Computer Forensics and Intrusion Analyst (Journeyman)
This Vulnerability Assessment Team (VAT) member position will support the DoD Information Assurance Vulnerability Management (IAVM) program for the Defense Cyber Crime Center (DC3). These activities directly support cyber-crime investigations and operations to identify and mitigate cyber threats to the United States Air Force USAF and DoD personnel, interests, and resources worldwide. The VAT is responsible for executing FISMA compliance activities including annual assessments of security control status, vulnerability assessments, annual testing of contingency plans, and incident response plans, configuration management and conduct Privacy Impact Assessments (PIA). The team provides audit and advisory services, helps clients understand the complexity of issues such as performance, privacy, risk, controls, and data analysis.The Validator is responsible for continuous vulnerability scans across a multitude of networked or standalone systems. Serves at the central coordination point of all network system vulnerability assessments, audits, and related studies conducted in the agency environment. Individual participates in activities traditionally associated with Incident Response, and vulnerability scanning, and is primarily responsible for routine Nessus scanning, network monitoring and intrusion detection, as well as additional Cyber Security analysis. Individual will be responsible for providing associated monthly and ad-hoc scans using ACAS/Nessus as required on the Network Protection Suites (NPS) and owned and managed systems. The Validator is responsible for managing, disseminating, interpreting, and tracking compliance with IAVM associated messages, monitoring the system for Vulnerability Threats, looking at reports for advanced Cyber Security Analysis, and hunting for hidden threats. In addition to assessing compliance based on requirements, and developing Plans of Action and Milestone (POA&M) documentation. Individual will be responsible for vulnerability management related to web applications including periodic vulnerability scanning, web application scanning, and code scanning. In addition to, analyzing results, identifying false positives, identifying remediation plans, directing system developers on remediation plans, and managing remediation through closure. Required Skills:
- Experienced in employing software engineering techniques in designing and developing software for vulnerability discovery and an understanding of the vulnerability management lifecycle.
- Experienced with vulnerability scanning tools such as Retina and Nessus.
- Experience working with web services technologies such as XML, JSON, SOA, REST, and AJAX.
- Knowledge of Network Security Analysis using Intrusion Detection Systems.
- Comprehensive understanding of Security Methodologies, firewalls, proxies, mail servers, and web servers. Advanced experience with vulnerability assessment.
- Comprehensive knowledge of malicious code (worms, viruses, spy-ware, etc)
- Demonstrated strong interpersonal and organizational skills and ability to serve as central coordination point.
- Highly exceptional verbal and written communication skills, including ability to produce as well as provide expert review of accurate and timely technical reports are required of material for release to a larger community.
- Other duties as assigned.
- Experience authoring and editing standard operating procedures (SOPs), policies, and organizational communications.