We are currently seeking a Cyber Security RSA NetWitness Engineer to join our client's Security & Resiliency team as a full-time employee.
- Directly interface on customer request and incident tickets
- Provide security first answer and support of access issues or requests
- Provisioning and de-provisioning of access
- Troubleshooting access issues across multiples systems and groups to deliver customer access
- Support implementation of infrastructure, applications, monitors, security controls, and other project requirements based on cybersecurity standards and policies
- Assist and perform testing of implemented solutions, recommend improvements, and support the deployment of changes following the change and release management process
- Serve as operations level-3 support for assigned technologies, lead the root-cause analysis, troubleshooting, and service restoration procedures and activities
- Manage the infrastructure and software lifecycles; including setup, maintenance, end-of-life retirements, replacements, and upgrades
- Effectively communicate the implications, dependencies, and impact of infrastructure, security, or policy-related topics to stakeholders and executives
- Maintain and develop operational procedures, standards, and policies, for the team to use in daily operations
- Manage customer-related escalations
- Ensure all service management procedures are being followed and Service Level Agreements (SLA's) are met
- Ability to perform a variety of tasks and willingness to work extra hours in emergency situations or during on-call shifts
- Bachelor's Degree in Computer Science or related field is preferred. Equivalent work experience can be substituted for educational requirements
- 5+ years of RSA NetWitness administration.
- Must have experience deploying and maintaining applications in large Linux environments with an emphasis in administration of SIEM systems.
- Must have or be able to achieve a US government clearance
- Must be able to meet the ISSM requirements as documented in the National Industrial Security Program Operation Manual (NISPOM)
- ITIL V3 Foundations, or above, certified
- Excellent problem-solving skills with the ability to diagnose and troubleshoot technical issues
- In-depth knowledge and understanding of IT systems, domains, enterprise applications, DNS, and Networking
- Information security knowledge in one or more areas such as Enterprise end-point security products (i.e. McAfee e-Policy Orchestrator, Virus Scan, Anti-Spyware, Host Data Loss Protection, Endpoint Encryption, etc.) Security Information and Event Management (SIEM), firewalls, Web Proxy, E-Mail and Web Gateway etc. to include: Palo Alto / Checkpoint / SonicWall / McAfee / Cisco / Blue Coat / Imperva etc.
- Customer-oriented with a strong interest in customer satisfaction
- Able to effectively perform knowledge transfers and train peers regarding SIEM, security, IT procedures, and system configuration
- Strong verbal and written communication skills. With emphasis on technical writing skills and the ability to explain complex problems to nontechnical teams
- Ability to learn new technologies and concepts quickly