Brooksource is searching for an Associate Network Security Engineer for one of our leading healthcare partners located in Indian Land, SC for a 12-month contract. This is the ideal opportunity for a candidate with 1-3 years of networking and firewall experience to quickly make a tangible impact on an enterprise network and firewall refresh initiative.
The Network Security Engineer is responsible for managing technical security solutions to ensure the security and resilience of systems and assets, consistent with related policies, standards, and procedures. The Network Security Engineer implements the appropriate technical safeguards to ensure the delivery of critical infrastructure services. To achieve this goal, the Network Security Engineer tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware, software, and documentation required to effectively manage cybersecurity resources utilized to achieve information security architecture goals.
1. Process: Configure, implement, administer, operate, and maintain network security tools within scope of responsibility (i.e.; firewall, data loss prevention, VPN concentrator, DDOS prevention, etc.). Gather threat and vulnerability information from information sharing forums and sources. Provide key management for data security (encryption) activities. Implement protections against data leaks. Use integrity checking mechanisms to verify software, firmware, and information integrity. Implement tasks under the enterprise vulnerability management plan. Provide technical assistance to business/process owner implementing audit log records to meet security objectives. Provide technical assistance to the configuration of information system implementation of the principle of least functionality. Protect communications and control networks. Establish and manage a baseline of network operations and expected data flows for users and systems. Aid with the establishment of incident alert thresholds. Assist in identifying, prioritizing, and coordinating the protection of critical infrastructure and key resources. Occasional after hours and weekend work required.
2. Collaboration: Coordinate with network engineers to assist with the management of operational tools with secondary cybersecurity functions (i.e.; network access control, wireless control, etc.).
3. Test: Test and evaluate new rules/signatures, access controls, and configurations of platforms managed by service provider(s). Assist with the identification and documentation of asset vulnerabilities.
4. Communication: Share effectiveness of protection technologies with appropriate parties. Aid information system owners with the mitigation of vulnerabilities and incidents. Identify potential conflicts with implementation of cybersecurity tools within the enterprise information system architecture and information security architecture.
– Education: Associates or Bachelor’s
– Experience: Minimum one-year proven information security experience
– Licenses/certifications/registration: Microsoft Technology Associate – Security Fundamentals, CompTIA Healthcare IT Technician, SSCP, CompTIA Security+, CCNA-Security, Palo Alto ACE or equivalent
o One or more additional professional security or technology specific certifications. ITIL Foundation
– Basic requirements:
o Basic knowledge of how traffic flows across the network (e.g., Transmission Control Protocol and Internet Protocol [TCP/IP]) and how it flows in the Open System Interconnection (OSI) model stack.
o Basic knowledge of network protocols (e.g., Transmission Critical Protocol/Internet Protocol [TCP/IP], Dynamic Host Configuration Protocol [DHCP]), and directory services (e.g., Domain Name System [DNS]).
o Intermediate knowledge of network access control mechanisms (e.g., access control list).
o Basic knowledge of Intrusion Detection System (IDS) tools and applications.
o Basic knowledge of incident response and handling methodologies.
o Intermediate knowledge of information assurance (IA) principles and organizational requirements to protect confidentiality, integrity, availability, authenticity, and non-repudiation of information and data.
o Basic knowledge of network traffic analysis methods. Basic knowledge of packet-level analysis.
o Basic knowledge of the types of Intrusion Detection System (IDS) hardware and software.
o Basic knowledge of Virtual Private Network (VPN) security.
o Intermediate knowledge of what constitutes a network attack and the relationship to both threats and vulnerabilities.
o Basic knowledge of web filtering technologies.
o Basic skill in applying host/network access controls (e.g., access control list). Basic skill in tuning sensors.
o Basic skill in using incident handling methodologies.
o Basic skill in using Virtual Private Network (VPN) devices and encryption.
o Basic skill in securing network communications.
o Basic skill in protecting a network against malware.
o Basic knowledge of cyber defense policies, procedures, and regulations.
o Basic knowledge of processes for reporting network security related incidents.
o Basic knowledge of wireless transmission technologies (e.g., Bluetooth, Near Field [NFC] Radio Frequency Identification [RFID], Infrared Networking [IR], Wireless Fidelity [Wi-Fi]. paging, cellular, satellite).
o Basic knowledge of information security architecture principles. Basic knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth). Basic knowledge of network systems management principles, models, methods (e.g.; performance monitoring), and tools. Intermediate interpersonal communication skill, both written and oral, with the ability to communicate effectively to technical and non-technical audiences.
o Basic technical writing skill.
o Basic skill with MS Office suite of tools and SharePoint. Intermediate attention to detail and organization skills. Intermediate analysis and critical thinking skills.
o Ability to develop productive working relationships with business and technical groups. Ability to effectively prioritize multiple responsibilities. Ability to take direction. Ability to work as a member of a team. Ability to embody the poise, presence, and personal integrity expected of an industry professional. Ability to eagerly to seize responsibility, ownership, and initiative for assigned tasks. Ability to drive/travel to multiple locations/facilities as needed.
– Additional requirements:
o Basic knowledge of risk management processes. Basic knowledge of information security regulations. Basic knowledge of penetration testing methods (i.e.; black-box, white-box). Basic knowledge of systems testing and evaluation methods (i.e.; unit testing, integration testing, regression testing). Basic knowledge of interpreted and compiled computer languages. Basic knowledge of fault tolerance.
o Basic knowledge of information theory. Basic knowledge of information technology (IT) supply chain security/risk management policies, requirements, and procedures.
o Basic knowledge of data backup, types of backups (e.g., full, incremental), and recovery concepts and tools. Basic knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Brooksource provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, national origin, age, sex, citizenship, disability, genetic information, gender, sexual orientation, gender identity, marital status, amnesty or status as a covered veteran in accordance with applicable federal, state, and local laws.