Deliverables

• Information assurance, network security, computer information systems, computer science, or management information systems 3.8.6.2.2.

• Knowledge and experience with Anti-Virus, Intrusion Detection Systems, Firewalls, Active Directory, Vulnerability Assessment tools and other security tools found in large network environments; along with experience working with Security Information and Event Management (SEIM) solutions 3.8.6.2.3.

• Understanding of common network services (DNS, web, mail, FTP, etc.), network vulnerabilities, and network attack patterns 3.8.6.2.4. Understanding and familiarity with Security Information and Event Management (SIEM) systems 3.8.6.2.5. Familiarity with intrusion detection / protection, firewalls, and anti-virus systems 3.8.6.2.6.

• Knowledge and experience of managing network protocols 3.8.6.2.7. Microsoft and Linux hosting and systems Administration experience

Category/Experience

• Cyber Threat Engineer will work on all systems and/or projects within the organization responsible for providing Cyber Security Threat detection utilizing network and host based Computer Security tools, appliances and end point products 3.1.1.1.2.

• Perform analysis of all security systems log files, review and keep track of triggered events, research current and future cyber threats, reconcile correlated cyber security events, develop and modify new and current cyber security correlation rule sets, and operate security equipment and technology 3.1.1.1.3. Document security incidents as identified in the incident response rules and escalate to management as required 3.1.1.1.4. Monitor key security infrastructure elements, identify security events, perform analysis, and initiate response activities 3.1.1.1.5.

• Perform packet analysis by identifying malformed packets and the payload of the packet 3.1.1.1.6. Integrate security products, including designs for all organizational networks as well as designing, engineering, planning, integrating, configuring, testing and deploying 3.1.1.1.7. Maintain system baselines and configuration management items, including security event monitoring "policies " in a manner determined by the program management 3.1.1.1.8.

• Provide documentation and interaction with other analysts and Operations and Maintenance (O&M) personnel to ensure a complete and functioning system that meets requirements 3.1.1.1.9. Perform software testing (patches, other updates) 3.8.6.1.10. Troubleshoot OSI layer and TCP/IP related problems