Works as a member of the Army Computer Emergency Response Team (ACERT) Attack Sensing & Warning (AS&W) section, specific duties, Intrusion Detection Analyst, reviews network traffic, intrusion detection system (IDS) logs, firewall/router logs, system logs, and other forensic data to determine if Army systems have been compromised, and to assess resultant damage and operational impact. Implement and manage rule-sets / filters on specific ports, IP addresses, or customer-defined events.
Install and upgrade software platforms (Unix and Windows) and hardware components to new and/or existing IDS. Assist with analysis of hard-drives files, processes additional duties and procedures as required by the customer or TASC management. Receives, analyzes, and distributes information in order to integrate and synchronize resources across the computer network operations (CNO) spectrum, to include computer network defense (CND), computer network exploitation (CNE), computer network attack (CNA), law enforcement, intelligence, and counterintelligence. Assist with static reverse engineering processes on malicious code, viruses and Trojans found during Network Damage Assessment missions in support of Army and ACERT operations. Document results of after-action analysis in technical reports and executive briefings. Analyze methodologies and techniques used to attack US Army networks in order to develop security countermeasures to circumvent unwarranted activity on US Army networks.
Essential Functions: Supports the CNO TOC staff and analysts in the identification, tracking, and resolution of computer security incidents/events. Provides daily updates/briefings on computer security incidents/events during the staffed shift. Provides technical support to analysis and makes technical and procedural CND recommendations to network/security administrators. Drafts, evaluates, and recommends policies and methodologies in support of CNO TOC operations. TS/SCI Clearance Required.
Education/Experience/Special Knowledge Required : MCSE, CSEC, GCIA, GCIH, system/network administration background. System and network security, configuration, and policy background helpful.
Bachelors Degree with 5 years experience and 9 years experience in lieu of degree.
Security Clearance Required.
|