DBCP / Proxy combined - Cyber Technical Principal Associate

Ampcus Inc. is a certified global provider of a broad range of Technology and Business consulting services. We are in search of a highly motivated candidate to join our talented Team.

Job Title: DBCP / Proxy combined - Cyber Technical Principal Associate

Location(s): Mclean, VA/ Richmond, VA/ Plano, TX

• Ensure policy and configuration changes to network security platforms (initially internet proxy and firewalls) are aligned with enterprise standards, have adequate business justification, and doesn't cause unmitigated risks or vulnerabilities before being deployed.
• Work with internet proxy platforms. Identify risk categories and threat level for internet access being requested.
• Maintain proxy policies such as incorporating updates as new categories or threat levels are identified, extend policies as requests are implemented, and performing periodic reviews to ensure policies are not exposing client to unmitigated risk such as data loss.
• Work with IP address management, exception management, document repository, intranet sites, Microsoft Excel, Google Sheets, and other tools fluidly and efficiently.
• Verify connection request details against systems of record to ensure they are accurately populated, work with the customer to correct of necessary.
• Respond to customer requests for information or help in a timely manner, meet customer response time SLAs.
• Work with customers as needed to resolve technical issues and provide guidance for how to proceed with a connection request.
• Work with proxy, network, and firewall engineering teams to resolve technical issues and develop solutions for new use cases or connection patterns.
• Support exception remediation activities.
• Follow documented processes and procedures for processing requests and interacting with customers *nix & Zeek.

• 4+ years running Zeek in an Enterprise environment.
• 2+ Administration on High Speed network capture cards on Linux.
• 2+ Linux Administration.
• Understanding of MITRE Telecommunication&CK framework.
• 2+ years writing Python.
• 3+ using Docker.
• 3+ writing Ansible playbooks.
• 2+ years working with networking concepts including HTTPS, TLS, CIDR notation, RFC 1918 address space.
• 2+ years of experience with internet proxy platforms such as Broadcom / Symantec and Sophos.
• 2+ years of experience with firewall platforms such as Checkpoint and Palo Alto.
• 1+ years of experience with cloud-based network security services such as AWS Security Groups, AWS VPC, Azure Network Security Groups, Azure VNET.
• 1+ years of experience with firewall audit and compliance tools such as Tufin.
• Professional certifications (AWS Certified Solutions Architect and Certified Information. Systems Security Professional (CISSP), CompTIA Security +, ISACA CISM).
• 5+ years running Zeek in an Enterprise environment.
• 4+ Linux Administration.
• 2+ Tuning of high speed network capture cards on Linux.
• 2+ years working within MITRE Telecommunication&CK framework.
• 4+ years using Ansible, Python, Docker, GIT.
• 4+ years of experience with full stack development in the following programs: Kafka, Suricata, Kibana, Logstash, Elastic Search, Terraform, Artifactory, and/or GitLab.
• Network engineering, AWS Cloud, agile software development, agile methodologies.

• High School Diploma, GED, or equivalent certification.
• At least 2 years of experience in cybersecurity supporting operation network security platforms such as internet proxy or network firewall.
• At least 2 years of experience in a technical role performing ITIL processes such as configuration management, asset management, problem management, or change management.
• 4+ years running Zeek in an Enterprise environment.

Ampcus is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identify, national origin, age, protected veterans or individuals with disabilities.