Location : Madison WI
Duration : 12++ Months
This hands-on role requires a high level of technical expertise. Responsible for a broad range of tasks, including the day-to-day administration of information security tools and devices, as well as first-level and second-level support for security information and event management (SIEM), and includes significant responsibilities for the security administration of a wide variety of IT systems across the DOJ enterprise. Implement the continuous monitoring of the security posture of all systems in the DOJ enterprise. Provide in-depth incident analysis, evaluate security incidents and perform research, as well as monitor, analyze and correlate network traffic utilizing the latest in security tools and technology. Review threat data from various sources; coordinate with DOJ leadership to provide reporting and situational awareness. Interact closely with personnel from various teams including the application development, operations and network, and system owners. Administer and help support various Information Security Management programs and initiatives related to computer security, policy and procedures, awareness training, audit coordination, legal matters, legislation and regulatory compliance.
• Primary contact for the DOJ’s Computer Network Defense Service Provider
• Create configuration/policies/alerts using SIEM tools.
• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks.
• Administer components of the security architecture such as IDS/IPS and SIEM tools.
• Monitor security vulnerability information from US CERT, vendors and third parties and notify management of impact to security posture for DOJ systems.
• Participate in information security working groups.
• Bachelor’s in Computer Science or related field
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management. Experience in Security Operations Center preferred.
• Technical proficiency with security-related systems and applications such as vulnerability scanners, end point security solutions, Intrusion prevention devices.
• Experience and proficiency with any of the above: SIEM, Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-based Forensics, Network Forensics.
• Experience in performing network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks
• Experience in scripting languages such as python/PERL/BASH and experience with regular expressions and correlation rules
• Experience in coordination of resources during enterprise incident response efforts, driving incidents to resolution.
• Expertise in Microsoft Windows, Linux platforms.
• CEH and/or GCFA credentials are strongly preferred.
Carlos Santos . Sr Recruiter
Ageatia Technology Consultancy Services Inc
949 N plum Grove Road | Schaumburg, IL 60173
Email:- email@example.com |Board Line : 847-517-8415 EXT:321
www.ageatia.com |visit : http://www.ageatia.com/jobs.