- Implement formal procedures to report emerging viruses to USCYBERCOM within report time requirements.
- Maintain configuration documentation for the Enterprise to include: network diagrams, technical sensor/administrative & policy POCs, and related information.
- Ensure proper protection of data in transit, in accordance with DoD policy.
- Utilize formal network security monitoring policies and procedures that include the appropriate use of DoD-approved IDPS tools that have automated alert capabilities enabled
- Perform Detection (Monitoring and Analysis) activities using Intrusion Detection System/Intrusion Prevention System sensors (IDS/IPS), hereafter called sensors.
- Follow documented procedures for characterizing anomalous events detected by sensors and other network monitoring systems.
- Review and analyze logs in a timely manner to detect intruders.
- Provide notice of suspicious/malicious network traffic or similar activities that suggest an impending or on-going attack
- Search for distributed, long-term, coordinated, low-visibility network-based attacks to identify possible unauthorized activity utilizing exploratory problem-solving or self-learning techniques. Suspicious/significant activity will be shared among the CND/IA community.
- Report potential incidents and correlated information from these incidents/events that occur on sensors using documented procedures in accordance with DoD guidance.
- Document and escalate incidents.
- Retain all incident reports for at least one year.
- 2 years with Bachelors Degree OR If no degree, 5 years direct work experience.
- Knowledge with application and network security. Understanding of vulnerabilities, exploits, malware, risks to affected systems, and DoD IAVM program.
- Documented experience with end-point security solutions, intrusion protection systems, intrusion detection systems, firewalls, proxies, log analysis, and vulnerability scanners.
- DoD 8570 IAT Level II certification (e.g. Security+ CE) and CSSP Analyst certification
- Bachelors Degree in Computer Science or related field
- Top Secret w/SCI eligibility