• Ability to design, engineer, implement Cisco Firepower Firewall / IDPS interface with Stealthwatch; create security zones, rule sets, routing and switching interfaces, analyze and trouble shoot deployment and testing in LAN / WAN environment
• Access R/S BOM, components, design, validate security devices policy etc., configure devices, validate functionality
• Ability to troubleshoot network or operating system issues associated with an enterprise IDS.
• Demonstrated experience in operations and maintenance of a FirePower (formerly Sourcefire) or SNORT IDS or similar.
• Ability to develop IDS rules and conduct tuning activities particularly with Cisco products (FirePower) or SNORT.
• Able to collaborate on problem management and root cause analysis discussions with fellow network engineers, security engineers, and analysts
• Experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment
• Working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
• Ability to generate rule sets configurations w/ Cisco Firepower
• Ability to securely configure device support export of Information Assurance artifacts
• Prefer experience in integrating with SPLUNK
• Experience with design engineering Trend Micro / TippingPoint 8200 IDPS
• Experience with configuration, testing, analysis in Deep Inspection / Analysis tools based on design
• Ability to tune / align devices with other security tools
• Ability to generate rule sets configurations w/ TippingPoint 8200
• Develop Security CONOPS
• Develop Incident Response procedures
• Support Information Assurance
REQUIRED SKILLS AND EXPERIENCE
• Bachelor of Science in Computer Science or equivalent
• 8 years of increasingly complex and progressive experience in computer systems and network engineering, including three years of specialized experience
• CCNA / CCNP Security / CompTIA Security+
• Bachelors in Computer Science or equivalent
REQUIRED SECURITY CLEARANCE
• Active DoD Secret clearance