IT Security Operations, Level 3 Analyst

Responsibilities
Level 3 operational support for Network Security Products & Services
(Firewalls, Anti-Spam technologies, Intrusion Detection Systems, E-mail, DNS,
Web Application Security and Data Leakage Prevention, Network Access
Control, etc.)
Deployment and Administration of network security systems (Juniper
Firewalls, Cisco ISE, M86, FireEye, BlueCoat Proxy, Lancope, etc.)
Security policy administration
Systems, network and application troubleshooting
The non-technical aspects of the position include:
Coordinating and leading the response to technology problems
Customer service. Including off hour coverage via cell phone/pager (oncall
system, ~every 8 weeks)
Creation/supplementation of Operational Runbooks
Aligning global strategies with regional needs and demands
Training teammates
Interacting with service members of the networking, e-business, UNIX, and
PC groups in four major metropolitan regions across the globe.
Three to five years of network administration experience in an environment
of more than 100 servers, more than 100 users and more than 1 operating
system (i.e. Solaris and Linux, Solaris and Windows, Linux and Windows or
other combinations); preferably in the Financial Services sector.
Qualifications
Technical skills
Strong knowledge and experience with network security (e.g., configuring
firewalls, deploying and management of antimalware systems and related
network security monitoring & management platforms like Lancope, RedSeal,
Tufin.
Good knowledge and experience with firewall management enterprise suites
e.g. Juniper NSM, Juniper SPACE e.g. manage 400+ firewalls.
Good knowledge of packet filtering, stateful packet inspection and the
differences between them
Good knowledge of fundamental networking/distributed computing
environment concepts; routing, switching, VLANs, VPNS, NIS, NFS.
Intermediate to advanced understanding of packet capture and analysis
using snoop, tcpdump and Ethereal or similar tools.

Experience with host security (e.g., passwords, uids/gids, SIDs, file

permissions, ACLs, filesystem integrity, use of security packages, IPTables).
Experience with Unix/Linux system administration tasks.
Familiarity with incident response techniques, intrusion prevention systems,
information security methodologies, authentication protocols and different IT
Security threat mechanisms.
Soft skills
Active interest in IT Security and general knowledge of Information Security
Excellent written and oral communication skills. Fluent English is required
Strong interpersonal and communication skills; capable of writing
documentation, training users in complex topics, making presentations to an
internal audience, and interacting positively with upper management,
colleagues and customers.
Independent problem-solving, highly motivated and self-directing
Comfortable working in an operations and support team with heavy end user
interaction
Ability to handle constantly changing flow of traffic; remain productive during
slow times, be able to multitask effectively during busy times, exercise
patience and professionalism during stressful situations.
Desired Skills
Having skills and experience in the areas below is a major plus and will help
the candidate integrate with the team and environment
Experience with any of the following firewall platforms: Juniper Netscreen &
SRX, Palo Alto.
Experience with network security risk and compliance tools like RedSeal,
Tufin, Skybox.
Experience with NBAD (Network Behavior Anomaly Detection) tools like
Lancope.
Understanding of routing protocols (BGP, OSPF, RIP, etc)
Experience with any of the following Internet services: BIND DNS, Sendmail,
Postfix
Experience with any of the following load balancing devices: F5 BIG-IP, A10
Experience with any of the following systems management and monitoring:
Micromuse Netcool, Empire Sysedge, SNMP
Experience deploying IPSec or SSL VPNs
Experience using intrusion detection software.
Experience with network security risk and compliance tools like RedSeal,
Tufin, Skybox.
Experience with OpenSSL and/or the SSL/TLS protocol
Experience with the Symantec DLP (data leakage prevention) products
Experience with NBAD (Network Behavior Anomaly Detection).

Knowledge or Sharepoint or other project tracking technologies

Experience in customer support and experience in interacting with business

Level 3 Authentication Security Operations Administrator

This is an opportunity for a highly motivated individual to join a high energy
team of security administrators responsible for managing Morgan Stanley-s
global security infrastructure
The diversity of products & technologies under management, ranging from
entitlement/authentication to identity management systems provides for a
learning experience that will satisfy even the ones the most eager to learn.
The position is fast paced, dynamic, challenging and the varied combination
of technical skills and soft skills allows for the development of a well-rounded
individual
The technical aspects of the position include:
- Third level of operational support and administration for IT Security core
infrastructure products & services like Kerberos, Radius, RSA SecurID, etc.
- UNIX/Linux system administration
- Systems, network and application troubleshooting
- Security policy administration
- Development of intermediate to advanced script tools (Perl and shell) for
managing, analyzing and reporting on the security infrastructure.
The non-technical aspects of the position include:
- Coordinating and leading the response of technology related problems and
incidents.
- Customer service. Including off hour coverage via cell phone/pager (oncall
system, ~every 8-9 weeks)
- Creation/supplementation of Operational Runbooks
- Aligning global strategies with regional needs and demands
- Training teammates
- Interacting with service members of the networking, e-business, UNIX, and
PC groups in four major metropolitan regions across the globe.
Qualifications
Technical Skills:
- Comfortable with most aspects of operating system administration; e.g.
system installation and configuration, managing user accounts, managing
filesystems, syslog management, system security fundamental and
performance analysis.
- Has a solid understanding of a UNIX-based operating system; understands
paging and swapping, inter-process communication, devices and what device
drivers do, filesystem concepts (inode, clustering, logical partitions).

- Experience with host security (e.g., passwords, uids/gids, SIDs, file

permissions, ACLs, filesystem integrity, use of security packages).
- Good knowledge of fundamental networking and distributed computing
environment concepts; routing, switching, VLANs, VPN, DNS, NIS, NFS;
- Experience with network security (e.g. deploying and supporting
authentication systems- Kerberos, or applying cryptography to network
applications).
- Understands packet filtering and stateful packet inspection and the
differences between them
- Intermediate to advanced understanding of packet capture and analysis
using snoop, tcpdump and Ethereal or similar tools
- Ability to write/debug administrative and reporting tools in some
programming language (Perl/Shell or Python desired; Java, C++, Ruby or
other experience acceptable).
- Understanding of database structure and queries.
Soft Skills:
- Active interest in IT Security and general knowledge of Information Security
- Excellent written and oral communication skills. Fluent English is required
- Strong interpersonal and communication skills; capable of writing
documentation, training users in complex topics, making presentations to an
internal audience, and interacting positively with upper management,
colleagues and customers.
- Independent problem-solving, highly motivated and self-directing
- Comfortable working in an operations and support team with heavy end
user interaction
- Ability to handle constantly changing flow of traffic; remain productive
during slow times, be able to multitask effectively during busy times,
exercise patience and professionalism during stressful situations.
Having skills and experience in the areas below is a major plus and will help
the candidate integrate with the team and environment.
- Advanced experience with MIT Kerberos, RSA SecurID and RADIUS
- Experience with any of the following systems management and monitoring:
Micromuse Netcool; Computer Associates Spectrum; Empire Sysedge; SNMP
- Experience with log management and log correlation products.
- Experience in customer support and experience in interacting with business
units.
- Five to Eight years of UNIX system administration experience in an
environment of more than 100 servers, more than 100 users and more than
1 operating system (i.e. Solaris and Linux, Solaris and Windows, Linux and
Windows or other combinations); preferably in the Financial Services sector.

Platform Security Operations Senior Windows L3 Analyst

The Senior Windows Level 3 (L3) analyst required to work in the L3 Platform
Security Operations team, providing highest level of security consultancy and
operational support of platform security infrastructure components. The role
is based around operational stability and development of a large global
environment of 10K+ Microsoft Windows servers and 85K+ Microsoft XP/Win7
Desktops. The role will focus on the security products and tooling utilized to
manage the platform. The role is suited to an experienced Windows Systems
Administrator or Platform Engineer with a proven understanding in enterprise
platform security. An additional key component of this role is project based,
with numerous activities to expand and enhance the services provided within
the environment.
The Platform Security Operations group provides a stable, yet agile and
dynamic infrastructure platform to support the business functional
requirements whilst managing associated risks. The role in question
concentrates on the provisioning of security tools and services to internal
client groups. Tool development experience is essential to assist the global
teams in developing and deploying technology solutions to automate tasks
Qualifications
Responsibilities:
The candidate must demonstrate strong technical qualities - preferably in a
global environment, ideally within the finance industry.
- Analysis and development of platform security initiatives
- Provide consultancy services to other IT Security teams
- Provide architecture assurance on security platform initiatives
- Maintain security infrastructure, providing stability by following and using
the tools, policies, processes and procedures available
- Provide a secure environment, managing and mitigating risks
- Provide reporting and metrics
- Resolve Incidents impacting hosts or environment
- Create, review, maintain and update documentation including Documenting
& Publishing fixes in central knowledge base
- Work with global colleagues to provide globally consistent processes and
procedures and provide innovative ideas
- Undertake problem ownership
- Investigate & Troubleshoot root causes when escalated from
- Escalate and liaise with additional internal/external groups when required,
resulting in satisfactory resolution
- Active participation within and amongst teams and colleagues, providing
constructive feedback when necessary

- Regularly re-evaluate processes and procedures and Instigate service

improvement initiatives
- Identify areas for automation and scripting wherever possible
- Maximize the use of existing resources, skills and technologies for the
greatest benefit
- Responsibility for the planning and controlled execution of releases into the
managed environment
- Input into Business Continuity Planning and Practices
Required Skills:
- Interpersonal Skills - Communication, flexibility, self-driven, team player
- Project Management Skills
- Scripting and Development Skills (Powershell, VBscript, c#)
- Windows Operating Systems (up to and including debugging)
- Microsoft Active Directory, LDAP, Group Policy
- DNS / WINS
- General networking (Firewalls, Routing, NAT, OSI Model, packet trace and
analysis, etc.)
- MSCS Clustering and/or Symantec SFW/VCS
- Microsoft Internet Information Services (IIS)
- Hardware Vendor software & toolsets (HP/Dell/IBM)
++ At least one of the following:
- Archer
- Avecto
- Microsoft Certificate Services and Public Key Infrastructure (PKI)
- Symantec CSP
- Symantec DLP Endpoint
- Hitachi Privileged Password Manager
- Symantec Endpoint Encryption
- Symantec Endpoint Protection
- Varonis Data Privilege
- Mandiant
Desired Skills:
- Platform build tools (for example, Altiris, Bladelogic, etc)
- Basic web development skills (HTML, JavaScript)
- Operations Manager 2007
- SQL
- Windows 2008 & HPC
- Bigfix
- SMS/SCCM
- Working knowledge of Red Hat Linux.