Cyber Defense Analyst

Special Skillset (optional):

• Executes decision-making authorities and establishes cyber incident response direction for organization and cyber defense fusion operations.
• Single Point of Contact (SPOC) when a cybersecurity incident is declared.
• Manages Cybersecurity incident response lifecycle during a cybersecurity incident.
• Provides Cybersecurity Incident After-Action Reporting.
• Analyze the cybersecurity incident data, determine impact of the incident, classify or re-classing the cyber incident category, impact, scope, severity, or appropriate response procedures.
• Gathers information regarding cybersecurity incident, catalogs, and maintains the integrity of collected data for evidence.
• Provides escalation support for Cyber Command Center Analyst and Cyber Incident Coordinators.
• Perform security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
• Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities.
• Conduct real-time analysis using the SIEM, Cloud, Endpoint and Network based technologies, and other security analytics tools with a focus on identifying anomalous activity, security events/alerts and rule out false positives