Applicant must be competent to work at the highest technical level of all phases of Intrusion Protection. As the Expert Intrusion Protection Specialist, the candidate is expected to elevate their skillset and assist the team with implementation of best-practice standards.
• Performs computer systems security risk analysis and assessment.
• Analyzes and defines security requirements.
• Design, develop, deploy and determine monitoring strategies for infrastructure components such as: Enterprise Firewalls, IDS, IPS, Advanced threat detection, SIEM, DMZ, VPN, Load Balancers, Network Infrastructure etc.
• Provides written reports documenting findings, corrective action and implementation plans.
• Expert knowledge of computer systems intrusion detection tools and techniques, computer systems penetration tools and techniques and commercial off-the-shelf (COTS) intrusion detection products such as CISCO NetRanger, Internet Security Scanners (ISS), Real Security or Axent Intruder Alert.
• Lead the response, triage and escalation of security events affecting information assets and activities.
• Experience performing malware analysis (and reverse engineering), network forensics, endpoint protection, and scripting.
• Provide expert level thought leadership and guidance on intelligence/analytics research to build the necessary controls and infrastructure to provide automated and proactive detection and prevention.
• Strong troubleshooting skills in complex communication and network environments, with a working knowledge of government security standards (e.g., Risk Management Framework, NIST 800-171, DISA STIGs, DSS ODAA Process Manual, etc.).
• Able to provide forensic analysis of system infrastructure such as network packet captures, DNS, proxy, Netflow, malware, application logs, as well as logs from various types of security sensors.
• Experience converting intelligence into actionable mitigation and technical control recommendations.
The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required of personnel so classified.
The successful candidate must be able to work in a fast-paced environment with demonstrated ability to juggle and prioritize multiple, competing tasks and demands and to seek supervisory assistance as appropriate.