The Network Security Engineer II - Identity Access Management provides support to the Department of Health and Human Services, Indian Health Service (IHS). This position manages, supports, and optimizes an Active Directory and ensures the integrity and availability of Identity Access Management (IAM) systems, authentication, authorization, and LDAP-related services. The Identity Access Management Specialist also supports the end-user authentication experience across the IT environment and provides implementation support, ongoing management and optimization of an SSO platform.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Essential duties and responsibilities include the following. Other duties may be assigned.
Responsible for the integration of CNI Core Competencies into daily functions, including: commitment to integrity, knowledge / quality of work, supporting financial goals of the company, initiative / motivation, cooperation / relationships, problem analysis / discretion, accomplishing goals through organization, positive oral / written communication skills, leadership abilities, commitment to Affirmative Action, reliability / dependability, flexibility and ownership / accountability of actions taken.
Uses knowledge of Cisco ASA and PaloAlto 5000-Series Firewall.
Runs periodic vulnerabilities scans on Tenable Security Center in accordance with implemented organizational policy. Reports findings in accordance with established procedures.
Monitors vulnerability and threat reporting services for alerts and notifications affecting agencies systems.
Maintains a comprehensive database consisting of required information regarding all IHS systems. Uses database information to selectively notify appropriate personnel of vulnerabilities or threats and provide them with recommended mitigation actions appropriate to the affected system.
Maintains a strategy for the identification of all network devices. Tests all network resources to verify they are up-to-date with appropriate firmware, patches, and hotfix levels.
Assist A&E in maintaining up-to-date configuration guidelines.
Maintains up-to-date signature levels and reports anomalies as required by agency security.
Provides coverage for the Agency Security “hotline” which, when established, will provide agency users the ability to contact security staff about suspected security problems.
Tracks and responds to reports in an industry standard manner and within targets established by HHS.
Reviews information security clearing-houses and cooperative network security communities for latest security trends and threats.
Produces signatures and implementable reports for use in detection tools based on possible threats. Provides information which will be used to notify appropriate Agency’s personnel and provide recommendations.
Monitors appropriate antivirus vendors for software and signature updates.
Research’s, analyzes and provides recommendations on security products, applications, protocols, systems, processes, new technologies, standards, guidelines, industry best practices and other available information related to information security in a health care related industry.
Responsible for aiding in own self-development by being available and receptive to all training made available by the company.
Plans daily activities within the guidelines of company policy, job description and supervisor’s instruction in such a way as to maximize personal output.
Responsible for keeping own immediate work area in a neat and orderly condition to ensure safety of self and coworkers. Will report any unsafe conditions and/or practices to the appropriate supervisor and human resources. Will immediately correct any unsafe conditions to the best of own ability.
EDUCATION / EXPERIENCE
Bachelor’s degree and a minimum of five (5) years relevant experience, or equivalent combination of education / experience. Previous experience learning and using network security products.
CERTIFICATES / LICENSES / REGISTRATION
Possesses a government security clearance or has the ability to obtain a government security clearance.
Intermediate Network and security certification preferred (Cisco CCNA/CCNP, Splunk> 6x. User / Power User, CompTIA Network+/ Security+/ Linux+, Microsoft MCSE, etc.)
JOB SPECIFIC KNOWLEDGE / SKILLS / ABILITIES
Working knowledge in network security L1, L2, L3, L4 and L7 troubleshooting support, with ability to stay abreast of developments
Intermediate knowledge of Splunk> 7.1
Skilled proficiency and working knowledge related to WAN Routing and Switching: EIGRP, OSPF, RIP, BGP, route redistribution, IP Routing, HDLC, VPN, PPP, Multilink, QoS, VLAN, VTP, STP, Ether channel, HSRP, ACL, NAT, 802.1x, Port Security
Operational knowledge and understanding of TCP/IP, network protocols, firewall theory, and packet analysis, principles and techniques applied in securing operating systems and LAN/WAN networks, standard and nonstandard port use and overt channel connectivity
Understanding of enterprise network security technologies such as encryption, VPN, firewalls, access control, and remote access
Excellent written and verbal communications skills
Ability to prepare quality reports, presentations, summaries and analyses
Ability to read, analyze, develop and interpret common information systems security documents
Excellent customer service and collaboration skills with ability to effectively interact and communicate with all levels of authority
Detail-oriented with proven analytical and problem-solving skills
Ability to calculate figures and amounts such as discounts, interest, commissions, proportions, percentages, area, circumference and volume. Ability to apply concepts of basic algebra and geometry.
Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions in mathematical or diagram form and deal with several abstract and concrete variables.
Ability to read, analyze and interpret common scientific and technical journals, financial reports, and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to write speeches and articles for publication that conform to prescribed style and format. Ability to effectively present information to top management, public groups, and/or boards of directors.