|Date Posted||February 7, 2020|
Position Scope/Job Functions
Security Infrastructure Operations:
- Responsible for day to day support and maintaining security Infrastructure
- Systems (e.g. Intrusion Prevention Systems, Anti-Virus, Web Proxy Systems,
- Full Packet Capture, Online and Offline Malware- Analysis Systems and SIEM
- Duties include but not limited to system troubleshooting, vendor coordination, OS patching and updating.
- Ensure all devices are under configuration management, receiving signature updates and maintain operational readiness -Monitor performance metrics and log data for continuous improvement and tuning to match current threats -Update rule-sets/policy on infrastructure systems to support overall Laboratory defensive systems -Maintain and update documentation, including standard operating procedures.
Security Infrastructure Engineering:
- Assist in evaluating potential security software, tools or devices.
- Assist in testing of new network security systems and changes to existing network security devices.
- Develops, publishes, and maintains system documentation (e.g. Requirements, Design/Build, Testing, and SOP) according to department standards.
- d) Through log and data analysis, determine scope or extent at which other systems were exposed to the same threat.
- e) Identify, implement or request solutions (e.g. blocks) to mitigate future risk to the Laboratory.
Cyber Security and External Awareness:
- Participation in external Cyber Security working groups (e.g. FFRDC)
- Monitor current malicious cyber activity at large and research how vulnerabilities are being exploited and software affected.
- Proactively identify opportunities to mitigate potential threats based on research
- Proactively identify any patterns within device and server logs based on research to potentially identify systems of interest or mitigate future risk to the Laboratory systems
Communication & Collaboration:
- Develop metrics and presentations that demonstrate Threat assessment team effectiveness -Coordinate efforts among analyst to enhance mitigation efforts and avoid duplication of efforts.
- Coordinate with Security Services Department on threat impact, nature and potential scope.
- Develop and publish detailed Threat Assessment reports as required.
- Evaluate potential security software, tools or devices -Test new network security systems and changes to existing network security devices.
- Develop technical project plans, requirement documentation, test plans, change requests, and communications to users.
This position is under general supervision of the IT Security Operations Team Lead.
Equal Opportunity Employer Veterans/Disabled