Position: Security Engineer
Agency: The County of San Mateo
Period of performance: 1 year
Place of Performance: Information Services Department 455 County Center, 3rd Floor Redwood City, CA 94063
Job Description:
Implements and manages a variety of edge and internal protective systems and platforms.
Interrogates indicators of threat or compromise and takes action to ensure the threat or compromise is mitigated or eliminated.Utilizes current threat intel to tune protective platforms to proactively block or mitigate new and existing areas of possible compromise.Audits existing systems to ensure optimal configurations based on operational requirements and security best practice.Actively participates in event and incident response processes.Upgrades security platforms as needed using a process designed to limit operational impact.Responds and investigates platform generated alerts and suggests modifications to platform configurations to ensure optimal protections.Fields requests for application and network design pertaining to firewall configurations, platform or application logical or physical placement, and develops implementation strategy based on best practice and technical limitations of the enterprise/cloud environment; while adhering to least privilege concepts.Generates reports and documents intended to identify an issue and clearly communicate strategies to mitigate identified vulnerabilities and risks.Required Technical Skills: 10-15 years: Firewall installation, configuration and management, setting up and managing firewall-based tunnels (IPsec), management of VPN concentrators, Intrusion detection (IDS) platform management and tuning, Security and information event management (SIEM) system setup and configuration, Intrusion prevention (IPS) management and tuning, virtual firewall implementation, configuration and management.5-10 years: Cloud security platforms and integration with enterprise level environments, DNS management, DHCP, macro/micro segmentation (SDWAN), Syslog services management and interrogation, access rights management (ARM), orchestration platforms (SOAR), web application firewalls (WAF), cloud-based web reputation services (Umbrella/Zscaler), understanding of application interaction and best practice security design based on least privilege.2-5 years: Exposure to various infrastructure environments such as wireless, NAC (802.1x), VoIP/SIP, incident response platforms, and services.General Soft Skills: 10-15 years: Executive Reporting, Stakeholder/Vendor Management, Conflict Management, Ambiguity Management, Team Leading & Motivating.5-10 years: Executive Reporting, Stakeholder Management, Conflict Management, Team Leading & Collaboration.2-5 years: Customer satisfaction, communication, teamwork.-Palo Alto Certified.
#J-18808-Ljbffr