Sr Cybersec Sys Engineering Analyst (Firewall)

About The Position

Requirements

• HS/GED: 9 yrs work experience required
• Associates: 7 yrs work experience preferred
• Bachelors: 5 yrs work experience preferred

Nice To Haves

• Master’s degree in Cybersecurity, Computer Science, IT, or other closely related discipline
• Hands on experience working with Palo Alto Networks next-generation firewalls
• Hands on experience working with Cisco ASA firewalls
• Palo Alto Networks Certified Network Security Engineer (PCNSE)
• Cisco CCNA
• Cisco DevNet Associate
• Cisco CCNP Enterprise/Security
• Cisco DevNet Professional
• Other relevant industry certifications
• Ability to develop firewall policy while balancing customer requirements and security controls.
• Ability to analyze firewall security and traffic logs.
• Experience tuning intrusion and malware detection capabilities on Palo Alto platform.
• Knowledge of application-aware firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
• Knowledge of networking and Internet communications fundamentals (i.e. devices, device configuration, hardware, software, applications, ports/protocols, addressing, network architecture and infrastructure, routing, operating systems, etc.).
• Experience with various edge security devices and architecture.
• Cyber security project experience.
• Network engineering/design/project experience.
• General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level including DNS, DHCP, HTTP, and SMB.
• Working understanding of security principles & desire to improve security posture of enterprise.
• Experience with network monitoring, analysis, and troubleshooting.
• Working knowledge of VPN configuration and troubleshooting.
• Experience analyzing network traffic.
• Working knowledge of NAT principles and troubleshooting.
• Experience and understanding of logging technology including log aggregation and configuration on firewall supporting infrastructure.
• Security event management experience and/or Cybersecurity operations.
• Windows, UNIX/Linux, Python, or related command line and scripting experience for automation and efficiency efforts.
• Demonstrated skill in protecting a network against various threats. (e.g., anti-malware, restrict/prevent external devices)
• Experience with forensics, IOCs, and malware analysis concepts and methods.
• Familiarity or experience with the Cyber Kill Chain® methodology
• Experience with the maintenance, configuration and operation of next-gen firewalls and other Cybersecurity tools in virtual and cloud environments.
• Working knowledge of identity and access services in a large enterprise.
• Experience with Tufin Orchestration Suite firewall management tool.
• Compliance experience with industry standards (NERC CIP, PCI, SOX)
• Experience supporting a large enterprise network.
• Experience in Data Center environment.
• Experience with NSX.
• Strong team player and ability to manage multiple tasks and assignments.
• Demonstrated commitment to personal and team success.

Responsibilities

• Performs day to day firewall policy administration.
• Maintains security framework across the enterprise.
• Participates in cybersecurity projects and initiatives within Cybersecurity, IT, and other business units.
• Contributes frequently to team knowledge base.
• Maintains up-to-date documentation of security infrastructure, changes, and security strategies.
• Documents work performed.
• Interacts with business partners and other IT Teams as necessary to understand, apply, and enforce security requirements.
• Proactively identifies/makes recommendations on potential security issues and solutions.
• Responsible for understanding the global threat environment and general security best practices
• Drive continuous improvement of processes and procedures to improve analysis, detection, and mitigation of incidents in support of the overall Cyber Defense mission.
• Create and drive action plans to address recurring or ongoing information security incidents.
• Develop and maintain reporting metrics used to measure team performance, ensure analyst adherence to processes/procedures for operational consistency, identify process improvements, coaching, training and professional development of the staff.
• Participate in the planning and implementation of information security technology projects.
• Serve as point-person and subject matter expert for issues and projects related Cyber Security Counter Threat Operations.
• Collaboration as appropriate with leadership and other key stakeholders.
• Participates in on-call rotation duties.
• Provides increased availability during inclement weather, cyber, and significant incidents.
• Adheres to proper Change Management requirements and processes.
• Responds to incidents in a timely manner.
• Configures, installs, and maintains security hardware.
• Deploys code upgrades.
• Leads investigation/troubleshooting efforts during service disruption events.