Cyber Incident Responder – Detect/Response- TS/SCI POLY

Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation

Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information

Evaluates firewall change requests and assesses organizational risk

Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems

Assists with implementation of countermeasures or mitigating controls

Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans

Develops, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools

Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure

Researches, evaluates, tests, and implements new security software or devices

Conducts investigations of information systems security violations and incidents, reporting as necessary to management

Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs

Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance

Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information

Provides information assurance project management, technical security staff oversight, and development of mission-critical technical documents

Ensure compliance with regulations and privacy laws

Develops materials for computer security education/awareness programs

Responds to queries and requests for computer security information and reports

May coach and provide guidance to less-experienced professionals

May serve as a team or task lead

REQUIREMENTS:

EDUCATION AND EXPERIENCE: BA/BS or equivalent, 8+ years of experience

Security+ CE or other DoD 8570 baseline certification prior to employment.

DoD 8570 IAT II certification as well as a DoD 8570 CSSP Infrastructure certification . Viable certifications that meet this requirement are CEH, CySA+, GICSP, SSCP, CHFI or CFR.