Position Description
- Assist in maintaining the NCAOC Security Operations Center security posture.
- Responsible on Weekends and Holidays to respond to Network Operations Center priority one circuit outages.
- Responsible for creating, triaging, updating, and seeing closure of Security
- Operations Incident, Request, and Enterprise Change Management tickets.
- Monitors and maintains Firewalls and corresponding management tools (FMC,
- ASDM), Intrusion Prevention Systems (IPS), Vulnerability Management (VM), Cisco
- Umbrella domain name security, ISE network Access Control, Posturing, and Profiling,
- IPsec VPN tunnels, AnyConnect remote users and security module, Third Party Partner
- Security Incident and Event Manager (SIEM), and other network and cloud securitytools.
- Use tools (Wireshark and interface captures, and log searching) to assist in
- troubleshooting network, device configuration, and network security related problems.
- Responsible for firewall cleanup processes, tasks, and learning firewall tools to
- assist in performing these processes and tasks.
- Follow and maintain SOC process and technology documentation.
- Open and work to close vendor TAC cases, mostly Cisco, to resolve incidents and
- device issues.
- Provide reports and metrics for the SOC Supervisor or Operations and
- Administration Manager as requested.
- Interface with all other TSD technical teams in initiatives and activities the require
- Security Operations Center resources.
- Monitor and respond to Third Party Partner initiated security investigations.
- Provide support of the established Incident Response Policy from beginning
- preparation and prevention through post-incident activity.
- Subscribe to and monitor Security Product Advisories and Cybersecurity
- Organization Bulletins researching and ensuring coverage of security device risks and
- Common Vulnerability Enumerations (CVE)
- Update PSIRT/CVE spreadsheet or other report tracking mechanism to report
- progress and coverage of Security Product Advisories and Cybersecurity Organization
- Bulletins.
- Monitor and Maintain the IPS signatures, Block lists, URL reputation lists, and
- malware file lists to ensure latest security recommendations are implemented.
- Use monitoring and security diagnostic tools to hunt for network and device
- vulnerabilities, security risks and potential threats.
- Research trends to assist the Security Operations team in staying up to date on
- industry best practices and current Cybersecurity trends, tools, techniques, and
- procedures.
- Evaluate, plan, and implement network devices, (switches, routers, management
- tools, etc.) and network security devices and tools (firewalls, IPS, ISE, etc.) upgrades
- and patches on a monthly and as needed schedule.
- Coordinates with various TSD teams in the evaluation, planning and
- implementation of patching, upgrading, and maintenance.
- Update patching spreadsheet to reflect historic and current versioning.
- Uses software tools to manage patching, upgrading and maintenance of network
- and security devices (Visio, Microsoft Office, etc.)
- Attend classes, seminars, webinars, conferences, training sites, and research product
- documentation, to enhance professional development and to progress in the field of Network
- and Cybersecurity trends and developments.
- Use NCAOC provided resources to attain Security Professional Certificates, (Ex.
- Cisco CCNA routing and switching, CCNA Security, CCNP Security, CISSP)
Skills Required
Required experience of 3 years in following:
- Configuration and administration of Cisco ASA Firewalls - 3 years
- Configuration and administration of Cisco FTD Firewalls - 3 years
- Fundamental knowledge of the following, IPsec, IPS/IDS Snort Engine, SIEM, Identity Services
Engine (ISE), Vulnerability Management -
3 years
- Fundamentals in the areas of enterprise network topology, routers, switches, servers, NAT, DNS;
TCP/IP architecture and functionality -
3 years
- Works independently to accomplish short and long term project goals with clear and concise
communication to members and management -
3 years