Jobs · Engineering · Virginia

9131 - Palo Alto Security Technical Lead/Manager

IndraSoft · Yorktown, VA · 18 mo ago
EngineeringFull-time

About the role

The successful candidate will serve as the Technical Lead for IPS/IDS Proxy Break and Inspect products/systems, lead and manage the deployment, design and day to day system administration and analyst functions for both DMDC & DHRA on premise and cloud infrastructures, and facilitate vendor support, as needed.

Responsibilities

  • Serve as the Technical Lead for IPS/IDS Proxy Break and Inspect products/systems
  • Serve as a Line Manager for staff supporting cybersecurity network activities (RedSeal, IDS/IPS)
  • Lead and manage the deployment, design and day to day system administration and analyst functions for both DMDC & DHRA on premise and cloud infrastructures
  • Build and configure IPS/IDS break and inspect devices according to DISA STIGs and Security Requirements Guides (SRG)
  • Implement Palo Alto Firewall features such as URL filtering, User-ID, App-ID, Content-ID on both inbound and outbound traffic
  • Create correlation policies, customized rules, responses and violations based on threats
  • Configure the system to a series of responses to a policy violation
  • Perform event analysis to reduce false positive alerts and optimize the performance and effectiveness of IPS to protect network assets by tuning the decoders, preprocessors and rules to optimize the performance and effectiveness
  • Automate responses and reporting
  • Troubleshoot any connectivity or operational issues
  • Manage access control lists and audit logs settings, dashboard settings and database event limits
  • Manage user accounts and roles
  • Identify users and hosts that should be removed from the network
  • Create dashboards to monitor significant events, traffic and data collection
  • Create IDS/IPS metrics detailing security posture
  • Create and maintain the IDS/IPS Break and Inspect topology diagram
  • Create weekly, monthly and in-progress review presentations, as needed
  • Create and maintain Standard Operating Procedures (SOP)
  • Support other cybersecurity objectives as required, including patch and vulnerability management, network monitoring, intrusion detection, intrusion prevention, and log analysis

Requirements

Must be a US citizen, possess a DoD Top Secret clearance: Minimum vetting Tier 5(T5)-Single Scope Background Investigation (SSBI) Active DoD 8570 IAT Level 3 certification for compliance, including at least one of the following certifications in good standing: CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH Computing Environment Certification Bachelor’s degree and 10+ years of Information Technology or Cybersecurity related experience 5+ years of experience with operations and management of Palo Alto Hardware and products to include Next generation Firewalls, Panorama, SSL Decrypt, Threat Prevention, URL Filter, and Wildfire Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk Knowledge of DoD cybersecurity policies, practices, and requirements

Qualifications

  • Experience in an enterprise environment (1500 servers plus 2500 workstations)
  • Experience configuring disaster recovery (DR) environments
  • Experience with Cisco routers/switches and Palo Alto firewall solutions, including the integration of Active Directory with Palo Alto
  • IT/Network monitoring and modeling experience, preferably utilizing SolarWinds and RedSeal
  • Knowledge of F5 local traffic manager (LTM) and Web Application Firewall (WAF)

Skills

Proven subject matter expertise in Palo Alto and Cisco suites of products Demonstrated experience in network engineering, threat management, and vulnerability management Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk Knowledge of DoD cybersecurity policies, practices, and requirements

Benefits

N/A

Pay

N/A

Schedule

N/A

Similar jobs