Senior Network Security Engineer (BBBH121456) Irvine, California
Long Term Contract.
Senior Network Security Engineer, located in Irvine
Will be managing the IDS (Intrusion Detection System ) environment ( Client has Tipping point installed with 60 IPS Sensors Globally ) . Prefers Tipping Point experience but other IDS experience ( like Sourcefire ) would be considered, pending other factors.
The successful candidate will possess current technical skills and have experience supporting a globally deployed enterprise Intrusion Detection System/Intrusion Inspection System (IDS/IPS), along with additional responsibilities that include but are not limited to the management of security vulnerability scanning and remediation, support for a global security incident response capability, support for Security Incident Event Management systems, and knowledge of compliance processes and frameworks specific to the pharmaceutical industry.
Essential Duties and Responsibilities
Operate and maintain a globally distributed enterprise Intrusion Detection System (IDS) system.
Ensure high reliability of IDS sensors by responding to and resolving system issues.
Configure and manage feeds into enterprise event aggregation and correlation systems.
Optimize analyst effectiveness by ensuring signature quality in collaboration with analysts and developers.
Maintain IDS signature deployment and repository, to include signature tuning, analysis and development.
Ensure the integrity, availability and uptime of IDS and related systems, to include performance base lining and measurement.
Document processes and procedures of all IDS and related infrastructure operations and monitoring.
Document incidents and daily activities into designated system and/or format.
Provide on-call support during non-core business hours.
Assist onsite client technical team members with technical insight facilitating ongoing incidents and mitigations.
Operate and maintain network security scanning platform (Critical Watch) Analyze, research, and report on regularly scheduled and ad-hoc network security scan jobs.
Serve as a senior security liason/facilitator between Xerox functional IT business units and client business units in support of various Information Security projects that arise from time to time. e.g. annual security assessments, business driven Information Security project, etc.
Technical Skills Required:
Proven understanding and in-depth knowledge of Linux/UNIX platforms and administration.
Proven understanding and in-depth knowledge of regular expressions.
Proven understanding and in-depth knowledge of scripting languages (e.g., Perl, Python, Unix/Linux shell).
Experience with Intrusion Detection Systems (e.g., Tipping Point/Sourcefire) deployment, management, optimization.
Familiarity with IDS/SIEM integration methodologies and best/common practices.
Familiarity with Intrusion Detection System signature development and management.
Experience with server and network equipment deployment, management, optimization, troubleshooting and use.
Experience with network monitoring tools (e.g., tcpdump, Wireshark) and understanding of network packets.
Solid understanding of network protocols and experience in traffic analysis and packet inspection.
Ability to support implementation efforts for new technology capabilities and transition them to production.
Ability to document and explain technical details clearly and concisely.
Technical Skills Desired:
Thorough understanding of computer networking, routing and protocols.
Mastery of Unix/Linux and Windows operating systems.
Familiarity with OS X operating system.
Experience correlating security event data and leveraging SIM/SIEM frameworks.
Hands on experience with a variety of different IDS/IPS and SEIMs.
Familiarity with offensive attack sequences and defensible security.
Experience with network intrusion detection, monitoring and support, to include understanding of common network threats, vulnerabilities and possible mitigations.
Experience with writing and editing technical documentation and operational procedures.
Experience analyzing network logs, syslogs, and/or IDS alert logs.
Working knowledge of desktop word processing and communications software (Microsoft Office, Visio, Project, PowerPoint, Excel, etc.).
High level of project coordination/management skills to manage the execution of maintenance activities, network outages and upgrades.
Ability to work independently
Ability to complete project and operational deliverables on time Ability to clearly communicate and work in complex work environments
Education and certifications
Bachelor's degree, or a combination of experience and/or Associate's degree. Minimum of five years of Information Technology and/or Information Security experience CISSP, SANS certification(s) GSEC, GCIA, GCIH
Please email your resume if you are indeed interested