Network Security Engineer

Unified Technical is currently looking for a Network Security Engineer for an implementation project in Los Angeles.  Unified provides holiday pay and longevity bonus to all employees and offers competitive salary. 

Scope:

* Plan, implement, and maintain FoundScan vulnerability assessment engines.  Conduct DHS-wide network vulnerability assessment, systems' vulnerability assessment and application vulnerability assessment solutions and procedures

*Establish DHS-wide network vulnerability assessment reports and organization IT Security conformance posture reports.  Work with facilities and mitigate discovered vulnerabilities

*Gather and review network documentation.  Identify target systems and services visible to the internal users as well as the Internet.  Conduct internal and external security posture assessment for all DHS network devices as well as production systems.  Analyze vulnerability data and validate the presence of vulnerabilities.  Provide vulnerability analysis and mitigation recommendations to improve the security state of the network to meet DHS security goals and compliance.  Provide an onsite executive presentation of finding and recommendations.

*Validate current security policies and practices against industry best practices and verifying areas that require improvement as well as recommending and assessing new security tools

*Perform and document systems and application hardening procedures

*Plan, install, configure, manage, monitor, and support Cisco Security Agent (CSA 4.x & 5.x). Tune Cisco CSA to protect the integrity of DHS systems

*Utilize Cisco MARS, Cisco VMS and other tools to establish security threat reports and matrix.  Monitor and identify security threats (internet, LAN, WAN, WLAN, & VPN) and respond accordingly.  Establish and carry out log analysis and security incident response/reporting procedures.

*Risk Assessment - THis includes the establishment of procedures for conducting risk assessment, threat analysis and risk management; the identification of security gaps and non-compliance in business processes with respect to HIPAA security best practices; the development of recommendations for workflow redesign; the assistance with remediation; and training information owners and stakeholders in accurately performing risk assessment/management and threat analysis within their domains.

*Knowledge Transfer - This includes working with DHS technical staff and facilitating the transition of support responsibilities to DHS technical staff

*The Consultants will facilitate the transition of support to DHS staff through training, mentoring, knowledge, and skills transfer

Minimum Requirements:

Consultants must meet all of the following minimum requirements:

1) Three (3) years experience within the last five (5) years with any of the following industry standard security practices, policies, and protocols: NIST, NSA, Dept. of Homeland Security, DOD standards
 
2) Provide an example of applying security principles in advanced network and security architectures demonstrating a sound understanding of security issues and protocols through applying security principles in advanced network and security  architectures.

3) Three (3) years experience within the last five (5) years building and managing host and network intrusion detection/prevention systems including CSA, ISS Real Secure, TippingPoint, and/or Axent.

4) Two (2) years experience within the last three (3) years building and managing centralized multi-firewall/VPN management systems, including use and knowledge of network security correlation solutions such as CiscoWorks VPN/Security Management System (VMS), Cisco MARS, ArcSight SIM, and/or NetForensics.

5) Three (3) years experience within the last six (6) years with any of the following industry standard security vulnerability analysis tools:
Foundstone, Sniffer Solutions, Microsoft Hfnetchk, URL Scanner, Nessus Scanner, GFI LanGuard, ISS Vulnerability Scanner, AppDetective, WebInspect, Metasploit.

6) Three (3) years experience within the last (5) years leading in security incident triage and response, including working with firewall and VPN device logs, investigating security events, protecting forensic value of data and establishing monitoring and incident reporting/response procedures for timely notification of security vulnerabilities.

7) The consultant must have at least one of the following certifications: SSCP, SANS GIAC Certs (FW and/or Intrusion Detection), CISA, CCSP, CCNP, CCIE

Must be U.S. citizen or Green Card holder local in Southern CA for an in-person interview only and must pass a background check.

Please email resume directly to akiran@unifiedtechnical.com , or call Akira Nakai directly at (949) 598-7020 ext 225.