Security Systems - Analyst/Engineer

No third party submittals US citizen or permanent resident only. The Security Engineering unit provides for access control and analysis of the IT Network and applications environments for risks and threats, This unit also ensures that proposed and existing systems and network security architectures are engineered for and aligned with and operated according to security policies and standards as well as industry best practices, and develops mitigation strategies, techniques and processes for security breaches. The primary work for this position is in support of enterprise wide integrated information technology security systems solutions that ensure protection and integrity of proprietary/confidential data. This position supports underlying security technology platforms and processes including intrusion prevention and detection systems, anti-virus/malware systems, firewalls, audit tools, and breach mitigations tools. In addition, this position will provide back-fill to other work units that utilize the Systems Analyst/Engineer. Members of these work units will routinely work with, augment and backfill members of the Network Architecture, Design and Infrastructure Operations work units that have several overlapping responsibilities. The incumbent will have primary responsibilities for one or more technology platforms and secondary responsibility for other technologies. This position also provides for communications and technical feedback between customers, field support, and other ITG work units and provides (Tier III) support and technical escalation for design and problem resolution. This position is distinguished by a hybrid combination of technology roles that include Systems Analyst, Systems Administrator, Systems Engineer, and Project Manager. These are multi-tasking, broadly based, positions that require a unique combination of analytic, engineering, project management, and customer service skills to provide ITG systems support across all divisions. Incumbents are proficient in troubleshooting and root cause analysis using the scientific method of refining a problem statement, and queuing up a series of increasingly specific tests to isolate the problem. Necessarily, this requires specialized knowledge for the equipment and services for which the analyst/engineer is directly responsible. In addition, expert broad based knowledge is used to troubleshoot integrated applications suites, services running across hybrid network architectures, virtualized Servers or desktops, load balanced Web farms, firewalled VPNS, etc.

Required Skills, Knowledge and Experience:

Education:

• Bachelor s degree, and three years of progressively responsible Information Technology related experience leading to proven proficiency and subject matter expertise in the areas outlined within the class specification; OR
• Equivalent alternative educational experience that includes approved coursework, professional certifications as outlined below, vendor training, and seven years of documented professional experience leading to proven proficiency and subject matter expertise in the areas outlined within the class specification; OR
• An equivalent combination of education and experience.

Experience:

• Experience in designing, implementing and supporting new systems and infrastructure independently
• Experience using SDLC or like processes to manage projects
• Experience in supporting large mission critical systems in multiple production environments including solution design and tuning
• Extensive experience with Cisco or other main stream switching technologies
• Experience Juniper and CS-MARS system, IDP ISG, IPS or other IDS/IPS platforms
• Working technical knowledge of SNORT, Nessus, NCASE and other security scanning solutions, as well as open source tools
• Experience with IPX, TCP/IP, and other networking protocols.
• Crash analysis and troubleshooting
• Application installation and configuration
• Understanding of Microsoft Networks at the operating system level, file/directory security, and user account level
• Enterprise Experience with Systems administration (at minimum UNIX, Linux and Microsoft), Sendmail, Scripting
• Three years of hands on experience with Cisco Routers and switches.
• Proficient in network architectures and topologies
• Expert knowledge of network security at the operating system level, file/directory level, and user account level.
• Expert knowledge of application of HIPAA control implementation
• Comprehensive knowledge of the following:
  • Network Protocols (AppleTalk, IPX, NetBIOS, SNA, TCP/IP, etc.)
  • Routing Protocols (NLSP, RIP, OSPF, etc.)
  • Network Topologies (Ethernet, Token Ring, FDDI, Fast Ethernet, ATM, etc.)
  • Data Communications Equipment (Hubs, Bridges, Routers, Switches, DSU, Multiplexers, etc.)
  • Network Management Tools (SNMP, Transcend, HP OpenView, RMON, Sniffer, CiscoWorks, etc.)
  • Premise Distribution Systems (Fiber, Copper Cabling Systems, etc.)
  • Firewall Technologies: Cisco PIX, Checkpoint, Stonebeat
• General knowledge of the following:
  • Operating Systems (UNIX, DOS, Windows 3.1/95/NT, MVS, MPE, etc.)
  • Network Operating Systems (NetWare, Windows NT, etc.)
• Security Analysis Tools: Retina, Nessus
• Microsoft Administration/Operations
• Desktop architecture and design
• Microsoft SMS administration
• McAfee ePO administration
• Knowledge of.NIX operating system management and configuration
• Familiarity with implementation of security "best practices"
• Knowledge of vulnerability assessment tools, ie NMAP, Retina, etc.
• Management of event correlation tools
• Core and end-user messaging systems including Edge Appliances, Email Firewall, UNIX Sendmail, MS Exchange, POP/IMAP, Paging, other messaging systems and gateways
• Directory service experience (Microsoft Active Directory, LDAP interfaces, etc.)
• One or more: Scripting and/or programming languages such as, or equivalent to Perl, UNIX Shell, C Shell, .NET, Visual Basic, Java, HTML, etc.

Certifications

• CISSP certification

Preferred Skills, Knowledge and Experience:

Education:

• Bachelors degree preferably in Computer Science or related field
• GIAC Information Security Fundamentals
• Associate of (ISC)2

Experience:

• Work with incident response teams.
• 5 years as Senior Security Analysts performing Security operations center monitoring in a 24/7 operations center.
• Experience in a large network and campus environment (17,000 users)
• Formal Project Management Training (PMI) (PMP)
• Visio application

Certifications

• Vendor Certifications in appropriate technologies
• Microsoft Certified System Engineer Certification (MCSE), or MCITP, or MCTS Windows Server 2008
• Microsoft Certified Technology Specialist (MCTS)
• Citrix Certified Administrator (CCA)
• VMware Certified Professional (VCP)
• Sun, Linux Certification
• Storage Networking Industry Association (SNIA)
• Cisco Certified Network Association (CCNA)

Required Skills:
See job descriptiondf-tc

Experience/Skills
See Above

Other desired skills:
Security Systems - Analyst/Engineer