Previous Job
Security consultant
Ref No.: 18-48210
Location: Atlanta, Georgia
Start Date: 09/04/2018
Title: Security Consultant
Location: Atlanta GA

Job Description:
Assist with developing the designs for the Cisco Sourcefire IDS/IPS implementation, with initial deployment using taps (Passive state).
Develop onboarding processes/procedures for the migration of public URL's to Imperva Incapsula.
Configure Tufin to support work flows to assist with rule submission, automated risk determination, etc.
Develop support processes and documentation.
Create standard engineering designs.
Submit tickets, work packages, etc.
Meetings coordination.

The contracted individual would spend 100% of the time doing IDS/IPS work, be 8x5 M-F with an "on-call” after hours during the transition period with the FTE as the devices are going inline. Duties would include: a. 5-10% of time strategic planning with CSCC and Security Architecture b. 30-40% of time integrating into ED&O workflow and model (this would gradually move to more operational functions as we take the appliance from IDS to IPS mode, and as more IPS come under the scope of this role. For example, appliance policy inventory will need to be managed/cleaned/reviewed over time to ensure most efficient appliance loading, including periodic re-visit of the smartest way to achieve desired effect through the Security stack when considering all other options (Router ACL, Firewalls, Endpoint, etc)) c. 10% of time coaching CSCC Security Analysts on Firepower/Snort rules to accomplish desired defensive/alerting posture (less needed in the long run) d. 30-40% of time building internal processes for drafting/testing/deploying policies; this would gradually move to appliance performance monitoring e. 0-5% of time in short-notice meetings/overnight change calls/incident management/bridges f. 5-10% of time interaction with Cisco re: device performance, upgrades to the platform, technical advice, etc g. 0-5% of time consultative with Sec Eng/Sec Ops regarding planned maintenance/changes- new features, operational impact to defensive posture, post upgrade validation, etc