Requirement of Linux Security Engineer

Linux System

  Building and administrating Red Hat Enterprise Virtualization for Servers
●  Building and administrating Red Hat Enterprise Linux Servers
●  Using GFS2, KVM, and clustering Linux systems
●  Patching and building servers using Red Hat Network Satellite Server
●  Configuring HP Blade Systems and Virtual Connects
●  Managed storage on HP EVA and MSA storage systems
●  Configured zones on HP/Brocade Fiber Switches
●  Monitoring server hardware health, OS state and network connectivity, real-time and via SMTP e-mail notifications
●  Managing data and systems backups using Legato Networker and tapes
●  Configuring and maintaining Snort IDS devices
●  Used Putty, Xming and WinSCP on Windows desktops
●  Leveraging Systems Change Request system for change approvals
●  Development of complex unix shell scripts
●  Managed cron jobs
●  Configured individual and group level access to files and directories
●  Loaded data from a wide verity of devices and formats
●  Disaster recovery planning and implementation
●  Supporting SAS, Stata and Gaus econometric application in a Red Hat Linux environment
●  Administrating Oracle RH Linux Virtualization
●  Configured LDAP based authentication
● Symantec NetBackup and EMC Legato backup operations
●  Management of HP Tape Libraries

Security Engineering – Systems Security Analysis and Engineering – Familiarity, limited experience and the ability to learn the following:

●          Vulnerability & Patch Scans – Configures, builds templates, and executes vulnerability and patch scan software.  Analyses results and works closely with system administrators and DBAs to remediate vulnerabilities, or document the business requirements which make the acceptance of the risks associated with identified vulnerabilities acceptable.  Vulnerability scan tools
●          Nessus Software
●          AppDetective Data Base Scan Software
●          Foundstone Server Scan Software
●          Security Information Management (SIM) Software – Management and monitoring of SIM audit log data, development of policies and procedures for SIM operations,  development of queries, reports and executive dashboards, and business rules for automatic SMTP e-mail notifications on high risk alerts, for:
●          ArcSight SIEM
●          Deep Packet Inspection Software
●          RSA Security Analytics / NetWitness
●          Anomaly Detection Software
●          Riverbed Cascade
●          Configuration Management Data Base (CMDB) software
●          Network Intrusion Detection and Host Based Intrusion Detection hardware and software.
●          SourceFire Snort IDS/IPS
●          OSSEC HIDS
●          Firewall Software
●          Cisco PIX
●          Symantec End Point
●          Security C&A Analysis and Documentation
●          Performing and documenting risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities;
●          Based on the risk profile of the analyzed systems, development and documentation of a IT security policies and procedures for ameliorating those risks;
●          Design, development and documentation of comprehensive Systems Security Plan, covering at a high level the infrastructure, and policies and procedures which define the systems security profile for the analyzed systems;
●          Development of Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems;
●          Design, development, and validation of System Test and Evaluation (ST&E) reviews for new and/or legacy systems.
●          In summary, specific C&A documents to be prepared, reviewed and/or strengthened include:

  • Systems Security Plan
  • Risk Assessment
  • Contingency Plan
  • Incident Response Plan
  • System Test and Evaluation
  • Privileged Rules of Behavior
  • Interconnect Security Agreement (ISA)
  • Plans of Action and Milestones (POA&Ms)

●          NIST 800-53 Security Control analysis, assessment, and best practice-based remediation planning and documentation

(Visited 1 times, 1 visits today)

Leave A Comment

Your email address will not be published. Required fields are marked *