Cisco Adv Malware Protection Admin - ref. n50478123

IMP: Before submitting resumes, Please make sure you meet min qualification requirements.

Position:

Consultant shall work with other departments in the County and will use various tools to analyze and resolve events in the Cisco Advance Malware Protection system

BACKGROUND

The CISCO AMP has been implemented fully to workstations in majority of the County departments and the goal is to expend it to all departments workstations and servers with improved operational excellence

MINIMUM QUALIFICATIONS

The Consultant must meet all of the following minimum qualifications:

1. Two (2) years of experience within the last four (4) years performing hands on

1. Two (2) years of experience within the last four (4) years performing endpoint

1. Two (2) years of experience within the last four (4) years working on all of the

following:

• TCP/IP networking and firewalls.
• Network security support.
• VPN connectivity.
• System administration.
• Windows and Linux operating systems.

1. Three (3) years of experience within the last four (4) years performing all the

following:

1. Planning, designing, implementing, optimizing, and operating malware

1. Cloud Security malware protection.
2. Patch and configuration management

1. Two (2) years of experience within the last four (3) years performing all the

following:

1. Troubleshooting and resolving complex technical problems.
2. Endpoint Security and Advance Threat Protection.
3. Diagnosing and remediating malware

1. Two (2) years of experience within the last three (3) years monitoring malware

1. Must have one of the following certifications: CISSP, CCNA, CCNP, CCDP or

CCIS

DESCRIPTION OF WORK/DUTIES

The Consultant shall perform all of the duties listed:

• Administrate Cisco AMP and ensure compliance and coverage on a daily basis.
• Administer Cisco AMP endpoint security infrastructure and monitor endpoints

• Perform vulnerability assessments of information systems including regular

• Assist with patch management of all systems.
• Recommend alternatives when appropriate.
• Perform task related to hardware and software network configuration.
• Implement and support deployment of Cisco AMP to all County Departments.
• Deploy and maintain Cisco AMP in protect mode to datacenter servers.
• Deploy and maintain Cisco AMP for all County servers in AWS, Azure and

• Deploy and maintain Cisco AMP in protect mode to all County workstation.
• Learn the ins and outs of supporting the Cisco AMP platform/agents running

• Test new releases of AMP prior to deploying it to the County
• Manage and implement Cisco AMP upgrades for all end points.
• Ensure that the latest version of Cisco AMP is running on servers and

• Respond to user support requests, diagnose and provide solutions to technical

• Research issues while maintaining communication with end-users.
• Solve problems accurately, efficiently and find a way to resolve obstacles.
• On a daily basis resolve all outstanding events in Cisco AMP.
• Collaborate with other teams to resolve security gaps and discrepancy reported

• Troubleshoot incompatibilities with OS and applications.
• Define and document exclusion required due to the specific system

• Resolve all tickets within the SLA timeframe.
• Develop playbooks to optimize the use of Cisco AMP.
• Create and maintain AMP configuration following best practice as advised by

• Test new releases of AMP prior to deploying it to the County.
• Write custom scripts to automate processes as needed.
• Remain organized, be detail-oriented and meet deadlines.
• Collaborate with project team members to meet timelines and goals.
• Contribute to project documentation and diagrams including quality assurance

• Perform knowledge transfer to team members within the project section.
• Drive security for deployment, craft policies around configuration, automate

• Drive adoption and expansion of Cisco AMP security by highlighting feature

• Navigate the LA County Departments complex security environments and

• Deliver presentations and provide progress updates to Managers and Staff.
• Provide as needed after hours support at the discretion of the SD-SOS Section

• Prioritize and work responsibly with or without direct supervision.
• Review daily AMP reports and resolve any issues.
• Create ad-hoc reports as required.

Resumes submitted must contain clear evidence that above requirements are met. Candidates will be expected to provide names, addresses, and telephone numbers of persons who can substantiate any/all experience and job performance. References will be verified.