Jan 10
Top Secret
Early Career (2+ yrs experience)
Occasional travel
IT - Networking
Scott Air Force Base, IL (On-Site/Office)
Review audit data and network traffic data for irregularities or other
indications of real or potential security violations
● Correlate and analyze security data and events from alert and traffic flow
systems
● Identify potential advanced persistent and coordinated threats across
multiple platforms
● Perform tuning and optimization tasks to include sensor rule review and
log aggregation/visibility
● Perform reviews of implemented cybersecurity defense IDS/IPS rules,
exceptions, and log availability and content
● Perform reviews of aggregated log data to identify missing required
sources; ensuring log data format IAW logging standards
● Develop/enhance existing intrusion detection analytics, dashboards, and
signatures to remain commensurate with evolving cyber threat
● Investigate all security related events and incidents involving assigned
information systems
● Report identified security incidents through approved reporting process
● Review and share significant activity reports and tippers
● Perform incident response based on security events identified
● Develop and deploy countermeasures in response to cybersecurity
incidents IAW Incident Response Plan
● Analyze and identify root cause and lessons learned from security
incidents; document formal after-action reports (AAR)
● Provide recommendations related to tactical response actions, such as
updating signatures and heuristics
● Develop and maintain security analysis scripts and analytic displays
Preferred knowledge and experience with the following:
● NIST and DoD security policies
● Securing virtualization/cloud infrastructure concepts, technologies and
services
● Microsoft server and workstation, Unix, and Red Hat Linux Enterprise OS
security configurations
● Basic forensic requirements and processes
Required:
One or more approved DoD 8570 baseline certifications for:
IAT II and CSSP Analyst.
3+ years of cybersecurity experience
indications of real or potential security violations
● Correlate and analyze security data and events from alert and traffic flow
systems
● Identify potential advanced persistent and coordinated threats across
multiple platforms
● Perform tuning and optimization tasks to include sensor rule review and
log aggregation/visibility
● Perform reviews of implemented cybersecurity defense IDS/IPS rules,
exceptions, and log availability and content
● Perform reviews of aggregated log data to identify missing required
sources; ensuring log data format IAW logging standards
● Develop/enhance existing intrusion detection analytics, dashboards, and
signatures to remain commensurate with evolving cyber threat
● Investigate all security related events and incidents involving assigned
information systems
● Report identified security incidents through approved reporting process
● Review and share significant activity reports and tippers
● Perform incident response based on security events identified
● Develop and deploy countermeasures in response to cybersecurity
incidents IAW Incident Response Plan
● Analyze and identify root cause and lessons learned from security
incidents; document formal after-action reports (AAR)
● Provide recommendations related to tactical response actions, such as
updating signatures and heuristics
● Develop and maintain security analysis scripts and analytic displays
Preferred knowledge and experience with the following:
● NIST and DoD security policies
● Securing virtualization/cloud infrastructure concepts, technologies and
services
● Microsoft server and workstation, Unix, and Red Hat Linux Enterprise OS
security configurations
● Basic forensic requirements and processes
Required:
One or more approved DoD 8570 baseline certifications for:
IAT II and CSSP Analyst.
3+ years of cybersecurity experience
group id: 90938864
