=========skill sets/ requirements=========== The primary responsibilities of this person would be monitoring and managing network and host intrusion prevention systems, general security log monitoring correlated by a SIM (firewall, web server, etc. logs) and identifying and responding to security incidents. The expected skill set of such a person is for them to have sound networking fundamentals (subnetting, IP addressing, etc.), knowledge of TCP/IP (understanding how internet protocols function- DNS, email, etc.) and basic security principal knowledge (separation of duty, attack types & methods such as XRFS/XSS, SQL injections, etc.) This position will work within the SecurityMonitoringCenter and perform a range of traditional operational security activities. Primary responsibilities include monitoring and management of intrusion detection systems with secondary responsibilities including threat monitoring, vulnerability scanning, data loss prevention & anti-virus governance. Position Requirements Experience with operating or participating in a SecurityMonitoringCenter or similar area. Strong knowledge of network and security protocols and principles such as: TCP/IP, defense in depth, granularity of privilege, etc. Operational information security experience working in an enterprise environment (geographically distributed and with a large numbers of employees). Knowledgeable of modern network security technologies such as: network and host-based intrusion detection/prevention, DDOS protection, Security Information Management, host-based integrity checking, end-point security, AV, etc. Preferred Skills Proficient with monitoring, scanning, and remediation tools such as Vontu, Nessus, Nmap, Foundstone, IBM ISS Proventia/Site Protector, change management systems, etc. Experience with multiple OS platforms to include: Linux, UNIX, Windows, and AIX. Clearly speak and communicate in English. Security Certification Desired (Security+, SSCP, GIAC and/or CISSP). |