3Di urgently is seeking to obtain the services of one (1) Consultant to perform as an Enterprise Server Analyst (ESA).
DESCRIPTION OF WORK/DUTIES The impact of the COVID-19 virus has resulted in a greater demand for remote telecommunications skillsets, thereby increasing our need for an experienced Consultant to support the growing Teleworker workforce. The Consultant shall be required to incorporate those skillsets necessary for installation and support of secure remote access applications and tools in use by the current and growing numbers of Los Angeles County personnel on their remote PCs, laptops, iPads, notebooks, cellphones, and other personal communications devices. The Consultant shall perform the all of the following duties:
Perform centralized monitoring, Tier I/II problem correlation, and support of ISD managed data center infrastructures using various ISD management and monitoring tools to identify existing or potential security, network, server, and data center infrastructure anomalies.
Provide Tier I/II assistance toward analysis and reporting of customer tickets for security- related issues associated with network and server-supported applications to determine customer's problems using various ISD management and monitoring tools and software, including but not limited to NetIQ, Microsoft System Center Operations Manager (SCOM) and other centralized or distributed application managers.
Assist higher level Enterprise Command Center staff on activities related to endpoint security compliance, detection and isolation of incidents and security intrusions, ensuring prompt response and corrective actions, notification, and escalation.
Generate required reports such as NetScout, Wireshark, PRTG, CACTI, SCOM, McAfee Endpoint Security and other monitoring-tool reports and traces in support of existing incidents and forensic reviews.
Escalate technology concerns to Principal Network System Administrator (PNSA) or Senior level resources as appropriate.
Assist other higher-level staff toward maintaining operational requirements associated with the Sections responsibilities.
Support on-going projects and workload including Change Management scheduling, and post-change validation.
Manage projects and special assignments of the section as required.
Generate and prioritize proactive tickets via ISD monitoring and management tools.
Assist in refining the security incident response processes by analyzing the current process to reduce the number of steps, handoffs, and inefficiencies in current County practices
Assist ISD technology resources toward development and maintenance of operational "Run Books" and tactical procedures.
Document all technical work, update existing documentation as appropriate and provide knowledge transfer to Enterprise Operations staff.
Act as the liaison for activities between Network and Server departments including all aspects of user support, system configuration, system administration, customer interaction/notification, work with County vendors (i.e. Cisco, Microsoft, McAfee, etc.), work with internal and external customer departments, work with internal and external customer Department Information Security Officers (DISOs) and provide weekly incident ticket status to Cyber Governance and Operations management and Executive Management
Provide after-hours and weekend support on an as needed or regular basis.
MINIMUM QUALIFICATIONS The Consultants must meet all of the following minimum qualifications: 1. Two (2) years of experience within the last four (4) years working in the capacity as an Enterprise Server Analyst or similar role. 2. Two (2) years of experience within the last three (3) years as a Windows Systems Administrator, or similar role, managing servers in an enterprise environment consisting of 100 or more servers. 3. One (1) year of experience within the last three (3) years in the area of server/host security; working on hardening Linux/Unix/Windows operating systems in an enterprise environment consisting of 100 or more servers. 4. One (1) year of experience within the last three (3) years managing and/or supporting a production security incident response environment, including working with end-users to investigate, analyze, troubleshoot, and resolve security incident issues. 5. Two (2) years of experience within the last four (4) years as a security incident handler with experience detecting, responding, resolving, and managing computer and network security incidents, including: detecting malicious applications and network activity, detecting and analyzing system and network vulnerabilities, determining root causes, performing computer and network forensic investigations and leading a computer security incident response team. 6. One (1) year of experience within the last four (4) years in a security monitoring role.
