SECURITY ENGINEER- TUFIN

Statement of Work:

As TriWest’s hybrid cloud and cybersecurity services partner, IBM is responsible for the delivery of the TRICARE Managed Care Support (MCS) T-5 contract.  IBM’s scope is to provide hosting, platform engineering, infrastructure automation, managed operations, and security and compliance of the T-5 environments in Microsoft Azure for Government (MAG). Phase 1A task will align with the base period/implementation effort. During this implementation period, the tenant infrastructure is created in the MAG regions to support the T-5 applications. By the end of Phase 1A, the T-5 applications will have been deployed by TriWest and approved for production go-live to support Start of Healthcare Delivery (SHCD). The T-5 applications will be hosted in the MAG Arizona region. As the managed services provider, IBM provides infrastructure managed services and automation supporting TriWest’s DevSecOps. IBM will form cross-functional agile teams that are integrated with the TriWest development teams to deploy approximately 50 T-5 applications in Azure GovCloud in the base period of the contract to meet SHCD. Categories of infrastructure managed services include billing/metering, network administration, service desk support, system administration, cloud engineering, security operations, security event management, security compliance, security engineering, incident response, and service catalog.

Required skills/Level of Experience:

The Security Engineer position will be a member of a dedicated security team within IBM Consulting Federal. In this role, the Mid Security Engineer will support a dedicated 24x7x365 operation for a Federal program. Highly skilled multi-disciplined individual with project management skills to join us as a lead support engineer. You will be working in a fast paced environment on a diverse set of technologies like Azure, Palo Alto, Tufin to name a few. The ideal candidate would have expertise in hybrid platforms (cloud and on-prem), networking, virtualization, and security. Minimum Bachelors degree in Cyber, Computer Science, or related field + 7 Years relevant working experience

• One of the following DoD Approved 8570 certification REQUIRED such as: CompTIA Security+CE, CEH, CySA+, GICSP, SSCP, CHFI, CFR, Cloud+, CND, CASP,+ CE, CCNP Security, CISA, CISSP, GCED, GCIH.
• Minimum Bachelor's degree in Cyber, Computer Science, or related field,
• 7 Years relevant working experience
• 3+ years of Firewall management
• 3+ years of familiarity Azure IaaS, Azure Virtual Desktop, Azure Networking
• 3+ years cybersecurity related work
• 5+ years of level 3 support
• 1+ years of experience administering Tufin Orchestration Suite
• Experience with content management systems.
• 3+ years Solid understanding of Azure Cloud
• Scripting: Good PowerShell and/or Python skills
• Solid understanding of networking concepts and troubleshooting skills
• Good knowledge of security concepts, IAM, VPN, and NextGen firewalls
• Troubleshooting: ability to troubleshoot problems solo and deliver solutions within a reasonable timeframe
• Be able to look at complicated systems to find flaws or room for improvement

Specific job duties include:

• Develop and maintain a wide range of cybersecurity documentation, including:
  • Policies and procedures system documentation
  • User manuals and guides, SOPs
  • Training materials Incident response plans Security awareness materials
  • Collaborate with cybersecurity team members to gather information and ensure technical accuracy.
• Translate complex technical concepts into clear and easy-to-understand language.
• Adhere to style guides and templates to ensure consistency and quality.
• Use a variety of authoring and content management tools.
• Manage documentation review and approval processes.
• Stay up to date on cybersecurity best practices and industry trends.
• Security clearance: United States – Able to obtain

• Job Duty 1 with % of time – 60% Using Tufin to automate policy creation in Palo Alto firewalls and Azure Network Security Groups
• Job Duty 2 with % of time – 30% Cleanup, Optimization, and Documentation of processes and procedures and network/flow diagrams
• Job Duty 3 with % of time – 10% Training/Professional Development