Vacancy expired!
- Candidate should primarily have information with large scale architecture and network deployments.
- Candidate must also possess expert level skills with multiple programming languages and must demonstrate that they can reverse engineer malware code.
- The Candidate must be an expert in Cyber Security Incident Response processes.
- Must be proficient with UNIX, Windows, OSX, and Mobile Devices.
- Candidate must be proficient with the administration of Office365 and all its security features.
- Candidate should be comfortable with threat hunting across a variety of data sources including writing custom SIEM queries, EDR queries, and other technologies as required.
- The candidate must have experience ingesting and processing intelligence that aligns with MITRE ATT&CK Framework including TTPs that align with MITRE ATT&CK framework
- 6+ years' experience: Information Security
- Seeking a highly technical Security Architect/Administrator that will lead the deployment, configuration, administration, and content rule creation of RSA NetWitness.
- The Security Architect/Administrator will be responsible for all aspects of the product including, but not limited to, the successful configuration of the product to include visibility for all traffic (including perimeter traffic & east/west traffic), tuning and creation of standard security alerts, customized alerts for the agency, and log forwarding to a SIEM.
- In addition to being a product subject matter expert, the Architect/Administrator will correspond regularly with other security team members such as Security Monitoring and Threat Intelligence for product enhancements to keep up with dynamically evolving business/industry requirements.
- Understand, collaborate, and solve technical/operational business requirements.
- Assess existing network architecture and provide recommendations for optimal visibility.
- Design a deployment plan that is highly resilient with failover, load balancing, and, is able to excel with given network/hardware limitations.
- Install hardware in a large and highly complex technical environment composed of several locations and network egress points.
- Troubleshoot and diagnose network configuration conflicts.
- Maintain and administer appliance post-deployment for patches, security content creation/engineering, and continuous refinement.
- Configure integration with existing security stack and design/develop playbooks for automation.
- Continuous collaboration with other agency security personnel (including training of how to use the product to its full potential) and communication with senior/executive management as needed
Vacancy expired!