Role: Linux Security Engineer
Location: Onsite, Columbia, SC
Contract: 1+ Year
Job Description:
- Working administrative knowledge using IT security technology such as Snort, SourceFire, and Firepower
- Orchestrate deployments of custom RockyLinux/CentOS/Redhat/Oracle 8/7 Operation System
- Apply recommended OS Patches, Kernel upgrades to keep server operating systems up to date
- Administration of Snort Intrusion Detection System (IDS) Sensors; Perform analysis, design, and development of signature for the IDS sensors; Ability to tune, configure and implement detection logic in open source Snort Sensors
- Automate repeatable tasks with the help of scripting (Python/Ansible preferred)
- Update security tools on Linux systems; Configure and deploy new open-source and commercial security tools on Linux systems; Troubleshoot of Linux Servers and applications beyond the basics
- Develop strategies to improve operational workflow
- Have basic knowledge of routers, switches, network VLANs and VPN configuration
- Asses existing network sensing topology and identify key system flaws
- Provide recommendations to overall system deployment and design
- Perform administrative and engineering work on Security Operation Center tools such as log collectors and EDRs
- Manage customer expectation and attend all mandatory review / regulatory discussions related to the specific project being delivered
- Ability to lift physical appliances, rack and stack servers in Datacentre
Preferred Skills:
- Centralized Log Management experience
- Red Hat Certified System Administrator (RHCSA®)
- CompTIA Security+
Responsibilities:
- Support customers at the highest levels in the development and implementation of doctrine and policies
- Occasionally provide security engineering and integration services to internal customers
- Develop detailed supporting documentation regarding technical projects (such as materials to support an architecture review board)
- Analyze security requirements for the management and administration of sensing technology
- Analyze general information assurance-related technical problems and provide basic engineering and technical support in solving these problems
- Design, develop, engineer, and implement solutions that meet security requirements (relating to IDS/IPS solutions)
- Deploy new sensors for monitoring network traffic flow
- Evaluate that all information systems are functional and secure
- Install, configure, support, and implement tools & services
- Provide recommendations on collection, processing and distribution systems in the cyber security market
- Deploy and configure FireEye HX EDR agents across various endpoints within the organization
- Integrate FireEye HX with other security tools and systems, such as SIEM (Security Information and Event Management) platforms
- Set up and manage automated scanning tools to regularly scan applications for known vulnerabilities
- Conduct dynamic analysis (DAST) to identify vulnerabilities in a running application
Mandatory Skillset- Linux, Security Engineer
