Palo Alto Security Technical Lead​/Manager

9131 - Palo Alto Security Technical Lead/Manager

Job Category: Information Technology

Requisition Number: 9130C003510

Apply now

• Posted :
  August 30, 2021
• Full-Time

Showing 1 location

Yorktown, VA 23693, USA

Job Posting

Title:

Palo Alto Security Technical Lead/Manager

Indra Soft, Inc. is seeking a highly qualified Senior to SME level Security Engineer with an active Top Secret clearance to support our DoD client, located in Seaside, CA. The selected, highly motivated candidate will implement, configure, manage, and monitor IDS/IPS solutions for a geographically dispersed, high-availability enterprise. The successful candidate will leverage demonstrated experience in network engineering, threat management, and vulnerability management, coupled with proven subject matter expertise in Palo Alto and Cisco suites of products, to support DoD cybersecurity requirements and objectives.

Qualifications

Required:

• Must be a US citizen, possess a DoD Top Secret clearance:
  Minimum vetting Tier 5(T5)-Single Scope Background Investigation (SSBI)
• Active DoD 8570 IAT Level 3 certification for compliance, including at least one of the following certifications in good standing: CASP+ CE, CCNP Security, CISA, CISSP (or Associate), GCED, GCIH
• Computing Environment Certification
• Bachelor’s degree and 10+ years of Information Technology or Cybersecurity related experience
• 5+ years of experience with operations and management of Palo Alto Hardware and products to include Next generation Firewalls, Panorama, SSL Decrypt, Threat Prevention, URL Filter, and Wildfire
• Ability to communicate effectively with government and contract leadership, while conveying highly technical concepts to both technical and nontechnical stakeholders
• Capacity to thrive in a complex, fast paced environment with competing demands while delivering consistent, high-quality commitment to mission-critical systems and solutions
• Excellent analytic skills, including qualitative and quantitative data analysis to support and defend data-driven decision-making regarding system threats, vulnerabilities, and risk
• Knowledge of DoD cybersecurity policies, practices, and requirements

Desired

Qualifications:

• Experience in an enterprise environment (1500 servers plus 2500 workstations)
• Experience configuring disaster recovery (DR) environments
• Experience with Cisco routers/switches and Palo Alto firewall solutions, including the integration of Active Directory with Palo Alto
• IT/Network monitoring and modeling experience, preferably utilizing Solar Winds and Red Seal
• Knowledge of F5 local traffic manager (LTM) and Web Application Firewall (WAF)

Job Description:

The successful candidate will be responsible for deploying, configuring, and monitoring Palo Alto solutions across the enterprise both on premise and cloud environments, including oversight of the Palo Alto Panorama solution, and integration with existing infrastructure and security controls. Once operational, be responsible for the day-to-day analysis, engineering and maintenance of the IPS/IDS solution both on-site and in the cloud.

Key Responsibilities:

• Serve as the Technical Lead for IPS/IDS Proxy Break and Inspect products/systems
• Serve as a Line Manager for staff supporting cybersecurity network activities (Red Seal, IDS/IPS) ranging from a staff of 1 to 5 staff members over the life of the contract
• Lead and manage the deployment, design and day to day system administration and analyst functions for both DMDC & DHRA on premise and cloud infrastructures
• Build and configure IPS/IDS break and inspect devices according to DISA STIGs and Security Requirements Guides (SRG)
• Work with the Network Team to implement, configure, and troubleshoot Palo Alto firewall solutions
• Implement Palo Alto Firewall features such as URL filtering, User-, App-, Content- both inbound and outbound traffic
• Facilitate the implementation of SSL decryption (break and inspect) for full visibility of network traffic
• Create correlation policies, customized rules, responses and violations based on threats.
• Configure the system to a series of responses to a policy violation
• Perform event analysis to reduce false positive alerts and optimize the performance and effectiveness of IPS to protect network assets by tuning the decoders, preprocessors and rules to optimize the performance and effectiveness.
• Automate responses and reporting
• Ensure system backup and restore procedures are in place and operating
• Troubleshoot any connectivity or operational issues
• Access
  • Manage access control lists and audit logs settings, dashboard settings and database event limits
  • Configure and create access control policy. Configure what network traffic to pass through the appliances and what type of detection to perform on the traffic
  • Manage user accounts and roles
  • Identify users and hosts that should be removed from the network
• Metrics/Reporting
  • Create dashboards to monitor significant events, traffic and data collection
  • Provide weekly Scanning and Monitoring reports
  • Create IDS/IPS metrics detailing…