Network Security Engineer - 4A Consulting, LLC
Pikesville, MD 21208
About the Job
Description of Work:
Specific Work / Tasks
Deliverables / Acceptance Criteria
- Perform vulnerability detection and system risk evaluations in workstations, servers, and network devices including missing patches, configuration errors, and unidentified flaws.
- Assist with vulnerability management of systems including prioritizing vulnerability fixes by risk, perform system patching, and mitigation of vulnerabilities in lieu of patching.
- Perform network security assessments and audits, identify network security risks and vulnerabilities, compliance control deficiencies, and recommending network security solutions and improvements.
- Assist with design, implementation, and maintenance of network security solutions and architectures.
- Provide security support and guidance for the configuration, installation, and upgrading of network security devices and software, such as routers, switches, VPNs, firewalls, and proxies.
- Perform web application vulnerability assessments.
- Map data flow across the network.
- Assists with creating, reviewing, and documenting network security policies and procedures.
- Keep abreast of network security trends and developments.
- Deliverables will include, but are not limited to:
- Monthly risk assessment including missing patches and vulnerabilities not yet mitigated.
- Monthly updates on active risk mitigation.
- Annual review of policies and procedures.
- Annual network-wide audit.
Education:
A Bachelor's Degree from an accredited college or university with a major in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical discipline or four (4) years of equivalent experience in a related field.
Preferred Education:
- One or more of the certifications below are a plus:
- CompTIA Security+ Certification
- Certified Information Systems Security Professional (CISSP)
- GSEC (GIAC Security Essentials Certification)
- CCNA or CCNP
General Experience:
Four (4) years of IT experience in data security analysis and risk management within the most recent five (5) year period.
Preferred Specialized Experience:
- Fluent with Microsoft Windows, Linux, Tenable and Nessus, SolarWinds, and Cisco network equipment.
- Familiar with Oracle and SQL databases, Cisco Firepower, Infoblox, CIS Critical Security Controls, NIST SPs and FIPS, MECM, and zero trust architecture.
- Have in-depth knowledge of network protocols, standards, and best practices, as well as C# and vb.net programming and scripting skills.
- Professional experience with the technologies and methodologies detailed below:
- Access control
- Anti-malware software
- Anomaly detection
- Application security
- Cloud security
- Data loss prevent (DLP)
- Email security
- Endpoint security
- Firewall management
- Intrusion prevention systems
- Network segmentation
- Security information and event management (SIEM)
- Virtual private network (VPN)
- Vulnerability management
- Web security
- Wireless security
Source : 4A Consulting, LLC