PRIMARY PURPOSE OF POSITION:
Responsible for the maintenance and operation of ICS SOC monitoring tools, servers and appliances. Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware, software, and documentation that are required to effectively manage network defense.
Maintenance of fleet of Red Hat Enterprise Linux (RHEL) servers running on HP hardware, including all OS, application, and hardware maintenance in accordance with NERC CIP v5 standards.
Perform all necessary tasks to maintain adherence to NERC CIP v5 standards, including generation of evidence for password changes, patching, OS and application upgrades; perform regular review of new OS and application patches for applicability to systems and document those reviews according to internal processes and v5 standards; install applicable patches and perform pre-install and post install security control verifications and produce required evidence
Installation, configuration and deployment of RHEL servers according to documentation
Installation, configuration, and maintenance of cyber security applications including Nessus and Splunk.
Create and maintain extensive documentation of system configuration and maintenance procedures including required NERC CIP v5 documentation
Creation of scripts to facilitate server maintenance
Lead projects to further enhance security technologies, practices, processes
Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline and typically 3 to 5 years of solid, diverse experience in cyber security systems operations, or equivalent combination of education and work experience.
3 years of experience as administrator of Linux servers in large enterprise environment
Knowledge of systems administration concepts.
Skill in conducting system/server planning, management, and maintenance.
Skill in correcting physical and technical problems that impact system/server performance.
Familiarity working in restricted network
Experience and capability with one or more scripting languages including perl, python, shell scripting including bash and other shells
Experience with installation, configuration and maintenance of open source software including OpenSSH, OpenSSL, Squid, OpenLDAP
Experience maintaining central authentication infrastructure for Linux fleet including LDAP
Experience managing vendor relationships, obtaining support from vendors
Proven analytical and problem solving skills
Knowledge of systems testing and evaluation methods.
Graduate degree in cyber security or related area of expertise.
Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles to business leaders and technical staff.
Industry certifications including Linux and cyber security certifications
Skill in using security event correlation tools.
Knowledge of system life cycle management principles, including software security and usability.
Demonstrated knowledge of cyber defense policies, procedures, and regulations.
Demonstrated advanced knowledge in the area of Cyber SOC operations; particularly in Cyber Security Systems Engineering
Knowledge of local specialized system requirements (e.g., critical infrastructure systems that may not use standard information technology [IT]) for safety, performance, and reliability.