9131 - Palo Alto Security Technical LeadManager

Job Posting Title: Palo Alto Security Technical Lead/Manager

Clearance: Top Secret Tier 5(T5)Single Scope Background Investigation (SSBI)

Start Date: Contingent upon contract award

IndraSoft Inc. is seeking a highly qualified Senior to SME level Security Engineer with an active Top Secret clearance to support our DoD client located in Seaside CA. The selected highly motivated candidate will implement configure manage and monitor IDS/IPS solutions for a geographically dispersed highavailability enterprise. The successful candidate will leverage demonstrated experience in network engineering threat management and vulnerability management coupled with proven subject matter expertise in Palo Alto and Cisco suites of products to support DoD cybersecurity requirements and objectives.

Qualifications Required:

• Must be a US citizen possess a DoD Top Secret clearance: Minimum vetting Tier 5(T5)Single Scope Background Investigation (SSBI)

• Active DoD 8570 IAT Level 3 certification for compliance including at least one of the following certifications in good standing: CASP CE CCNP Security CISA CISSP (or Associate) GCED GCIH

• Computing Environment Certification

• Bachelors degree and 10 years of Information Technology or Cybersecurity related experience

• 5 years of experience with operations and management of Palo Alto Hardware and products to include Next generation Firewalls Panorama SSL Decrypt Threat Prevention URL Filter and Wildfire

• Ability to communicate effectively with government and contract leadership while conveying highly technical concepts to both technical and nontechnical stakeholders
• Capacity to thrive in a complex fast paced environment with competing demands while delivering consistent highquality commitment to missioncritical systems and solutions
• Excellent analytic skills including qualitative and quantitative data analysis to support and defend datadriven decisionmaking regarding system threats vulnerabilities and risk
• Knowledge of DoD cybersecurity policies practices and requirements

Desired Qualifications:

• Experience in an enterprise environment 1500 servers plus 2500 workstations)
• Experience configuring disaster recovery (DR) environments
• Experience with Cisco routers/switches and Palo Alto firewall solutions including the integration of Active Directory with Palo Alto
• IT/Network monitoring and modeling experience preferably utilizing SolarWinds and RedSeal
• Knowledge of F5 local traffic manager (LTM) and Web Application Firewall (WAF)

Job Description:

The successful candidate will be responsible for deploying configuring and monitoring Palo Alto solutions across the enterprise both on premise and cloud environments including oversight of the Palo Alto Panorama solution and integration with existing infrastructure and security controls. Once operational be responsible for the daytoday analysis engineering and maintenance of the IPS/IDS solution both onsite and in the cloud.

Key Responsibilities:

• Serve as the Technical Lead for IPS/IDS Proxy Break and Inspect products/systems
• Serve as a Line Manager for staff supporting cybersecurity network activities (RedSeal IDS/IPS) ranging from a staff of 1 to 5 staff members over the life of the contract
• Lead and manage the deployment design and day to day system administration and analyst functions for both DMDC & DHRA on premise and cloud infrastructures
• Build and configure IPS/IDS break and inspect devices according to DISA STIGs and Security Requirements Guides (SRG)
• Work with the Network Team to implement configure and troubleshoot Palo Alto firewall solutions
• Implement Palo Alto Firewall features such as URL filtering UserID AppID ContentID on both inbound and outbound traffic
• Facilitate the implementation of SSL decryption (break and inspect) for full visibility of network traffic
• Create correlation policies customized rules responses and violations based on threats.
• Configure the system to a series of responses to a policy violation
• Perform event analysis to reduce false positive alerts and optimize the performance and effectiveness of IPS to protect network assets by tuning the decoders preprocessors and rules to optimize the performance and effectiveness.
• Automate responses and reporting
• Ensure system backup and restore procedures are in place and operating
• Troubleshoot any connectivity or operational issues
• Access
  • Manage access control lists and audit logs settings dashboard settings and database event limits
  • Configure and create access control policy. Configure what network traffic to pass through the appliances and what type of detection to perform on the traffic
  • Manage user accounts and roles
  • Identify users and hosts that should be removed from the network
• Metrics/Reporting
  • Create dashboards to monitor significant events traffic and data collection
  • Provide weekly Scanning and Monitoring reports
  • Create IDS/IPS metrics detailing security posture
  • Create and maintain the IDS/IPS Break and Inspect topology diagram
  • Create weekly monthly and inprogress review presentations as needed
• Create and maintain Standard Operating Procedures (SOP)
• Provide direct support for ports protocols and services management (PPSM)
• Support other cybersecurity objectives as required including patch and vulnerability management network monitoring intrusion detection intrusion prevention and log analysis
• Facilitate vendor support as needed

Physical Demands:

While performing duties of the job the successful candidate will be exposed to normal demands of an office environmentincluding:

Sitting and working on a computer for long continuous periods each day; effective communications by telephone email and facetoface; standing walking and sitting; handling and feeling objects or controls; reaching; talking and hearing; lifting and/or moving up to 20 pounds; and specific vision abilities including close vision distance vision color vision peripheral vision depth perception and the ability to adjust and focus.

Work Environment:The noise level in the work environment is usually moderate.