log correlation between security, network and application logs.
• Perform project management, administration, and monitoring of data security projects and procedures as it relates to Cyber Security Operation Center,
• Assist the Cyber Security Operations Security Infrastructure and Enforcement team as per Client and New York State security policies and procedures.
• Responsible to provide 24x7x365 level 1 thru 4 support as it relates to all security technologies managed by Cyber Security Operation Center at Client with lifecycle replacement and upgrades throughout Client for all network security infrastructures.
• Knowledge of Enterprise Networks & Security infrastructure, Communication and internet security systems, Firewalls, Intrusion Protection Systems, Remote Access VPN, Proxy, Wireless Security, NAC, Enterprise ID Management systems, Database, computer systems, security event analysis and forensic investigations.
• Organizational, decision making, and communications skills.
• Knowledge of network security operations with a solid understanding of the technology and attention to detail.
• Creative problem-solving abilities, coupled with a desire to take on responsibility.
• Strong team player with the ability to engage and promote a cohesive unit.
• Ability to handle multiple tasks in a fast-paced environment, and prioritize highly varied work in order to maintain required productivity levels.
• Ability to communicate technical' info and ideas so others will understand.
• Ability to make appropriate decisions considering the relative costs and benefits of potential actions.
• Ability to apply collaborative skills and traits that create solutions and results to unexpected situations
Additional Skills and Information:
Security Event Monitoring, Network Event monitoring, Email Header Analysis, Packet Capture inspection, Malware Triage & Analysis, SIEM (Splunk) & TIP Experience