Job description for Network Security System Administrator / System Engineer
XOR is seeking a Network Security System Administrator/Engineer to support a large commercial financial entity Cybersecurity Operations Center (CSOC). The program provides comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise. To support this vital mission, XOR staff are on the forefront of deploying and maintaining IDS, Netflow, network traffic aggregation, full PCAP, UBA, knowledge management, and other systems. The right candidate can come in to take ownership of day-to-day operations, partner with additional teams within the CSOC to protect the brand, data, and IT assets from cyber-based threats by deploying, configuring, managing, and maintaining technologies/infrastructure. Support business strategy by enabling process integration between CSOC applications, as well as other target applications as needed. Serve as technical interface to customers (analysts) for tools in the defense product suite, articulating technology, and product positioning to both business and technical users. Successful candidates will work independently; be self-starting and self-motivated, be accountable and timely in their production and status reporting, and communicate effectively both in writing and when speaking to groups. The candidate will be expected to work to build and maintain relationships within and outside of the CSOC.
***Hours are flexible within core office hours of 7:00 AM to 6:00 PM Eastern
- Deploying and maintaining Cybersecurity related applications and appliances
- Scope and POC new Cybersecurity tools.
- Remediate vulnerabilities on CSOC systems
- Ensure the stability and sustainability of supported platforms by monitoring, maintaining, patching, and administering all aspects of those systems
- Develop and maintain internal engineering documentation (e.g., policies, procedures, project schedules/timelines, etc.)
- Work with CSOC teams to Build/Optimize/Streamline new and existing processes
- Translate customer issues/opportunities into technical solution/business requirements
- On call after hours support
- 3+ years minimum experience as a Network Admin, or similar role required
- 3+ years of cybersecurity engineering or similar role required
- 3+ Experience as a System Admin, or similar role required
- Experience working in an enterprise environment
- Strong knowledge of network, firewall, routing, switching, load balancing, and proxy principles and troubleshooting related issues
- Strong experience Deploying/Managing one or more of the following:
- Network TAPs and Packet Aggregators. (Gigamon preferred)
- Netflow (StealthWatch experience preferred)
- Full Packet Capture (Netwitness preferred)
- IPS/IDS (Firepower preferred)
- Experience using/integrating SIEM technology.
- Ability to read/understand a packet capture.
- Strong understanding and ability to troubleshoot various common Linux operating systems (Centos, Red hat, Ubuntu, Cisco derivative OS’s)
- Experience patching and upgrading Linux based operating systems, packages, and applications
- Familiarization with cybersecurity principles as they apply to hardening enterprise Linux based systems.
- Experience with Ansible
- Basic scripting Python, Bash, or PowerShell to automate routine tasks
- Experience with infrastructure management processes such as change management, problem management, configuration management and project management
- Hands on Experience in Agile methodologies
- Experience using Jira/Confluence
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements – US CITIZENSHIP REQUIRED.
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided