Firewall Administrator (2019-132) Dahlgren, Virginia
As the IPS/IDS Administrator, you will design, implement and maintain support of the network and security infrastructure, use best practices and knowledge of current technologies and their potential application to the RDT and E Environment, and will assist in assessing the security risk of proposed IPS/IDS modifications.
Essential Duties and Responsibilities:
• Manage Cisco Firepower IPS/IDS’ and network security systems by establishing and enforcing approved policies
• Analyze network security requirements and implement perimeter security changes.
• Utilizing industry best practices for security, disaster recovery, business continuity, change control, the engineer will design, configure, manage and troubleshoot a variety of network IPS/IDS technologies.
• Serve as a subject matter expert in coordinating and troubleshooting with customers, other infrastructure support activities and business units.
• Develop network documentation of security infrastructure
• Monitor network performance and implement performance tuning as necessary.
• Responsible for installing software, applying patches, managing file systems, and monitoring performance of IPS/IDS systems.
• Performs data backups and restoration of managed systems.
• Assist in the certification and accreditation process for managed systems and networks.
• Install and deploy of new Cisco Firepower IPS/IDS hardware and software.
• Review daily logs for managed systems and report on unusual activity. • Participate in the development and maintenance of Standard Operating Procedures (SOPs) associated with managed systems and applications.
• Collaborate with IT staff on projects and initiatives.
• Provide input for a monthly progress and status report.
Qualifications • Network Security certifications: CCSA, CCSE, CCMSE, CCSM, PCNSE highly desirable • Solid experience configuring and troubleshooting routing and switched infrastructure (e.g. CCNA, CCNP Security) and security certifications highly desirable • Experience in network security including: Device Hardening and patching, IDS/IPS, SIEM, IPS/IDS s, and vulnerability assessment and intrusion detection • Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security).
• Must be well versed in operating systems such as Linux as well VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks • Experience in administrating and troubleshooting IPS/IDS s within medium to large, complex organizations. • Experience with packet capture and analysis methodologies. • IPS/IDS Administrator will provide technical support and troubleshooting of managed systems and networks. • Diagnose and resolve complex network problems and improve network performance and reliability. Requirements: • Prefer a Bachelor's degree or higher from an accredited college in a related discipline and prefer a minimum of ten (10) years of relevant experience or equivalent combination of education and experience. • Must currently hold a DoD 8570 Information Assurance Technical Level II certifications. • Position requires a strong understanding of IPS/IDS and Firewall functions and operations (proxy, proxy-arp, NAT, stateful packet inspection, circuit layer gateways, and application layer gateway). • Experience with Next Generation and web application IPS/IDS s). • Requires shell scripting experience and basic knowledge of various types of Operating Systems including Microsoft Windows, Linux and Unix and their network intercommunications. • Ideal candidate will have experience with TCP/IP protocols and the OSI model and how they apply to production systems and networks. • Intermediate to advanced level skills in Microsoft Office software suite - Word, Excel, Outlook, PowerPoint. • Ability to communicate effectively with all levels of employees and outside contacts. • Strong interpersonal skills and good judgment with the ability to work alone or as part of a team. Desired Skills: • IPS/IDS engineering background with Cisco FTD or McAfee IPS/IDS s. • Use of web application IPS/IDS s, SSL decryption, secure remote access, IDS/IPS technologies, High Availability / Redundancy configurations and network analysis tools. • IPv6 network and application implementations. • Familiarity with Department of Defense security guidelines and policies, highly desired.
Security Clearance Required: Must currently hold a security clearance at the Secret level. Must be eligible to receive a TOP SECRET clearance upon hire. US Citizenship is a requirement for this contract.
#CJPOST