Vacancy expired!
- College Degree (Bachelors Level) in Computer Sciences, Telecommunications, Management, Networking or a related field, required.
- Experience on network security (network firewall, VPN, SIEM, URL Filtering and web content filtering), preferred.
- Experience with Cisco Security Suite (Cisco-ASA, Firepower FTD, FMC, AMP, ISE, Umbrella), preferred.
- Cisco certified (CNNP), preferred.
- Cloud Security, MS Azure networking and security, preferred.
- Security certified professional (CISSP), preferred.
- Participate in the design, implementation and maintenance of network technology services for ensuring the confidentiality, integrity and availability of Client information assets at Houston and remote sites, including process control networks, and hosts of Cloud information in the “cloud”. By enforcing zoning and firewalling among different areas of the network with different security requirements. Deploy and administrate network access control lists, firewall rulesets, Virtual Private Networks (VPN), Network Access Control (NAC), etc.
- Provide day to day administration and maintenance of intrusion detection and prevention systems, dedicated to detect known form of attacks and policy violations, as well as anomalies. These systems include the administration of: Firewall, Network intrusion detection and prevention (IDS and IPS), Data Loss Prevention (DLP), Host/Endpoint Security as well as web content filtering and Cloud Access Security Broker (CASB).
- Administration and maintenance of the department’s capability for real-time alerting and digital forensics. Enable sources of security events to produce and forward logs to the Security Information and Event Management (SIEM) tool; ensure the SIEM tool gathers and correlate events to provide the necessary real-time alerting for Client Incident Response (IR) capability. Prioritize alerts based on severity and target’s criticality, determine and tune out false positives, and add detection to minimize false negatives.
- Review, test and be part of in the Incident Response (IR) process, by periodical review and testing of the procedure. Also participate in investigating alerts, helping confirm incidents, and be part of response team. Contribute in the lesson learned phase of the incident response process by helping fine tune the detection capability.
- Conduct security assessments to determine areas of vulnerability to client information assets;
- Analyze technological advances with existing product lines and emerging technologies, against the requirements of the company and the information asset owner, to ensure the appropriate policies, procedures, hardware and software controls are selected to provide effective protection over an extended period of time. Ensure compatibility within the entire Client security scheme and integrate with minimal impact to end users of information asset systems.