Esta vaga fora do Brasil, menciona que o profissional deve ter no mínimo 3 anos em Segurança, mas creio o que background deve ser de uns 10 anos ou mais para dominar toda essa informação ou ter oportunidades de contato com essas tecnologias de forma focada e dedicada, que também dá, se não tiver muitas interrupções. Fora que o profissional provavelmente ter que ser um pouco”Workaholic“. Outro detalhe, que no Brasil em algumas empresas há profissionais que já trabalham nesse ritmo desta vaga, com a posição da função como “Pleno” ou “Senior” e no caso da vaga, é para “Engenheiro”.
Network Security Engineer (140-12)
Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. May respond to computer security breaches and viruses.
Research into the latest in security engineering hardware and software such as latest IDS/IPS, IOS, firewalls, virus detection, scanning tools, etc. to continuously improve network security and address new and evolving threats
Secure disposal of the security/network appliances
Incident responses as required
Vulnerability mitigation as required
Anti-virus signatures and maintenance
Backup-up of security devices
Administer network and computing devices/systems that enforce security policies and audit controls in Windows environment
Formulate security architecture recommendations and design security services
Implement technical solutions to contractual requirements supporting FISMA,
Assist in responses to external audits, penetration tests and vulnerability assessments
Recommend and coordinate the application of fixes, patches, disaster recovery procedures in the event of a security breach
Research emerging technologies in support of security enhancement and development efforts
Conduct risk assessments, penetration tests and diagnose internet/extranet security, intrusion attempts, and cyber-crime response
Perform project leadership tasks on select security projects
Solid familiarity with application and network security.
Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, and data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, security incident response, Identity Management (IdM)
Proven project management and organizational skills, specifically managing multiple concurrent projects
Excellent analytical, problem solving and decision making skills, applied with a solution-focused attitude
Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy
Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism
Excellent teamwork skills
Familiar with Cisco ASA 5500 series firewalls, Fortinet Fortigate, Palo Alto, Trustwave Web Defend
Nessus scanner for vulnerability assessment
Three (3) years in a system administration (e.g., Network, Windows) role.
Five or more years’ experience in IT security
Experience in working with compliance and regulatory program requirements.
Experience analyzing network, event and security logs, and/or IDS alert logs.
Current security clearance a big plus
Past experience working in Federal IT security environment