Cyber Security Operations Administrator

Role: Cyber Security Operations Administrator

Location: Dauphin County

Complete Description:

Overview

• This candidate serves as a "Cyber Security Operations Administrator" within the Information Security Office of Pennsylvania's Infrastructure and Economic Development IT Delivery Center (IED DC) which includes the Department of Transportation (PennDOT), PA Emergency Management Agency (PEMA) and the Department of Community and Economic Development (DCED).

Job Responsibilities

• Primary responsibility is the administration of the delivery center's Firewalls and load-balancers. Demonstrates good judgement and problem-solving skills. Reacts and adapts to changing circumstances rapidly. Technically proficient and experienced with Windows and Unix/Linux operating systems, enterprise class firewalls, network security, network traffic analysis, incident response, vulnerability analysis, packet analysis, and systems hardening. Possesses proficient knowledge of layer 2 switching and layer 3 routing protocols, encryption protocols, communication protocols. Examples include but not limited to: TLS/SSL, IPsec, SSH, PGP, VLAN, LLDP, LACP, ARP, 802.1x, DNS, AES, etc.
• Assists in deterring, identifying, monitoring, investigating and analyzing network intrusions. Collects intrusion artifacts, indicators of compromise, correlates artifacts across systems, and gathers other relevant facts to enable mitigation of potential incidents within the enterprise.
• Receives and analyzes network alerts from various sources within the enterprise. Determines the alert trigger, the severity of the alert, and prioritizes response accordingly. Track and document incidents from initial detection to final resolution.
• Participates in the containment and neutralization of cyber threats based on the intelligence and indicators of compromise gathered. Assesses damage to services, systems, networks, data and other relevant assets. Participates in the restoration and reconstitution of systems and services. Makes recommendations to prevent the recurrence of cyber incidents and verifies that normal operations have resumed.
• Manages, monitors, and analyzes several security technologies to include defensive and offensive security solutions on the perimeter and internal networks such as firewalls, intrusion detection/prevention systems (IDS/IPS), data loss prevention, etc.
• Uses data from Security Information and Event Management (SIEM) and other logging solutions to conduct analysis, identify cyber trends, disseminate relevant findings, and recommend suitable security and/or compensating controls.
• Participates in the design and implementation of security controls. Grants and revokes access to restricted resources, ensures that end-users are authorized to access requested resources, and participates in periodic system audits/cleanup initiatives.
• Assists leadership in planning and implementing cybersecurity infrastructure or technology related projects, participates in the installation of equipment, related cabling, and conducts ongoing maintenance/repair of security infrastructure assets as needed.
• Leverages Commonwealth incident tracking and ticketing systems to receive tasks from other units, delegate tasks to other units, prioritize daily tasks, document actions taken, and the final resolution for tasks completed.
• Provides on-call and/or emergency support, including after-hours as needed.
• Adheres to established service management processes and procedures.
• Performs all other related duties as assigned.

Requirements

• Checkpoint and Cisco ASA firewall administration 5 years minimum
• Citrix Netscaler (Load Balancer) 3 years minimum
• Understanding of current threats and trends in information security.
• Professional oral and written communication skills.
• Must pass required Pennsylvania State Police background check and cannot have any felony offense(es).
• Ability to work remotely/and locally when required.
• Palo Alto VPN is highly desired.