Responsible for the 3rd shift. Hours : Monday - Friday 12 am - 9 am EST.
Must Haves :
- 3+ years of Configuration and administration of Cisco ASA Firewalls
- 3+ years of Configuration and administration of Cisco FTD Firewalls
- Fundamental knowledge of the following, IPsec, IPS / IDS Snort Engine, SIEM, Identity Services Engine (Cisco ISE), Vulnerability Management
- Fundamentals in the areas of enterprise network topology, routers, switches, servers, NAT, DNS; TCP / IP architecture and functionality
- Works independently to accomplish short and long term project goals with clear and concise communication to team members and management
Day to Day :
- Assist in maintaining the customer Security Operations Center security posture.
- Responsible on Weekends and Holidays to respond to Network Operations Center priority one circuit outages.
- Responsible for creating, triaging, updating, and seeing closure of Security Operations Incident, Request, and Enterprise Change Management tickets.
- Monitors and maintains Firewalls and corresponding management tools (FMC, ASDM), Intrusion Prevention Systems (IPS), Vulnerability Management (VM), Cisco Umbrella domain name security, ISE network Access Control, Posturing, and Profiling, IPsec VPN tunnels, AnyConnect remote users and security module, Third Party Partner Security Incident and Event Manager (SIEM), and other network and cloud security tools.
- Use tools (Wireshark and interface captures, and log searching) to assist in troubleshooting network, device configuration, and network security related problems.
- Responsible for firewall cleanup processes, tasks, and learning firewall tools to assist in performing these processes and tasks.
- Follow and maintain SOC process and technology documentation.
- Open and work to closure vendor TAC cases, mostly Cisco, to resolve incidents and device issues.
- Provide reports and metrics for the SOC Supervisor or Operations and Administration Manager as requested.
- Interface with all other TSD technical teams in initiatives and activities the require Security Operations Center resources.
17 hours ago