207 Business Park Dr., Ste. 100
VA Beach, VA 23462
Employee Type: Full-Time
Location: Norfolk, VA
Job Type: SIEM Engineer
Experience: 5+ Years
AERMOR LLC is seeking qualified cyber security engineers will be part of the Enterprise Security Services (ESS) team for a Federal Cyber Security contract. This position is responsible for maintaining computer and information security incident, damage and threat assessment programs. Duties include designing, developing or recommending integrated system solutions ensuring proprietary/confidential data and systems are protected, participating with the client in the strategic design process to translate security and business requirements into technical designs, and configuring and validating secure systems, testing security products/systems to detect computer and information security weakness.
- Must have strong knowledge with McAfee SIEM Tools Primary duties include engineering/administrative support for the full SIEM suite, management of thousands of data sources, identifying threat events and vectors, creating dynamic watch list, creation of correlation rules, defining alarms, developing custom views and reports, coding custom regex parsers, creating automated actions, developing SIEM use cases, creating playbooks, holding training courses, briefing management and providing SIEM incident response and root cause analysis.
- Create custom use cases, system alarms, correlation signatures, watch lists and 20 plus custom regex parsers to meet customer's IT security needs.
- Use McAfee SIEM to provide near real time identification and eradication of threat events matching our McAfee SIEM use case criteria. Manage logging, parsing, storage, event correlation and alarm notification criteria for data sources.
- Provide engineering support of McAfee s ESM, ADM, ELM, ePO, investigator, real time/historical ACEs, and Event receivers.
- Administer agency’s security and vulnerability scanning infrastructure technologies including:
- Tenable Security Center
- Web Inspect Enterprise implementation
- FireEye appliances
- Install, upgrade, and patch security applications.
- Perform vulnerability scans.
- Document operating procedures.
- Create and maintain user accounts for enterprise systems.
- Provide end-user support for all enterprise systems.
Required Skills and Experience:
- Advanced level applied experience and thorough understanding in at least one of the following IT Security Technologies:
- Tenable Security Center
- Fortify Web Inspect Enterprise
- McAfee Enterprise Endpoint Protection, ePO, and Web Proxy Gateway appliance
- FireEye Enterprise Protection Suite (NX, EX, ETP, and HX)
- 5 year of design, development, integration, implementation, operation, and analysis of cyber security technologies.
- 5 years administering network appliances, security appliances, Windows. and/or Strong experience with Linux devices.
- Strong attention to details, works well with direction, excellent verbal and written communication skills.
- Strong knowledge of information security principles
- Daily interaction and hands on responsibility of network security experience (Firewalls, IPS/IDS, Malware detection, etc)
- System security experience (system hardening, host based / endpoint security, etc)
- Building complete security solutions by integrating commercial, open source and custom security tools.
- Design security solutions for our customers
- Plan, manage, and execute installation and operation of commercial cybersecurity toolsets.
- Strong communication and written skills
- Experience with System Administration, Network Administration Network Security, Networking Standards, Network Protocols, NIST/FISMA standards and controls, SIEM platforms and security tools, Network Hardware Configurations.
- Experience working in a Security Operations Center (SOC)
- Prior Endpoint experience
- Prior expertise with vulnerability assessments.
- Prior expertise with network intrusion detection technologies, threat analysis, and threat hunting methodologies.
- Intrusion Prevention System (IPS) expert
- Expertise on how attackers would penetrate organizations.
- How to utilize cyber threat intelligence into the SOC workflow.
- Software development and / or scripting expertise.
- Prior experience with any McAfee technologies such as
- Enterprise Security Manager (ESM)
- McAfee Endpoints
- ePolicy Orchestrator (ePO)
- Endpoint (ENS 10)
- Network Sensor Platform (NSP)
For more information contact: email@example.com