United States onlyQualifications:
- Bachelor’s degree in Cybersecurity, Information Technology, or related field.
- 5+ years of experience in network security engineering or SOC operations.
- Hands-on experience with firewalls (e.g., Palo Alto), IDS/IPS, and WAF technologies.
- Experience monitoring and responding to network-based security threats.
- Working knowledge of NIST 800-53, NIST 800-61, and Zero Trust principles.
- Ability to meet on-call response SLAs and federal background investigation requirements.
- CISSP, GCIA, or GCIH preferred
- Monitor HRSA networks for intrusions, anomalies, and threats using approved SOC tools.
- Administer and maintain SOC firewalls, IDS/IPS, and network security technologies.
- Monitor firewall health daily and coordinate issue resolution with SOC and Network Operations.
- Review and tune Vulnerability Protection, Spyware Protection, and Anti-Virus profiles regularly.
- Investigate triggered signatures and indicators of compromise (IOCs) within SLA timeframes.
- Develop, deploy, tune, and maintain network-based IOCs to reduce false positives.
- Generate ad-hoc network security reports for SOC analysts and DCSP leadership.
- Support Zero Trust Network Architecture initiatives including micro-segmentation and SDP.
- Adjust cloud WAF configurations based on monitoring, trends, and threat intelligence.
- Perform tool upgrades, patches, and lifecycle maintenance following HRSA change management.
- Develop SOPs, workflows, and automation to improve network security operations.
- Participate in on-call rotation and respond to network security incidents and outages
