You are on page 1of 2

The specific staff skills utilized by the Cyber Operations Business Area are listed below: Information system

m security, including expertise in: o Secure operating systems o Intrusion detection o Multilevel security/multiple security levels issues and solutions o Authentication (especially biometrics) o Steganography o Wireless security issues and solutions o Information system attack Information system networking, including expertise in: o Ground-, air-, and space-based radio frequency communication o Mobile ad hoc networking o Internet protocol/multiprotocol label switching networking o Routing protocols and secure routing o Quality of service mechanisms o Network modeling and simulation o Communication electronics design o Network management and control Information exploitation, including expertise in: o Database systems o Visualization o Knowledge representation and ontologies o Information retrieval and extraction o Machine learning Modeling and simulation Software development, testing, and integration Computer processor and memory system design Cyber Security Duties Duties (Listed in order of importance):

Analyze data regarding cyber threat tactics, techniques, methodologies, or vulnerabilities that present threats to IT operations. Create, implement, and/or monitor cyber-analytic rules, signatures, and views related to the threats. Respond to security incidents to include detailed forensic analysis of computers, media, and network traffic. Recommend and apply improvements to the performance, usability, and value of cyber-analytic tools. Assist in the creation and dissemination of incident reports, threat trends, and situational analysis based on overall cyber-analytic activities. Coordinate response and mitigation to incidents. Develop and improve procedures to identify, confirm, and remediate incidents. Participate in project and cross-functional security teams requiring interaction with system administrators, networking staff, application developers, and other IT operations staff in order to identify security-related requirements and specifications for IT operations. Engage security research staff in order to create, develop, and implement advanced security tools.

Desired Certification: One or more security-related certifications: e.g., CISSP, GIAC, GCIA, GCIH, others. Some working knowledge of network and protocol analysis, Windows and UNIX system administration, monitoring devices, or security event management.

One or more years experience in operational information security analysis and incident response. Any experience with computer forensics, malware analysis or reverse engineering tools and techniques, is a plus.

Certifications such as CISA, CISM, CPA/CITP, CISSP, Security+ are desireable. IA, IT audit, web application security, network architecture, security and event management tools, vulnerability assessment tool usage, ArcSight, SIEM tools, continuous monitoring, enterprise threat and risk management tools, .ASP, .NET, JAVA, system administrator, business process development and/or information security experience preferred. Experience in security controls testing, FISMA, and DIACAP are helpful as well. Must be able to go through a background investigation and/or have an active security clearance.

You might also like