Description

Special Skillset (optional):

  • Executes decision-making authorities and establishes cyber incident response direction for organization and cyber defense fusion operations.
  • Single Point of Contact (SPOC) when a cybersecurity incident is declared.
  • Manages Cybersecurity incident response lifecycle during a cybersecurity incident.
  • Provides Cybersecurity Incident After-Action Reporting.
  • Analyze the cybersecurity incident data, determine impact of the incident, classify or re-classing the cyber incident category, impact, scope, severity, or appropriate response procedures.
  • Gathers information regarding cybersecurity incident, catalogs, and maintains the integrity of collected data for evidence.
  • Provides escalation support for Cyber Command Center Analyst and Cyber Incident Coordinators.
  • Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
  • Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
  • Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying anomalous activity, security events/alerts and rule out false positives

Education

Any Gradute