Work with existing CSOC to deploy and maintain systems, including and not limited to

  • IDS
  • Netflow
  • Network traffic aggregation
  • full PCAP
  • UBA
  • Knowledge management
  • Job role includes and not limited to on-call support and gen sys admin

Position description

We are looking for a Sr level Systems Administrator/Engineer that can come in to take ownership of day-to-day operations.

You will partner with additional teams within Navy Federal Credit Union to protect the Navy Federal brand, data, and IT assets from cyber-based threats by deploying, configuring, managing, and maintaining technologies/infrastructure in support our Cybersecurity Operations Center (CSOC) and its associated programs.

You will support business strategy by enabling process integration between CSOC applications, as well as other target applications as needed. You will serve as technical interface to customers (analysts) for tools in the Navy Federal Cyber Defense product suite, articulating technology, and product positioning to both business and technical users.

Successful candidates will work independently; must be self-starting self-motivated individual, be accountable and timely in their production and status reporting and communicate effectively both in writing and when speaking to groups. You will be expected to work to build and maintain relationships within and outside of the CSOC and all team members share that duty.

Responsibilities include but are not limited to:

  • Deploying and maintaining Cybersecurity related applications and appliances
  • Scope and POC new Cybersecurity tools.
  • Remediate vulnerabilities on CSOC systems
  • Ensure the stability and sustainability of supported platforms by monitoring, maintaining, patching, and administering all aspects of those systems
  • Develop and maintain internal engineering documentation (e.g., policies, procedures, project schedules/timelines, etc.)
  • Work with CSOC teams to Build/Optimize/Streamline new and existing processes
  • Translate customer issues/opportunities into technical solution/business requirements
  • On call after hours support

Experience, Skills and Requirements we are looking for:

  • 3+ years minimum experience as a Network Admin, or similar role required
  • 3+ years of cybersecurity engineering or similar role required
  • 3+ Experience as a System Admin, or similar role required
  • Experience working in an enterprise environment
  • Strong knowledge of network, firewall, routing, switching, load balancing, and proxy principles and troubleshooting related issues
  • Strong experience Deploying/Managing one or more of the following:
  • Network TAPs and Packet Aggregators. (Gigamon preferred)
  • Netflow (StealthWatch experience preferred)
  • Full Packet Capture (Netwitness preferred)
  • IPS/IDS (Firepower preferred)
  • Experience using/integrating SIEM technology.
  • Ability to read/understand a packet capture.
  • Strong understanding and ability to troubleshoot various common Linux operating systems (Centos, Red hat, Ubuntu, Cisco derivative OS’s)
  • Experience patching and upgrading Linux based operating systems, packages, and applications
  • Familiarization with cybersecurity principles as they apply to hardening enterprise Linux based systems.

Experience, Skills Nice to have:

  • Experience with Ansible
  • Basic scripting Python, Bash, or PowerShell to automate routine tasks
  • Experience with infrastructure management processes such as change management, problem management, configuration management and project management
  • Hands on Experience in Agile methodologies
  • Experience using Jira/Confluence