|Must be a US Citizen who currently possesses a Top Secret/SCI (Note: Poly is not required at this time)|
The selected candidate shall execute in real time, in accordance with mission requirements, incident handling, triage of events, network analysis and threat detection, trend analysis, metric development, vulnerability information dissemination, and the DoD CNDSP methodology.
- Clearance required to start: Active TS/SCI (Note: Poly is not required at this time)
- Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education, with 9 years of professional experience; or 7 years of professional experience with a related Masters degree. Considered an emerging authority.
- Full time; normal day shift
- Active DoD TS/SCI clearance and eligible for C/I Polygraph
- Previous tools experience working with ArcSight, Splunk, PCAP, JIMS or equivalent toolsets.
- Technical understanding in some of the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication installation, or malware types), or intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch, or open source information collection)
- Experience in an Operations Center providing Senior Leaders specified reports based on information received from supporting units.
- Have working knowledge of threat and vulnerability analysis, routing protocols, routing, intrusion detection systems, intrusion protection systems, Domain Name Service, or network traffic analysis
- DoD 8570 Requirements
- ITIL v3 Foundation certified
- Critical/logical thinking skills
- Experience working with the Intelligence Community and priority intelligence requirements
- Advanced communications and presentations skills (verbal and written) enabling precise conveyance of information across all CC/S/A/FA with command and proper enunciation of the English language
- Centrally coordinate and/or recommend CND operations that impact more than one DoD Component.
- Provide Defense-wide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows.
- De-conflict Vulnerability Analysis and Assessments (VAA) and Red Teaming with CND operations, and recommend changes to in progress or planned VAAs that may negatively impact CND operations.
- Monitor the DoDIN for IAVA compliance and assess impact on defense of DoD computer networks.
- Develop a coordinated curriculum for CND education training, awareness, professionalization, and ensure the implementation of the curriculum throughout the CNDS certification and accreditation process.
- Ensure that all Computer Network Defense Service (CNDS) providers have continuous information exchange and work together in synchrony, i.e., simultaneously execute a single prescribed Course of Action (COA) and that at any given time, a new COA can override the existing one. Coordination among CNDS providers is primarily effected through the CNDS Certification Authorities (CNDS/CAs) on behalf and under the direction of the USCYBERCOM.
- Recommend Information Operations Conditions (INFOCON) changes in response to unauthorized activity (e.g., computer network attacks, computer network exploitation, system misuse), and to mitigate potential damage to DoD information systems and computer networks.