Required: Top Secret Clearance
Network Security Specialist:
Duties and work output cover a range of technical specialties. Performs a variety of highly technical analyses and procedures dealing with the collection, processing, preservation, analysis, and presentation of computer-related evidence, and is responsible for disseminating and reporting cyber-related activities, conducing vulnerability analyses and risk management of computer systems and recovering information from computers and data storage devices. Computer forensic analysts used forensic tools and investigative methods to find specific electronic data, including internet use history, word processing documents, images, and other files. Proficient in the latest forensic, response, and reverse engineering skills and astute in the latest exploit methodologies. Performs forensic analysis on all common operating system environments, to include, but not limited to, Microsoft Windows, Mac OS, UNIX, Linux, Solaris, as well as embedded systems. Analyze digital media (logs, code, phones, hard drives, memory dumps, etc.) to determine attack vectors and develop mitigation techniques.
Description/Complexity:
Effectively communicates to technical and non-technical audiences; influences others to comply with policies and conform to standards and best practices. Designs the organization’s working information security systems operations and maintenance strategy and methodology to comply with the organization’s cyber security standards and mission. Attends and participates in professional conferences to stay abreast of new trends and innovations in the field of information systems and/or cyber security. Independently manages, plans, evaluates, and advocates for information security compliance systems, plans, and functions, and is responsible for the management of complex projects, programs, and initiatives with high threat and large scope (e.g., department or agency wide), with ongoing systems monitoring. Recovers information from computers and data storage devices. May work alongside law enforcement officers helping to solve cyber crimes or find electronic evidence of other crimes. Recovers data, such as documents, photos, emails from computer hard drives and other data storage devices, such as zip and flash drives, that have been deleted, damaged, or otherwise manipulated. NOTE: 15-25% travel may be required for this position.
Competencies/Skills:
- Advanced application of relevant competency/skill models
- Secure operating systems, workstations, data management, web technology protocols
- Secure wireless networking and mobile computing
- Attack sensing and warning
- Intrusion detection, and event investigations and response
- Host and network security auditing
- Computer and network forensics
- Cyber situation awareness
- Penetration testing and exploit analysis
- Insider thereat analysis and protection
- Cryptography theory and protocols
- Cryptographic hardware, software, and applications
- Security and privacy policy
- Boundary protection and enclaving
- Biometrics
- Authentication and access management technologies
- Enterprise security engineering and secure system management
- Embedded systems security engineering
- Security certification and accreditation
- Security risk modeling, metrics, and management
- Security architectures
- Code analysis
- Trusted product assessment
- COTS integration
- High-assurance hardware and software
- Distributes/delegated end-user administration
- Granular access control implementation
- Computer network defense
- Information assurance
Relevant Skill Areas Applied:
- Network architectures, protocols and standards (e.g. TCP/IP, IPSEC, ATM, SNMP)
- Software programming (e.g. C, Java, PERL, XML)
- Systems engineering
- x86 assembly
- SharePoint MOSS
- Function calling conventions
- IDA Pro
- IDA Pro plugins
- Executable packaging, malware analysis
- Anti-virus and intrusion detection
- Signaturing
- Binary file formats, runtime debugging
- Windows and/or Linux environment
- FISMA Guidance
- NIST SP 800-16, Revision 1
- ODNI Cyber Subdirectory Competencies
- CNSS Policies, Directives and Reports
- C/C++
Desired Skills:
- Cyber network analysis (not network engineering)
- IDS and network monitoring
- Flow/packet analysis
- Conducts technical analysis of data and understands the nature of attacks, threats and vulnerabilities
- Experience/interest in developing IDS signatures and SNORT software
- Previous SOC experience is beneficial
Suggested Credentials:
Bachelor’s Degree (suggested areas of study include Computer Science, Information Technology, Information Assurance/Security, Engineering, Software Engineering, Mathematics, Business Management) and 9-15 years of experience involving work directly related to the listed skill areas.
OR
Degrees from a designated CAEIAE and 9-15+ years of experience involving work directly related to information technology, cyber security, security control evaluation, and implementation on information technology, systems, and programs or transferable skills related to information security, incident and risk management.
Demonstrated experience in leading an information security/IA compliance group.
Possession and demonstrated application of relevant certifications:
- CORE: MCSE, CCNA, CCNP, ISC, CAP
- Related: CISSP, CISM, ISC, ISSMP, CompTIA, SANs GIAC, PMP
Performance Level
LEVEL 4
Effectively communicates to technical and non-technical audiences; influences others to comply with policies and conform to standards and best practices.Contributes to the design and development to innovative research projects.Attends and participates in professional conferences to stay abreast of new trends and innovations in the field of information systems.Independently manages, plans, evaluates and advocates for compliances systems, plans and functions, and is providing significant input for the management of complex projects, programs, and initiatives with high threat and large scope; (e.g. department or agency-wide), with on-going systems monitoring.
Suggested Credentials
Minimum Requirements
Bachelor’s Degree in relevant area of study and 9-15 years of experience involving work directly related to listed skill areas
OR
- Degrees from a designated CAEIAE and 9-15 years of directly related experience
- Possession and demonstrated application of relevant certifications
- Additional Key Competencies Identified for this role (for senior management positions)
- Leadership & People Management
- Written & Oral Communication
- Creative Problem Solving
- Project/Program Management