Monitor organization’s networks for security breaches and investigate a violation when one occurs. Recommend and/or implement mitigation actions in response. Prepare tickets that document security breaches and the extent of the damage caused by the breaches.
Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events.
Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software. Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security.
Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks.
Provide support to personnel responsible for conducting Penetration Testing.
#J-18808-Ljbffr