Responsibilities- Maintain situational awareness of cyber activity by reviewing DoD, Intelligence Community and open source reporting for new vulnerabilities, malware or other threats that have the potential to impact the DoDIN.
- Support mission-critical Continuity of Operations (COOP).
- Synthesize, summarize, consolidate and share potentially malicious activities on the DoDIN with DISA and mission partner organizations by creating incident reports, wiki updates, collaboration/chat tippers and notifications, DoD incident handling database queries, metrics, and trend reports.
- Assist in providing threat and vulnerability analysis as well as security advisory services and recommendations.
- Hold DoD-8570 IAT Level 2 baseline certification (Security+ CE, CISSP or equivalent) with the ability to obtain CSSP-A certification within 180 days of start date.
- Hold and maintain an active Top Secret/SCI clearance.
- Proficient understanding of Cyber Network Defense (CND) in regards to protect, detect, respond and sustain within a Computer Incident Response organization.
- Excellent verbal and written communication skills including the ability to clearly articulate technical and strategic level cyber matters to a variety of audiences.
- Highly developed research and analytical skills to pinpoint statistically significant patterns related to cyber threats.
- Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth.
- Bachelor's degree with 8 years of professional experience; or 4 years of professional experience with a related Master's degree. (4+ years of additional related years of experience is accepted in lieu of a degree).
- Knowledgeable in Cloud security/defense.
- Experience with DISA and DoD Networks.
- Working knowledge of cyber operational security, log analysis, netflow analysis, incident response, malware analysis, computer forensics, and/or cyber-crime.
- Advanced Certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP.
- Working knowledge and proficiency utilizing Wireshark and Splunk analysis tools.
- Experience in intelligence driven defense and/or Cyber Kill Chain (CKC) methodology; knowledge of Advanced Persistent Threat (APT) and other cyber threat modeling frame works.
- Working knowledge of the U. S. Intelligence Community, SLTT governments, and/or fusion centers.
- Train and mentor other team members.
External Referral Eligible
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Yes, 10% of the time
Scheduled Weekly Hours:
Defense & Intel
Associated topics: sci, security clearance, security investigation, sensitive compartmented information, single scope background investigation, ssbi, top secret sci, ts sci