Intel/McAfee

CIO

Can anyone shed some light on what to expect working for Intel/McAfee security operation group in the Dallas area. This is an entry security analyst position.

I think that i am over-paid for what i do now (general tech support @60K) but what can/should I expect for a real entry level SOC position?

chrisone

We would have to see the job description in order to begin to guestimate.

NotHackingYou

Which of the following will you be using? ESM (Enterprise Security Manager - SIEM), EPO (Enterprise Policy Orchestrator - AV Server) , HIPS (Host IPS), NSM (Network Security Manager - IDS), MWG (Proxy), ATD (Advanced Threat Detection - Malware sandbox).

In general, working with McAfee/Intel products
Be ready for lots of McAfee acronyms
Be ready to do it the McAfee way
Support site is OK, but they have lots of rules
Not a lot of online articles that are helpful
Intel just sold a major stake in McAfee

CIO

Intel Security Group offers in-depth protection from the network core, to perimeter defense to complete desktop security through two families of products: Intel System Protection Solutions, securing desktops and servers, and Intel Network Protection Solutions, ensuring the protection and performance of the corporate network.

As a Cyber Security Support Engineer at Intel Security, you will be responsible for supporting our entire licensed customer base through a variety of mediums.

Job Description: Provides technical support to field engineers, technicians, and product support personnel who are diagnosing, troubleshooting, repairing and debugging complex electro/mechanical equipment, computer systems, complex software, or networked and/or wireless systems. Responds to situations where first-line product support has failed to isolate or fix problems in malfunctioning equipment or software. Reports design, reliability and maintenance problems or bugs to design engineering/software engineering. May be involved in customer installation and training. Provides support to customer/users where the product is highly technical or sophisticated in nature.

Minimum Qualifications: At least 3 Years of experience in Networking / Troubleshooting the following areas:Administering and troubleshooting Widows client/server operating systems (Win 7,8,10, Server 2003, 2008, 2012) by utilizing DOS commands, logs and services. Expertise to conduct fault isolation in regards to diagnosing and remediating network con

NotHackingYou

Sorry, I misuderstood - you will be working at McAfee/Intel in support.

FillAwful

CIO wrote: »

Intel Security Group offers in-depth protection from the network core, to perimeter defense to complete desktop security through two families of products: Intel System Protection Solutions, securing desktops and servers, and Intel Network Protection Solutions, ensuring the protection and performance of the corporate network. As a Cyber Security Support Engineer at Intel Security, you will be responsible for supporting our entire licensed customer base through a variety of mediums. Job Description: Provides technical support to field engineers, technicians, and product support personnel who are diagnosing, troubleshooting, repairing and debugging complex electro/mechanical equipment, computer systems, complex software, or networked and/or wireless systems. Responds to situations where first-line product support has failed to isolate or fix problems in malfunctioning equipment or software. Reports design, reliability and maintenance problems or bugs to design engineering/software engineering. May be involved in customer installation and training. Provides support to customer/users where the product is highly technical or sophisticated in nature. Minimum Qualifications: At least 3 Years of experience in Networking / Troubleshooting the following areas:Administering and troubleshooting Widows client/server operating systems (Win 7,8,10, Server 2003, 2008, 2012) by utilizing DOS commands, logs and services. Expertise to conduct fault isolation in regards to diagnosing and remediating network con

Wow, "Cyber Security" Support Engineer. This sounds like a Tier 2 Help Desk for supporting other companie's Cyber Security tools. I guess you would need to have a basic understanding of computer security to understand the tools you are supporting, but I would not consider this a job in the IT Security field. If this is what you are looking for than that's awesome, but I disapprove of the mislabeling of the position.

cyberguypr

^ this guy basically stole my anwser. I'm reading the description and thinking "this is just product support for whatever apps Intel happens to carry related to cyber". It really sounds like if a "did you tried turning it off and back on" doesn't solve the issue it will go to this role. The title is certainly used loosely as it is obviously not a SOC position.

NetworkNewb

LOL, that title definitely made laugh. As for titles that did not equate to what the position actually does that one is up there in my list. At least they put "Support" in there otherwise if they took that out it would probably be at the top.

At least the title will look impressive if you ever did want to get into security. Cyber Security Support Engineer at McAfee

NotHackingYou

I've worked with the tier 1/2 guys at Intel/McAfee (customers don't get to talk to Tier3, Tier2 is our proxy) and some of them go pretty deep into troubleshooting before they bring in tier3.

CIO

What i got from the recruiter is that i would be supporting their security solutions installed on customer networks.

I really hope that you guys are wrong cause im really trying to break into the IT security field hoping to focus on network security.

spicy ahi

Do you have a clearance? Curious as McAfee's security suite is used heavily in the DoD. It's called HBSS in military speak but commercially the control module is known as McAfee ePolicy Orchestrator and then they have several other products tied in to create a cutomized security suite. That's probably the family of products you'll be supporting in this role. Just had a class a few weeks ago and the lady teaching it is well known in the DoD HBSS space (anyone who had to watch the 201 and 301 videos - it was her, and yes she drinks a lot of diet Dr. Pepper) and she gave us some low down about what's going on with McAfee and stuff...

CIO

I do not have a clearance

spicy ahi

Ah, then you'll probably support their commercial customers. From what I was told, a good of the Fortune 500 companies use the McAfee suite of products. And if their implementation is anything like the DoD version, things do get hairy very quickly. Good luck!

CIO

It appears that i will be supporting their commercials customers who are using Enterprise Security Manager.

DatabaseHead

spicy ahi wrote: »

Ah, then you'll probably support their commercial customers. From what I was told, a good of the Fortune 500 companies use the McAfee suite of products. And if their implementation is anything like the DoD version, things do get hairy very quickly. Good luck!

Fortune 20 and we use it.

CIO

I wanted to update everyone that I have accepted the position. 12% increase in pay and a boatload of benefits.

This is one step closer to my IT security goals.

gespenstern

Good luck then!

xxxkaliboyxxx

DatabaseHead wrote: »

Fortune 20 and we use it.

The Army NEC uses HBSS and we don't use it well =(

Verities

I've been working with HBSS for the past couple years and can tell you its overpriced and full of bug riddled software. ePO (management server for the suite) functions at about 80% of its intended operational ability (STIG benchmark scans rarely work). CMA constantly fails to check in with the ePO server and almost never stops when I need it to, resulting in a pkill -9. HIPS is the only thing that works well...seriously it works too damn well and if you get it pushed to your system while SELinux is running, have fun removing it. If you end up having to use HIPS and aren't using SELinux, you have to rely on security folk to constantly adjust policies so you can do simple things like add users. I could go on, but I'll end my rant.

DatabaseHead

@ Ver we use it and no complaints yet, that's not to say we won't.

Either way appreciate the expert advice.

Thanks!