Responsibilities
- Develop, implement, and maintain comprehensive security analysis and vulnerability management strategies to safeguard network infrastructure.
- Design and manage secure network architectures utilizing technologies such as WAN, LAN, MPLS, MPLS VPNs, and IPsec protocols.
- Configure and manage security devices including firewalls (e.g., Cisco ASA), IDS/IPS systems, and SIEM solutions like Splunk or SolarWinds for real-time threat detection & response.
- Conduct regular vulnerability assessments, penetration testing, and system hardening following best practices aligned with standards like ISO 27000 and frameworks such as COBIT and DICAP.
- Oversee identity & access management using tools like LDAP, Active Directory, SSO, RBAC, and GPO policies.
- Monitor network traffic using tools such as SolarWinds, PRTG, New Relic, and Fiddler to identify anomalies or potential security breaches.
- Lead incident response efforts including threat intelligence analysis, incident recovery, forensic investigations, and system recovery procedures.
- Maintain security documentation including system security plans, disaster recovery plans, and compliance reports aligned with frameworks like FedRAMP and RMF.
- Collaborate with DevOps teams to integrate security into CI/CD pipelines utilizing tools like Terraform, Ansible, Docker, VMware vSphere, and cloud architecture principles.
- Stay current with emerging cybersecurity threats by conducting vulnerability research and threat intelligence analysis related to Internet of Things (IoT), cloud computing, encryption technologies like PKI/FIPS/FIPS 140-2 standards.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or related field; advanced certifications preferred (e.g., CISSP, CISA).
- Proven experience in computer networking including routing protocols (OSPF, BGP), network protocols (TCP/IP, DNS, DHCP), and network support/supporting enterprise networks with Cisco routers/switches or Juniper devices.
- Strong knowledge of cybersecurity standards such as ISO 27000 series, NIST standards (including RMF), FISMA compliance, PCI DSS requirements.
- Hands-on experience with network security tools like Cisco ISE, Cisco ASA firewalls, IDS/IPS systems; SIEM platforms; VPNs; load balancing; cloud security (AWS/Azure); virtualization (VMware); system administration on Linux (Debian/Ubuntu/CentOS) and Windows environments.
- Familiarity with scripting languages such as Python or Bash for automation tasks; experience with DevOps tools like Ansible or Terraform is a plus.
- Ability to perform vulnerability assessments using tools like Nessus or open-source equivalents; conduct threat detection & response effectively.
- Knowledge of encryption methods including SSL/TLS protocols; PKI management; system hardening techniques; incident management processes; disaster recovery planning.
- Excellent analytical skills combined with the ability to communicate complex technical issues clearly to both technical teams and non-technical stakeholders. This position offers an exciting opportunity for cybersecurity professionals committed to safeguarding critical information assets through innovative solutions aligned with industry best practices.
Job Type: Full-time
Pay: $70,000.00-$120,000.00 per year
