Job Description:
 |
Title: Cisco Network Engineer
Duration: 1 year
Location: Los Angelos, CA
LOCAL CANDIDATES PREFERRED
STRONG EXPERIENCE PROFILE IN INFO SECURITY/HEALTHCARE COMBINATION
EXCELLENT REFERENCES REQUIRED
Scope of project:
Upgrading existing DHS Cisco Network IDS sensors from IDS mode (4.x)to IPS mode (5.x);Planning, installing, upgrading and maintaining all DHS Network Intrusion Prevention Systems (NIPS); Evaluating current network design and recommending proper NIPS network deployment; Advising management and DHS facilities on network architecture, server farms design, network security threat mitigation as well as coordinating solutions maintenance and routine patch/signature deployment;
Documenting network deployment and maintaining up-to-date network diagrams; Establishing a standardized and centralized NIPS/IDS device management.
Planning, testing, tuning, verifying and deploying new security
signatures.
Troubleshooting all related IPS related issues;Installing, configuring, managing, monitoring and supporting Cisco Security Agent (CSA 4.x & 5.x).
Tuning Cisco CSA to protect the integrity of DHS server systems;
Installing, configuring, managing, monitoring and supporting Cisco routers, switches, firewalls , VPN concentrators and wireless access points; Utilizing Cisco MARS, Cisco VMS and other tools to establish security threat reports and matrix. Monitoring and identifying security threats (Internet, LAN, WAN, WLAN & VPN) and responding accordingly.
Establishing and carrying out log analysis and security incident respond /reporting procedures;
Risk Assessment: This includes the establishment of procedures for
conducting risk assessment, threat analysis and risk management; the identification of security gaps and non-compliance .in business processes with respect to HIPAA security best practices; the development of recommendations for workflow redesign; the assistance with remediation; and training information owners and stakeholders in accurately performing risk assessment/management and threat analysis within their domains.
Requirements:
Candidates must meet all of the following minimum requirements:
Two (2) years experience within the last three (3) years installing, configuring, tuning and managing network intrusion prevention solutions (IPS) such as Cisco IPS, IBM IS8, McAfee IntruShield and/or TippingPoint.
Two (2) years experience within the last three (3) years building and managing centralized multi-firewallNPN management systems, including use of network security correlation solutions such as Cisco MARS, ArcSight, RSA EnVision and/or NetForensics.
Two (2) years experience within the last three (3) years leading
in security incident triage and response, including working with
firewall and VPN device logs, investigating security events,
protecting forensic value of data and establishing monitoring and incident reporting/response procedure for timely
notification of security vulnerabilities.
Five (5) years experience within the last seven (7) years
installing,configuring and maintaining Cisco routers, firewalls,
switches, wireless access points, VPN and routing protocols
The consultant must have at least two of the following certifications:
Certified Information Systems Security Professional (CI88P)
SANS GIAC Certifications: FW and/or Intrusion Detection
CISA (Certified Information Systems Auditor)
Cisco Certified Security Professional (CCSP)
Cisco Certified Network Professional (CCNP)
Cisco Certified Internetwork Expert (CCIE Security)
|
