RestonRecruiter
the smart solution for Reston jobs

F5 ASM Consultant-Reston ,VA (Backfill Role Only Local for In Person Interview

Company: XChange Software Inc.
Location: Reston
Posted on: July 13, 2018

Job Description:

Position: F5 ASM Consultant-Reston ,VA Backfill role Location: Reston ,VA MOI: Phone then F2F Duration: 6 month F5 ASM Consultant The F5 ASM Consultant will provide day to day F5 ASM support as well as application onboarding configuration assistance during this project. These resources will primarily be interfacing with the application teams and the security teams to implement the F5 ASM onboarding procedures relevant to quickly adding applications behind the F5 ASM Web Application Firewall. The following is a list of activities the F5 ASM Consultant will be executing on: Application Onboarding (General) o Adjust logging profile within the F5 TMOS environment to log all requests and responses o On board up to 77 applications: Applications will be On-Boarded to the Prod environment residing within the 10 vCMP Guests built out in UTC-A and UTC-B datacenters: 5 vCMP Guests in UTC-A 5 vCMP Guests in UTC-B The OOR and ACPT environments are out of scope for this project F5 PS and Fannie Mae security engineering will be responsible for ---rack and stack--- work, as well as initial configuration of the F5 TMOS environment, and subsequent ASM licensing Application OnBoarding (LTM Specific) o Where needed and applicable: Configure LTM pools for applications Configure LTM VIPs to support applications Configure SSL offloading where applicable Configure iRules where applicable implement already developed iRules and will not be creating new iRules to support functionality that is absent today Configure standard Round Robin load balancing for each application VIP Configure persistence methods that are compatible with each application, Make use of templates in order to streamline work and reduce human error Application OnBoarding (ASM Template Creation) o Create two (2) Generic Application Security Policies Template The templates will only differ on the Operating Systems that they protect Application Security Policy Template names will conform to the following convention: FM-TEMPLATE-ASM-[OS]-[INDEX] Where [OS] is either a W for Windows or a U for Linux/Unix Where [INDEX] is an integer starting at 00 and incrementing for each additional template created Application Language will be set to UTF-8 Dynamic Session ID in URL is set to Disabled Enforcement Readiness Period is set to 3 days Security Policy is Case Sensitive is set to True Differentiate between HTTP and HTTPS URLS is set to True Attack Signatures will be assigned as follows: General Database System Independent Various Systems SSI CGI XML Proxy Servers The following attack signatures will also be added based upon the template type: For the W or ---Windows--- template the following attack signatures will be added: o Microsoft Windows o IIS o ASP o ASP.NET o Microsoft SQL Server For the U or ---Linux/Unix--- template the following attack signatures will be added: o Apache o Apache Tomcat o Java Servlets/JSP o Oracle Signature Staging will be set to Enabled Apply Signatures to Responses will be set to Enabled Explicit Entities Learning: File Types will be set to Never (wildcard only) URLs will be set to Never (wildcard only) Parameters will be set to Selective Application OnBoarding (ASM Security Policy Specific) o Create one (1) ASM Security policy per application VIP The Policy will NOT be applied to an existing Virtual Server Where applicable use the output from a recent White Hat Sentinel Scan to build the initial policy The ---Create a security policy using a third-party vulnerability assessment tool--- option will be used If no recent White Hat Sentinel Scan is available the ---Create a security policy manually or use templates (advanced)--- option will be used The Application Ready Security Policy will depend on the architecture of the application o Windows based Applications will use the FM-ASM-W-[INDEX] template o Linux/Unix based Applications will use the FM-ASM-U-[INDEX] template ASM Security policy names for Applications will use the following naming convention: FM-ASM-[VIP NAME]-[OS]-[INDEX] Where [VIP NAME] is the name of the VIP that the policy will be protecting Where [OS] is the Operating system the application as built on. W for Windows, U for Linux/Unix Where [INDEX] is an integer that will increment as policies are created Where applicable configure no more than two (2) login pages per Application Login URL will be set to Explicit Login page specifics to be provided Where applicable internal QA testing IP addresses will be added to the IP Address Exceptions list QA Machines will be set to the following: o Policy Builder: Trust the IP o Anomaly Detection: Ignore IP o Learning Suggestions: Include IP o Log Traffic: Allow Logging o Block This IP: Never Block o IP Intelligence: Include IP o Description: A formal description of the network and it's reason for being whitelisted All other whitelisted ip addresses should be reviewed and configured at the direction of client If Applicable Data Guard will be enabled for applications that may contain sensitive data: Enable the standard protections for: o Data Guard o Credit Card Numbers o Social Security Numbers Custom Patterns and Exception Pattern development is out of scope for this project Mask Data will be enabled File Content Detection will remain un-checked CSRF Protection will be enabled SSL Only will remain unchecked Expiration Time will be enabled with a time of 120 Seconds Up to ten (10) urls will be entered for CSRF protection. Wildcards can be used to apply the protection to a more general grouping of URLs. Brute Force protection will NOT be configured Where Applicable Geo-Location Enforcement will be enabled All Geolocations shall be removed from the Allowed Geolocations, and placed in the Disallowed Geolocations Applicable Geolocations shall be moved from Disallowed Geolocations to the Allowed Geolocations box DOS Profiles will not be setup The On-Boarded Application will be placed into ---Transparent--- mode in which all violations will be logged but no enforcement action taken The policy will be attached to the VIP and activated at the appropriate time, The On-Boarded Application will be tested with the team to verify the ASM policy is not impacting the application in a negative manner

Keywords: XChange Software Inc., Reston, F5 ASM Consultant-Reston ,VA (Backfill Role Only Local for In Person Interview, IT / Software / Systems, Reston, Virginia

Click here to apply!

Didn't find what you're looking for? Search again!


I'm looking for
in category
within


Other IT / Software / Systems Jobs


Developer Mid Java Specialist - Baltimore
Description: Developer Mid Java Specialist - Unisys CorporationWe are currently
Company: Unisys Corporation
Location: Baltimore
Posted on: 07/22/2018

Telecommute Senior Drupal Developer
Description: A research website has a current position open for a Telecommute Senior Drupal Developer. Individual must be able to fulfill
Company: VirtualVocations
Location: Washington
Posted on: 07/22/2018

Drupal Developer
Description: Title: Drupal Developer Location: Bethesda, MD Only Locals Inperson Interview Duration: 6 Months Job Description: Client is seeking a Drupal Developer to support web-based content management systems (more...)
Company: KMM Technologies, Inc
Location: Bethesda
Posted on: 07/22/2018


JavaScript Software Developer
Description: Title : JavaScript Software Developer Location : Alexandria , VA Duration : 6 Months Right to Hire Job Description: Design, develop, and implement large, cutting edge standalone JavaScript web-based (more...)
Company: Zolon Tech Solutions Inc
Location: Alexandria
Posted on: 07/22/2018

Technical Mobile Analyst
Description: br br br br Please Enable Cookies to Continue br Please enable cookies in your browser to experience all the personalized features of this site, including the ability to apply for a job. br (more...)
Company: comScore
Location: Reston
Posted on: 07/22/2018

SAS/Python/Unix Developer
Description: OverviewSAS/Python/Unix Developer Washington, DC metro areaRef 2018-1522 For a large financial services client, we are seeking SAS/Unix Developer Python Preferred , to work on a 1 year or longer project (more...)
Company: The Oakleaf Group
Location: Washington
Posted on: 07/22/2018

.NET DEVELOPER WITH AZURE (F2F REQUIRED IN VA)
Description: Position:: Full Stack Web DeveloperLocation:: VA-Virginia/RichmondDuration:: 6 MonthsInterview
Company: Ramy InfoTech
Location: Mc Lean
Posted on: 07/22/2018

Virtual Senior Statistical Programmer
Description: A healthcare company needs applicants for an opening for a Virtual Senior Statistical Programmer. Individual must be
Company: VirtualVocations
Location: Washington
Posted on: 07/22/2018

Sr. Software Engineer (TS/SCI - Python, React, Java)
Description: Job Description br br Researches, designs, develops and/or modifies enterprise-wide systems and/or applications software. 1. Designs, develops, codes, tests and debugs highly complex new software (more...)
Company: General Dynamics - IT
Location: Springfield
Posted on: 07/22/2018

Network Engineers, Web Developers, System Administrators etc.
Description: Interview for this job and dozens of other career opportunities at the upcoming October TECHEXPO Polygraph-Only Hiring Events: Wednesday, October 11 10am - 3pm The Ritz-Carlton Tysons Corner 1700 Tysons (more...)
Company: TECHEXPO
Location: Arlington
Posted on: 07/22/2018

Log In or Create An Account

Username:
Password:
 

Forgot password?


Find us on Facebook

Find us on LinkedIn

Get the latest Virginia jobs by following @recnetVA on Twitter!

Reston RSS job feeds