Adapt Forward Cyber Defense Signature Analyst in Charleston, South Carolina
Signatures and E-Policy (SeP) ? IDS and IPS Analyst
Position Location: Charleston, SC
Position Type: Full-Time
Minimum Security Clearance: TS/SCI
Position Description: SeP team develops, supports, tunes, and deploys signatures and policy solutions across various technologies on the project. SeP team performs hands-on Web Application Firewall configuration, policy fine-tuning, management, and maintenance. SeP team develops, supports, tunes, and deploys signatures for Intrusion Detection and Protection Sensors. Leverage information from partner teams to develop more robust, and comprehensive, signatures. Stay up-to-date on current malware trends, and threat actor activities, to ensure the security of the organization.
Qualifications: ? US Citizen? Solid understanding of web applications, web servers, application firewalls, frameworks and protocols with respect to web application development, deployment, and operations.? Experience implementing security tooling, processes, and strategies in the areas of AV endpoint protection, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Active Directory, and related technologies.? Experience analyzing web traffic requests.? Responsible for configuring and managing Palo Alto VM Firewalls within AWS and Azure cloud boundaries by utilizing latest automation techniques.? Performs technical analysis and administration tasks on Palo Alto Firewalls and F5 virtual appliances which includes: configure, document, Web Proxy, URL filtering, DLP/Antivirus policies, Panorama, install software/firmware upgrades, system patches; provide troubleshooting, fault isolation, preventive maintenance, technical support and problem-solving.? Experience maintaining, deploying, tuning Web Application Firewalls.? Experience exploiting web apps and web service security vulnerabilities including cross-site scripting, cross-site request forgery, SQL injection, XML SOAP, and API attacks.? Understanding of OWASP Risks, Vulnerabilities and Mitigation mechanisms.? Experience analyzing network traffic with Wireshark or tcpdump.? Responsibilities include maintaining the intrusion ruleset, optimizing detection, configuring NGFW ACLs, general device configuration and maintenance, troubleshooting the devices when needed, assisting the analyst teams with investigations, and supporting the Solution Architects with design input and recommendations.? Experience writing and configuring Snort style IDS/IPS signatures.
Recommended Education:? Associates degree or higher from accredited university/technical college in Cybersecurity, Computer Science, Information Systems, or other related scientific or technical discipline
Certifications:? DoD or DoN Cybersecurity Workforce (CSWF) Certification or compliance (DoDD 8140 or SECNAV M-5239) o 8570 Classification IAT ?II & CSSP Analyst
Required Skills:? Extensive knowledge of Packet Analysis? Extensive knowledge of IDS/IPS solutions ? Experience with log aggregation tools? Logical thinking and analytical capabilities? Strong oral and written communication skills ? Knowledgeable in network security procedures, best practices, and implementation.
Highly Desired Skills:? Practical knowledge in at least one scripting or development language. (e.g. PowerShell or Python)? Ability to convey extremely technical concepts to audiences with varying technical understanding.? The ability to solve problems independently or with minimal assistance.? Expert knowledge in evaluating vendor products and making recommendations to purchase hardware and software.? Knowledgeable in setting up administrator and service accounts.
Position Requirements and Duties:Web Application Firewall? Engineers, configures, deploys, and maintains F5 Web Application Firewall solutions.? Analyzes requests from subscriber sites for blocked web application traffic.? Coordinates with subscriber sites for Web Application Firewall tuning.? Coordinates with subscriber sites for onboarding of new Web Applications through the WAF.? Coordinate with other teams on deployment and maintenance of F5 WAF systems.? Performs technical analysis and administration tasks on Palo Alto Firewalls and F5 virtual appliances which includes: configure, document, Web Proxy, URL filtering, DLP/Antivirus policies, Panorama, install software/firmware upgrades, system patches; provide troubleshooting, fault isolation, preventive maintenance, technical support and problem-solving
IDS/IPS Responsibilities? Engineers, configures, deploys, and maintains IDS infrastructure for subscriber sites.? Write and deploy custom Suricata and Snort style signatures.? Analyze network traffic and IDS/IPS alerts to configure Suricata/Snort style signatures.? Coordinate with other teams on deployment and maintenance of IDS systems.
Additional Information: ? Authorized to update signatures and view alerts for IDS/IPS? Authorized to view Audit Records on Central Log Server? Overtime may be required as needed to support incident response actions (Surge)? Up to 15% Travel may be required
Adapt Forward is a cybersecurity solutions provider for some of the nation?s most valuable information systems. Leveraging advanced threat assessment technology and experience in building high-level information security infrastructure, we develop adaptive solutions uniquely tailored to our customers? business objectives to protect sensitive data against sophisticated threats in an increasingly complex security environment.
Summary of Benefits
Comprehensive Physical Wellness Package, including Medical, dental, vision care, plus flexible spending accounts for health- and dependent-care are included in our standard benefits plan.
401k Retirement Plan with Matching Contribution is immediately available and vested
Annual Training Budget to be used for conference attendance, school enrollment, certification programs, and associated travel expenses.
Ten Federal Holidays, plus three weeks of PTO/vacation/sick leave that accrues at a rate of ten hours per month.
Employee Assistance Program: Counseling/legal assistance and other employee well-being programs are also offered.
Equal Opportunity Employment
Adapt Forward is an equal opportunity employer that values diversity in the workplace and does not discriminate or allow discrimination on the basis of race, religion, age, gender, sexuality, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. Adapt Forward promotes affirmative action for minorities, women, disabled persons, and veterans.