OP Consulting Group
Key Responsibilities:
• Participates in the design, implementation and support of security infrastructure for the Department.
• Identifies network and information security risks across the enterprise, design, engineer, implement security solutions to address the risks at an enterprise level.
• Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment.
• Effective collaboration with the Office of Information Security OIS and other ITD groups is maintained.
• Strategic Plan items pertinent to the Network Security Operations group are completed.
• System policies and procedures are created, documented, and maintained.
• Perform network scans and penetration testing. Monitors log analysis and management tools for threats.
• Evaluate vulnerability scan results and notify business, application, and infrastructure teams of vulnerabilities in need of remediation.
• Evaluate and participate in agency Azure cloud solution review of network, security, and general project involvement.
• Ensure all daily functions that are required to maintain security applicable systems and applications are documented.
• Work with the agency's ISO team and the IT Auditors to review security audit findings and vulnerability scans results. Identify recommended correction activities and course of action, once determined communicate with the various stakeholders.
• Device configurations are based on best practices.
• Relevant documentation is kept up to date.
• Coordinating the handling and resolution of incidents related to security.
Required Skills & Qualifications:
Skill
|
Required / Desired / Preferred
|
Amount of Experience
|
Considerable knowledge and hands
on experience in the areas of information systems security of security policy
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with web security gateways, network access control, endpoint
security, and perimeter security technologies.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with firewalls, anti-virus software, anti-malware,
anti-phishing, authentication systems.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with intrusion detection/prevention systems, log analysis and
management, web content filtering
|
Required
|
7+ Years
|
Considerable knowledge and
experience with network protocols and security/authentication protocols at
all layers of the OSI model with emphasis on TCP/IP
|
Required
|
7+ Years
|
Demonstrated ability to identify
security risks across the enterprise and perform the day-to-day operation,
management and administration to protect the integrity, confidentiality, and
availability of information assets and technology infrastructure.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience detecting, responding, remediating security incidents.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience remediating System Security Plans (SSP) and Risk Assessment
(RA) in cybersecurity
|
Required
|
7+ Years
|
Solid experience with performing
threat; vulnerability and risk assessment; and coordinating the handling and
resolution of incidents related to security breaches at an enterprise level
required.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with web related technologies and penetration testing tools
|
Required
|
7+ Years
|
CISSP
|
Preferred
|
N/A
|
Required/Desired Skills
Skill Required/Desired Amount of Experience Considerable knowledge and hands on experience in the areas of information systems security of security policy Required 7.0 Years Considerable knowledge hands on experience with web security gateways, network access control, endpoint security, and perimeter security technologies. Required 7.0 Years Considerable knowledge and hands on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems. Required 7.0 Years Considerable knowledge and hands on experience with intrusion detection/prevention systems, log analysis and management, web content filtering Required 7.0 Years Considerable knowledge and experience with network protocols and security/authentication protocols at all layers of OSI model with emphasis on TCP/IP Required 7.0 Years Demonstrated ability to identify security risks across the enterprise and perform the day-to-day operation. Required 7.0 Years Demonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure Required 7.0 Years Considerable knowledge and hands on experience detecting, responding, remediating security incidents. Required 7.0 Years Considerable knowledge and hands on experience remediating System Security Plans (SSP) and Risk Assessment (RA) in cybersecurity Required 7.0 Years Solid experience with performing threat; vulnerability, risk assessment and coordinating the resolution of incidents related to security breaches. Required 7.0 Years Considerable knowledge and hands on experience with web related technologies and penetration testing tools Required 7.0 Years CISSP Highly desired Years
Skills:
network access control, endpoint security, and perimeter security technologies., Considerable knowledge and hands on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems., log analysis and management, web content filtering, Demonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure, Considerable knowledge and hands on experience detecting, responding, remediating security incidents., Solid experience with performing threat; vulnerability, CISSP
• Participates in the design, implementation and support of security infrastructure for the Department.
• Identifies network and information security risks across the enterprise, design, engineer, implement security solutions to address the risks at an enterprise level.
• Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment.
• Effective collaboration with the Office of Information Security OIS and other ITD groups is maintained.
• Strategic Plan items pertinent to the Network Security Operations group are completed.
• System policies and procedures are created, documented, and maintained.
• Perform network scans and penetration testing. Monitors log analysis and management tools for threats.
• Evaluate vulnerability scan results and notify business, application, and infrastructure teams of vulnerabilities in need of remediation.
• Evaluate and participate in agency Azure cloud solution review of network, security, and general project involvement.
• Ensure all daily functions that are required to maintain security applicable systems and applications are documented.
• Work with the agency's ISO team and the IT Auditors to review security audit findings and vulnerability scans results. Identify recommended correction activities and course of action, once determined communicate with the various stakeholders.
• Device configurations are based on best practices.
• Relevant documentation is kept up to date.
• Coordinating the handling and resolution of incidents related to security.
Required Skills & Qualifications:
Skill
|
Required / Desired / Preferred
|
Amount of Experience
|
Considerable knowledge and hands
on experience in the areas of information systems security of security policy
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with web security gateways, network access control, endpoint
security, and perimeter security technologies.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with firewalls, anti-virus software, anti-malware,
anti-phishing, authentication systems.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with intrusion detection/prevention systems, log analysis and
management, web content filtering
|
Required
|
7+ Years
|
Considerable knowledge and
experience with network protocols and security/authentication protocols at
all layers of the OSI model with emphasis on TCP/IP
|
Required
|
7+ Years
|
Demonstrated ability to identify
security risks across the enterprise and perform the day-to-day operation,
management and administration to protect the integrity, confidentiality, and
availability of information assets and technology infrastructure.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience detecting, responding, remediating security incidents.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience remediating System Security Plans (SSP) and Risk Assessment
(RA) in cybersecurity
|
Required
|
7+ Years
|
Solid experience with performing
threat; vulnerability and risk assessment; and coordinating the handling and
resolution of incidents related to security breaches at an enterprise level
required.
|
Required
|
7+ Years
|
Considerable knowledge and hands
on experience with web related technologies and penetration testing tools
|
Required
|
7+ Years
|
CISSP
|
Preferred
|
N/A
|
Required/Desired Skills
Skill Required/Desired Amount of Experience Considerable knowledge and hands on experience in the areas of information systems security of security policy Required 7.0 Years Considerable knowledge hands on experience with web security gateways, network access control, endpoint security, and perimeter security technologies. Required 7.0 Years Considerable knowledge and hands on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems. Required 7.0 Years Considerable knowledge and hands on experience with intrusion detection/prevention systems, log analysis and management, web content filtering Required 7.0 Years Considerable knowledge and experience with network protocols and security/authentication protocols at all layers of OSI model with emphasis on TCP/IP Required 7.0 Years Demonstrated ability to identify security risks across the enterprise and perform the day-to-day operation. Required 7.0 Years Demonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure Required 7.0 Years Considerable knowledge and hands on experience detecting, responding, remediating security incidents. Required 7.0 Years Considerable knowledge and hands on experience remediating System Security Plans (SSP) and Risk Assessment (RA) in cybersecurity Required 7.0 Years Solid experience with performing threat; vulnerability, risk assessment and coordinating the resolution of incidents related to security breaches. Required 7.0 Years Considerable knowledge and hands on experience with web related technologies and penetration testing tools Required 7.0 Years CISSP Highly desired Years
Skills:
network access control, endpoint security, and perimeter security technologies., Considerable knowledge and hands on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems., log analysis and management, web content filtering, Demonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure, Considerable knowledge and hands on experience detecting, responding, remediating security incidents., Solid experience with performing threat; vulnerability, CISSP