Firewall Administrator

Firewall Administrator (Job Number:435708)

Description:

Job Description

* Seeking a Firewall Administrator who will perform security operations, security monitoring, firewall security management, intrusion detection services, NOC and SOC support, and Security incident and audit management.

* The Firewall Administrator will also be responsible for IT and information security policies, system administration, network Security, firewall administration, proactive security problem solving.

* Performing implementation, maintenance, and integration of security devices.

* Monitor, investigate, detect, resolve, and remediate network attacks, threats, and security breaches

* Providing network and system security support leveraging many years of experienced gained in this field deploying and supporting Firewalls, IDS/IPS, Content Filters, and SIEM tools

* Proactively find the root cause security and data breaches

* Proactively meet all Service Level Agreements (SLAs) regarding customer security incidents, response time, notifications, and resolution.

Qualifications:

Qualifications

Required Education/Experience

* Bachelor's degree with 3+ years recent related experience. Additional experience will be considered in lieu of degree.

* Perform security operations support including monitoring, remediation, implementation, configuration, planning, encryption, and tracking in compliance with security policies and other security-related statutes, regulations, rules, and standards.

* Perform Network-Based and Host-Based Intrusion Detection Services and perform day-to-day secure operation of the customer-wide network.

* Conduct assessments of security controls, identify weaknesses, and track remediation activities

* Perform with Network Security Monitoring tools, network traffic analysis, and log analysis Static and dynamic malware analysis

* Recommend and implement best practices for firewall management compliance with the customer policies.

* Perform network monitoring and intrusion detection analysis to determine attacks on the network

* Analyze network traffic and identify anomalies and information security controls for weaknesses.

* Take mitigation actions to contain the attack activities and minimize damage when a malicious activity or attack has occurred on the network

* Conduct network and system audit activities, patch audit, and compliance scan. Conduct periodic network scans to find any vulnerabilities

* Proactively respond and resolve incidents and change request using ServiceNow to minimize impact

* Monitor, investigate, detect, resolve, and remediate attacks, threats, and security breaches

* Have detailed technical knowledge of network and system operating system and network security in physical, virtual and cloud-based (AWS) implementations.

* Initiate security incident response including tracking and recovery actions

* Hands-on experience in security systems, including endpoint security, vulnerability assessment and management, network security technologies such as firewalls and IPS/IPS, wireless network security, authentication systems, log management, and encryption

* Experience with assessments of security controls, identify weaknesses, and track remediation activities

* Experience with NESSUS Compliance Check Tools and Standards

* Conduct assessments of security controls, identify weaknesses, and track remediation activities

* Familiarity with information security standards, policies and best practices

* Install, monitor, and manage security devices, including firewalls, data encryption and other security products and procedures

* Ability to investigate any irregularities to determine if the networks have been compromised.

* Work and communicate to stakeholders the status of information security, inform of possible risks, and suggest ways to improve security.

* Experience with assessments of security controls, identify weaknesses, and track remediation activities

* Experience with packet capture and analyses for network troubleshooting and security

* Monitor and detect security policy/rules configuration changes as well as changes in the network and server performance.

* Experience with industry security standards and best practices

* Familiar with the implementation of ITIL and ITSM processes and functions implementation project.

* Experience with installing, configuring, operating, troubleshooting, and maintaining network equipment including routers, switches, firewalls, applications optimizations, etc.

* Experience with NESSUS and Compliance Check Tools and Standards

* Experience with Splunk Application, "SPAN" or a mirror port, and the use of a dedicated packet mirroring switch or a device like a Gigamon

* Experience Network Security Monitoring tools, network traffic analysis, log analysis, Static and dynamic malware analysis

* Experience with producing technical documentation, including change management documentation and diagrams (using Visio).

* Self-starter with good interpersonal skills, team player, good oral and written communication, and organizational skills

* Experience supporting the monitoring and configuration of Firewall/DMZ infrastructure including Network and Application Firewall Packet Filtering technologies

* First- hand experience with supporting the monitoring and configuration of Firewall/DMZ infrastructure including Network and Application Firewall Packet Filtering technologies (Checkpoint and Palo Alto).

* Intermediate Pearl and Linux (Redhat, CentOS) CLI experience.

* Experienced in utilizing network monitoring tools

* Provide tier 3 support for VPN and Citrix users covering a myriad of remote access issues.

* Coordinate with regional support to ensure seamless transition during hardware upgrades.

* Administer VPN edge devices

Desired Experience/Skills/Attributes:

* Worked on complex problems where analysis of situations requires in-depth evaluation of factors.

* Experience with programming/scripting languages

* CCNA Security

* Experience with Checkpoint Endpoint Security, Cisco AnyConnect VPN, Ciscoworks, Cisco Prime, FWSM, Palo Alto Network Firewalls

* Syslog, log monitor and analysis tools

* Wireshark packet capture and Analyzer for instant network analysis

* Experience with NESSUS and Compliance Check Tools and Standards

* Knowledge of ITIL and ITSM processes, functions, implementation.

* Experience with SNMPv3/v2/v1 network management tools, including NetFlow collectors, network management tools to include Cisco Prime Infrastructure, Cisco DCNM, Remedy, ServiceNow, Gigamon, Solarwinds, etc.

* Experience working with Security Information and Event Management (SIEM) tools

* Clearance Requirement: Public Trust and must be a US citizen

SAIC Overview:SAIC is a premier technology integrator providing full life cycle services and solutions in the technical, engineering, intelligence, and enterprise information technology markets. SAIC is Redefining Ingenuity through its deep customer and domain knowledge to enable the delivery of systems engineering and integration offerings for large, complex projects. SAIC¿s approximately 15,000 employees are driven by integrity and mission focus to serve customers in the U.S. federal government. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $4.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see ( My SAIC Benefits. EOE AA M/F/Vet/Disability

Job Posting: Apr 10, 2018, 7:21:24 PM

Primary Location: United States-MD-ROCKVILLE

Clearance Level Must Currently Possess: Other Clearance

Clearance Level Must Be Able to Obtain: Other Clearance

Potential for Teleworking: Yes

Travel: Yes, 10% of the time

Shift: Day Job

Schedule: Full-time

Similar jobs you might like