CND-SP Incident Responder Level 4 100

CND-SP Incident Responder Level 4:

Skill Level 4:

Skills and Tasks:

• Exceptionally Complex, Inter-Discipline,  Inter-Organizational. Can perform tasks of senior level technicians,  specialists, and or managers not performed at Level 3 due to the size  and/or complexity of the tasks.

Leadership/Management:

• May work  individually or as a key member of a senior leadership team. 

• Oversees  and monitors performance across several disciplines, and when required,  takes steps to resolve issues.

Guidance:

• Provides expert  guidance and direction to Government and Vendor senior level technicians  and managers. 

• Directs multiple contractor and subcontractor teams  through to project completion.

STANDARD CHARACTERISTICS:

• Identify and report detected events through persistent  monitoring and analysis of indications and warnings (I&W) and  attack, sensing, and warning (AS&W) indicators

• Respond to identified network or system cyber incidents

• Analyze, contain, eradicate malicious code

• Prepare and disseminate AS&W to enterprise and the CND-SP community

• Conduct cyber trend analysis as well as malware analysis

• Disseminate and report cyber related activities and trends

• Support or conduct CND/CI coordination and reporting to the organization, DoD, and IC

Education and Experience:

• HS/GED + 12 years

• Associates Degree + 10 years

• Bachelor's Degree + 8 years

• Master's Degree + 6 years

• PhD + 4 years

Cyber Incident Responder – Fusion:

• Understand the fusion analysis processes and procedures to aid  in cyber threat actor identification and tracking, facilitation of  comprehensive procedures for collaboration, and assisting in creating  defensive measures to defend against advanced cyber threat actors.

• Be familiar with the  utilization, configuration, and implementation of industry standard  cyber threat actor research and analysis capabilities including but not  limited to threat intelligence reporting, threat intelligence data  sources/services, advance persistent threat actor practices, advanced  persistent threat actor identification and tracking methods, advanced  log analysis, network monitoring, and network flow analysis.

• Understand the cyber threat actor research process.

• Understand the lifecycle of the network threats, attack vectors and methods of exploitation.

• Identify  network computer intrusion evidence and perpetrators, and coordinates  with other government agencies to record and report incidents.

• Participate  in collaborative sessions with other CNDSPs and IC agencies on  malicious intrusions, attacks, or suspicious activities, as well as  share emerging Cyber Threat Intel data.

• Assist in the development of Indicators of Compromise for active defensive countermeasures and passive detection signatures.

• Research and produce analysis on nation state cyber threat actors.

• Utilize internal and open source research for awareness of nation stated targeting, trends, etc.

• Develop strategic cyber threat intelligence products in support of network defense operations.

• Position may require evening, weekend, or shift-work (depending on operational tempo).

Training and Certifications:

• DoD  8570 compliance or information assurance certification commensurate with  technical objectives and services required within the task order.  

• Applicable software or hardware training and certifications commensurate  with the technical objectives, services required, and IT environment  specified within the task order.

Security Clearance:

• TS/SCI with CI poly