Resp & Qualifications PURPOSE:
As a member of the CyberSecurity Operations Center’s Engineering team, you are responsible for defending the enterprise network from threats and adversaries, both internal and external. The CyberSecurity Engineering team is at the forefront of security technology research, architecture, deployment, implementation and operation for all aspects of network related security throughout the enterprise.PRINCIPAL ACCOUNTABILITIES:
Under the direction of the Manager, CyberSecurity Engineering, the incumbent is responsible for, but is not limited to, the following:DUTIES AND RESPONSIBILITIES:
QUALIFICATION REQUIREMENTSRequired Education and Experience:
- Next-Gen firewall architecture for a complex, geographically distributed organization utilizing a mixture of on-premises and cloud infrastructure.
- Administration of the firewall environment including services such as VPN Gateways, URL filtering, SSL Decryption and Advanced Threat Protection.
- Responsible for the installation and operation of network security systems across the entire organization.
- Using Network and Host-based Intrusion Prevention systems to identify anomalous activity within the boundaries of the network.
- Configuration and monitoring of Network-based anomaly detection solutions.
- Develop and maintain playbooks documenting security controls and responses to specific threats.
- Analyze data and telemetry from network security tools to improve control efficacy and validate control results.
Degree or equivalent experience: BA/BS in Information Technology, Networking, Security, MIS, Computer Science or related field
Years of experience: Minimum 5+ years of demonstrated work experience. (Additional experience may be substituted for educational requirement.)
Specialized training (preferred, but not required):
PCNSE – Palo Alto Networks Certified Network Security Engineer
PCCSE – Palo Alto Networks Prisma Certified Cloud Security Engineer
PCSAE – Palo Alto Networks Certified Security Automation Engineer
Vendor specific tools training, SANS security training, GIAC Certifications
Demonstrated commitment to training, self-study and maintaining proficiency in the technical CyberSecurity domain
Other requirements (preferred, but not required):
Ability to obtain one professional certification within 6-12 monthsRequired Skills and Abilities:
Incumbent must have a firm understanding of Information and/or Cyber Security principles. Must be able to adapt quickly to understand rapidly changing threat landscape in order to correctly scope and prioritize security events. The incumbent must also be able to achieve certification across multiple domains such as networking, security, development languages, etc.
Must be able to effectively work in a fast-paced environment with frequently changing priorities, deadlines, and workloads that can be variable for long periods of time. Must be able to effectively communicate. Required skills:
- Thorough knowledge of Palo Alto Networks’ product solutions to include firewalls, Panorama, IPSEC VPN, Threat Protection, and Global Protect.
- Experience with network TAPS and Bypasses
- Experience managing Threat Prevention policies across a large, distributed environment
- Understanding of signature-based detection mechanisms and event-based detection methodologies.
- Strong understanding of TCP/IP analysis with Wireshark/Tshark, tcpdump, etc.
- Ability to triage events and escalate incidents as necessary
- Solid experience with routing, switching, VPN, wireless infrastructure, load balancer technology, and packet brokers.
- Advanced Linux skills
- Must be able to script in at least one language.(Preferably Python, Ruby, PowerShell, BASH)
- A solid understanding of securing AWS and Azure infrastructures.
Equal Employment Opportunity
- Familiarity with Splunk or Elasticsearch
- Packet capture and reassembly
- NetFlow analysis
- Deep experience analyzing firewall log data
- Advanced malware detection and prevention
- OSINT collection and analysis
- Familiarity with AWS log data such as CloudTrail, CloudWatch and VPC Flow Logs
CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.Hire Range Disclaimer
Actual salary will be based on relevant job experience and work history.Where To Apply
Please visit our website to apply: www.carefirst.com/careersClosing Date Please apply before: 5.20.21Federal Disc/Physical Demand
Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.
The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.Sponsorship in US
Must be eligible to work in the U.S. without Sponsorship