12 month contract
Local to Charlotte (on-site)
This role has to do with NAC (Network Access Controls) on all switching gear
Each device requires a certificate to connect to it - connects to Cisco ISE tool
This person will be trying to get devices to support certificates that are not working. Troubleshooting the security/network controls.
Experience with Networking, firewalls, cyber background a must, navigating existing sec controls.
Security certs nice to have - not required, CCNA, sec+, CYSA all will make the candidate stand out.
The CW-Security Analyst II - IT will be responsible for translating security requirements into system tenets and validate implementation strategies meet cybersecurity standards and guidelines. This position will be responsible for cybersecurity architecture standards enforcement and may consult with internal customers (e.g., system engineers), leadership, security analysts, and IT architects in other lines of business on architectural directions related to information security.
Responsibilities:
- Reviews existing security architecture for new device types.
- Documents security exceptions related to new device types.
- Identify compliance gaps and recommend appropriate security measures.
- Serves as a liaison between cybersecurity and 802.1X NAC/ISE operational teams.
- Interfaces with various security teams as needed to support 802.1X NAC and ISE security and capabilities.
- Provides input on current and emerging network security threats and recommends security architecture to mitigate them
- Study, define, and provide input on network architectural standards, guidelines and design patterns that increase agility, flexibility, security, and reuse of solutions and assets.
- Ensure 802.1X NAC deployments maintain confidentiality, integrity and availability of information and assets without business impact.
- Document 802.1X NAC security processes and procedures used in reviewing and approving security architecture for new device types.
- Maintain documented 802.1X NAC process and procedures, ensuring documentation is repeatable and error free.
Basic Qualifications:
- Bachelors Degree in Cybersecurity, Computer Science, MIS or other degrees with high level understanding of network and application security and information systems
- Or in lieu of degree, 3+ years in Cybersecurity with significant experience in designing and implementing security solutions, military information security and/or system administration role
- Experience with 802.1x Network Access Control concepts.
- IT Business Process design, implementation, and maintenance experience.
- Understanding of responsibility matrix fundamentals (RACI) with the ability to drive RACI creation and acceptance.
Desired Qualifications:
- Advanced knowledge of the Cisco ISE product.
- CompTia CASP+ certification or equivalent technical certification with an emphasis in cybersecurity.
- Experience with Archer GRC tools.
- Advanced understanding of security solutions that support confidentiality, integrity, and availability such as, Network Access Control, Active Directory, firewalls, IDS/IPS, PKI, SIEM, and VLANs
- Practical experience implementing NIST or other industry standard framework
- Perform security related services and process assessments and evaluations based on NIST, OWASP, NIST, PCI-DSS, CWE/SANS, CSA guidelines
- Authentication and Password Management, Session Management, Access Control, Input Validation, Output Encoding, Cryptographic Practices, Error Handling and Logging, Data Protection, Communication Security, System Configuration, Database Security, File Management, Memory Management, General Secure Coding Practices
- Advanced understanding of OSI model layers and the TCP/IP protocol suite