Intrusion Prevention System/Proxy Lead
Security Clearance required: Top Secret
US Citizenship Required
Location: Seaside, CA
Project Summary: This position will be responsible for supporting the operation and maintenance of a cybersecurity operations center (CSOC). Including but not limited to: maintaining the security posture of information systems from its conception to retirement through the integration of Information Systems Security and sound information assurance practices, facilitate use of Cybersecurity technical information in the design, development, testing, evaluation, operations, and maintenance of information technology for the customer's systems, implement Real-time Threat Detection and Mitigation Toolsets, provide proactive cybersecurity threat hunting and penetration testing teams searching the network for gaps and or/signs of attackers before a compromise turns into a full breach, and to resolve incidents and problems and ensure the delivery of high-quality services delivered as rapidly and effectively as possible.
- Participate as system security and cyber subject matter expert in support of engineering design teams and functional interoperability assessments.
- Support the cybersecurity architecture by providing active and engaged solutions to IT teams relative to security design and review processes. Ensure the effective operations of existing and future Cybersecurity IT.
- Gather details and information about assets (hosts, OS, applications, users, transmitted files, vulnerabilities, etc.) to aid in system coloration, monitoring and analysis.
- Connect devices to IDS/IPS management center and add/edit/delete devices.Control access control lists and audit log settings, dashboard settings and database event limits.
- Configure and create access control policy. Specifically configure what network traffic to pass through the appliances and what type of detection to perform on the traffic.
- Create correlation polices; customize rules, responses and violations based on threats.
- Configure the system to a series of responses to a policy violation
- Perform event analysis to reduce false positive alerts and optimize the performance and effectiveness of IPS to protect network assets by tuning the decoders, preprocessors and rules to optimize the performance and effectiveness. Perform analysis to better understand the threat exposure to DHRA environment and take corrective actions on the things that potentially put enterprise at risk.
- Monitor for unusual, suspicious or malicious activity, run user and network discovery. Provide report on users and hosts that should not be connected to the network. Block, alert or modify unusual, suspicious or malicious network traffic
- Automate responses and reporting and perform event analysis.
- Provide weekly Scanning and Monitoring report the following information pertaining to IDS/IPS: Deployment schedule status, status on configuration and tuning of IDS/IPS; IDS/IPS generated alerts and status on follow on action; security incidents/detection as a result of IDS/IPS detection; significant analysis performed; identify obstacles and remediation actions necessary for successful and compliant HBSS operations.
- Deploy and maintain the proxy solution
- Configure and create an access control policy. Specifically configure what network traffic to pass through the proxy
- Monitor for suspicious and potential malicious traffic traversing through or attempting to subvert the proxy
- Perform device management, interface configuration and deployment modes; monitor health status of the system. Facilitate vendor support where needed
Essential Skills, Experience, and Certifications:
- US Citizenship is a requirement of this position in accordance with 8 U.S.C. § 1324b(a)(2)(C)
- 5+ years of experience with operations and management of Palo Alto Hardware and products to include: Next generation Firewalls, Panorama, SSL Decrypt, Threat Prevention, URL Filter, and Wildfire.
- Must have an active DOD 8570 IAT III Certification (CASP+CE, CISSP, CISA, CCNP Security, GCED, GCIH)
- Must have Computing Environment (CE) certification(s) relating to the environment or specific tools pertinent this position (IPS/IDS related certification)
The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Physical Demands: While performing the duties of this job, this position requires the ability to sit for potentially long periods of time throughout the workday. Hearing sufficient to understand conversations, both in person and on the telephone. Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components for potentially long periods of time without experiencing abnormal hand, wrist, or eye strain. Occasional inspection of cables in floors and ceilings. Lifting and transporting moderately heavy objects, such as computers and peripherals. Must be able to lift up to 50 pounds.
- Work Environment: Includes a typical office environment, with minimal exposure to excessive noise or adverse environmental issues, including exposure to heat, cold, inclement weather conditions, and occasional environmental hazards. Local, regional, and national travel may be required.
Medical, Dental, Vision Plan
AD&D and Life Insurance
Paid Federal Holidays
Paid Time Off
401(k) Retirement Plan
Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.
Please click here to review your rights under EEO policy.
If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email email@example.com.