[Cialug] Job - Security and Linux

[Josh More]

A friend of mine just posted a security position at Oak Ridge National
Laboratory.

This is a good mid-level position for people that want to play with
*nix and get a good reference job for a senior position somewhere.
Remember what we've talked about where these postings are "best case"
and in a lot of situations, they'll pick someone that could grow into
things, if the personality is right.

The URL is here:
https://recruiting.ornl.gov/sap/bc/webdynpro/sap/hrrcf_a_posting_apply?PARAM=cG9zdF9pbnN0X2d1aWQ9MDAxRUM5M0RBRDM2MUVFMThFOTQ4ODhERkI2QkZFQTMmY2FuZF90eXBlPUVYVA%3d%3d&sap-client=010&sap-language=EN&sap-ep-themeroot=%2fsap%2fpublic%2fbc%2fur%2fnw5%2fthemes%2fRecruiting_Version1100#

If you connect to it from Firefox, change your User Agent to IE8 and
the PDF will load just fine.  (Government sites.  *sigh*)

If you apply, mention me and you'll bypass some of the HR annoyances.




Key requirements are:

The successful candidate will have a Bachelor's Degree in Computer
Science or related field and a minimum of 2-4 years of relevant
experience. An equivalent combination of education and experience will
be considered.
Other requirements for the position include:
- Strong understanding of cyber security concepts, best practices, and tools
- Experience hardening UNIX/Linux environments
- Automation experience such as configuration management or scripting
- Solid understanding of networked computing environment concepts
- Ability to communicate effectively and work well in a team environment
- In-depth experience of at least two (2) items in the Preferred
Qualifications list below.

Preferred Qualifications:
Bachelor's Degree in Computer Science or related field and a minimum
of 5-7 years of relevant experience. An equivalent
combination of education and experience will be considered.
- Experience deploying and maintaining UNIX/Linux environments
- Cyber security experience in a US government environment
- Experience with IDS/IPS
- Experience in a high-performance computing environment
- Experience using monitoring software or appliances for cyber security
- Experience using analysis software or appliances for cyber security
- Experience with incident response and engaging in forensics
- Programming and advanced scripting experience
- Experience with automated configuration management tools such as
CFEngine or BCFG2
- Experience in network, application, and/or security architecture and design
- Experience with performance benchmarking
- Familiarity with common protocols such as: DNS, DHCP, LDAP, SNMP,
SMTP, HTTP, SSL
- Ability to perform under pressure and in a fast-paced, dynamic environment
- Experience with writing and implementing security policy
- Experience with risk management
- Strong organization abilities
- Security Certifications (GIAC, CISSP, etc) are a plus



Key duties would be:

Major Duties/Responsibilities
Duties of the position include, but are not limited to:
- Interpreting cyber security policy
- Performing assessments and verifying cyber security policy
- Analyzing, triaging, and responding to system and network events
- Installing, maintaining, and monitoring IDS/IPS
- Configuring firewalls
- Generating cyber security operational summaries and reports
- Performing host and network forensics
- Configuring and maintaining event correlation and reduction tools
- Automating cyber security tasks
- Developing and porting cyber security utilities
- Scanning networks for vulnerabilities
- Responding to system vulnerabilities and coordinating system updates
- Performing approved penetration testing and verification
- Documenting cyber security procedures
- Participating in a 24-hour, 7-day on-call incident response rotation