Summary/Objective The Cyber Defense Infrastructure Support Specialist, Tests, implements, deploys, maintains, reviews, and administers the infrastructure hardware and software that are required to effectively manage the computer network defense service provider network and resources. Investigates, analyzes, and responds to cyber incidents within the network environment.
Essential Functions
Coordinate with Cyber Defense Analysts and Vulnerability Assessment Specialist to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, antivirus, and content blacklists) for specialized cyber defense applications. Perform system administration on specialized cyber defense applications and systems (e.g., antivirus, audit, and remediation) or Virtual Private Network (VPN) devices, to include installation, configuration, maintenance, backup, and restoration. Create, edit, and manage network access control lists on specialized cyber defense systems, such as firewalls and intrusion prevention systems. Provide expert technical support to technicians across the organization to resolve cyber defense incidents and coordinate incident response efforts Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. Analyze incident data to identify specific vulnerabilities and make recommendations for expeditious remediation. Analyze log files from various sources, including individual host logs, network traffic logs, firewall logs, and intrusion detection system (IDS) logs, to identify potential threats to network security. Perform cyber defense incident triage, which involves determining the scope, urgency, and potential impact of incidents, identifying specific vulnerabilities, and making recommendations for expeditious remediation. Handle real-time cyber defense incidents by performing forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation tasks to support deployable Incident Response Teams (IRTs). Monitor external data sources, such as cyber defense vendor sites, Computer Emergency Response Teams, and Security Focus, to stay current on cyber defense threat conditions and determine which security issues may impact the enterprise. Involve management in addressing sensitive or complex problems. Perform related tasks as required. Competencies
Technical Capacity. Problem Solving/Analysis. Critical Thinking Communication Proficiency. Good Decision Making. Time Management. Research Capabilities. Supervisory Responsibility
This position does not have direct supervisory responsibilities .
Work Environment
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, scanners, and copy machines.
Physical Demands
While performing the duties of this job, the employee is regularly required to talk or hear. The employee is frequently required to sit for long periods of time; stand; walk; use hands to type, handle or feel; and reach with hands and arms. The employee is occasionally required to stoop, kneel, crouch, or crawl. The employee must occasionally lift and move up to 50 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to adjust focus.
Position Type and Expected Hours of Work
This is a full-time position. Hours of work and days are variable, but typically Monday through Friday. Week-long on-call rotations may be required, with occasional evening and weekend work as job duties demand.
Travel
Infrequent travel may be expected for this position.
Required Education and Experience:
Possesses expertise in implementing and maintaining security measures, such as access controls, system hardening techniques, VPN devices and encryption, and incident handling methodologies. Demonstrates strong skills in identifying and mitigating cybersecurity threats, including network malware, anomalous behavior, and non-compliant practices, while applying cybersecurity and privacy principles relevant to organizational requirements. Expert knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). At least five years of technical work experience or equivalent education/certifications. At least 5 relevant certifications (Certifications addressing intrusion detection/prevention, incident response and recovery, security operations, network infrastructure, access control, cryptography, assessments, and audits. Bachelor's degree in computer science-related field or equivalent experience. Other Duties:
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
