Cyber Security Analyst II
Performs advanced (senior-level) cybersecurity analysis work. Work involves protecting cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. Responsible for installing and utilizing software such as firewalls and data encryption programs to protect the Criminal Investigations Division Investigative Support Section networking environment which utilizes internal networks, and conducts proactive criminal investigation utilizing various electronic technical capabilities. Responsible for protecting sensitive investigation information and conducting proactive tests on internal systems to ensure security. May assist in developing and writing of policies and procedures for this specialized unit. May assign and/or supervise the work of network specialist, systems analyst, and others. Works under limited supervision, with considerable latitude for the use of initiative and independent judgment.
The following Military Occupational Specialty codes are generally applicable to this position. Applicants must fully complete the summary of experience to determine if minimum qualifications are met. 25B, 25D, 35Q, 255A, 255S, 181X, 742X, 743X, 744X, 205, 0651, 0659, 8858, 3D0X2, 3D0X3, 17CO, 17DX, 25, 35
1. Evaluate network and system security configuration for best practices and risk-based access controls during the utilization of various computer forensic analysis software applications.
2. Configuring, maintaining, and troubleshooting Negate Firewalls, Cisco Routers, Cisco Switches, and VPNs within the CITEC domain.
3. Assist with evaluation and implementation of enterprise digital forensic software and systems to ensure that proper data integrity and security are met.
4. Develop and/or coordinates the development of CID/ISS policies for encryption of data transmissions and the definition of firewall configuration to protect confidential information in transit.
5. Assist in selecting data management tools and developing the standards, usage guidelines, and procedures for using those tools.
6. Evaluate network and system security configuration for best practices and risk-based access controls in a criminal investigative support service.
7. Perform vulnerability scans of networks and applications to assess effectiveness and identify weaknesses in a criminal investigative support service.
8. Research and implement new security risk and mitigation strategies, tools, techniques, and solutions for the prevention, detection, containment, and correction of data security breaches.
9. Assist criminal investigators during computer related crime investigations such as breach of computer security or possession of illicit materials.
10. Assist in advising management and users regarding security procedures.
11. Assist in recommending and managing implementation of corrective actions.
12. May assign and/or supervise the work of others.
13. Attend work regularly and observes approved work hours in accordance with agency leave and attendance policies.
14. Perform other duties as assigned.
GENERAL QUALIFICATIONS and REQUIREMENTS
Education – Graduation from an accredited four-year college or university with major coursework in computer science, management information systems, or a related field is preferred. A Master’s Degree in Cybersecurity is preferred.
Experience – Minimum of three (3) years’ experience performing work in cybersecurity analysis, information security, or digital forensics; in (LAN) Local area network, (WAN) Wide area network; and in systems administration.
Substitution Note: Additional work experience of the type described or other related education may be substituted for one another on a year-for-year basis.
Licensure and/or Certification – Must possess a valid driver license from state of residence.
Interpersonal Skills – Must demonstrate an ability to exercise poise, tact, diplomacy and an ability to establish and maintain positive, working/professional relationships with internal/external customers.
Organizational and Prioritization Skills – Must be organized, flexible, and able to effectively prioritize in a multi-demand and constantly changing environment; able to meet multiple and sometimes conflicting deadlines without sacrificing accuracy, timeliness or professionalism.
Presentation/Communication Skills – Must be able to construct and deliver clear, concise, and professional presentations to a variety of audiences and/or individuals.
Research and Comprehension – Must demonstrate ability to quickly and efficiently access relevant information, and be able to utilize and/or present research and conclusions in a clear and concise manner.
Analytical Reasoning/Attention to Detail – Must demonstrate an ability to examine data/information, discern variations/similarities, and be able identify trends, relationships and causal factors, as well as grasp issues, draw accurate conclusions, and solve problems.
Technology (computers/hardware/software/operating systems) – Must possess appropriate levels of proficiency with utilized software and systems and be able to learn new software/systems. Demonstrated proficiency with Microsoft Office Suite (Word, Excel, PowerPoint, Outlook).
- Demonstrated proficiency in SQL databases, Negate Firewalls, Cisco Routers, Cisco Switches, IPS/IDS, Security Information Event Management software, network monitoring software and familiarity with Linux command line arguments.
- Considerable knowledge of the limitations and capabilities of computer systems and technology; of operational support of networks, operating systems, Internet technologies, databases, and security infrastructure; of cybersecurity and security controls.
- Considerable knowledge of Windows, Linux, and Mac operating systems. Familiar with Windows server.
- Considerable knowledge of network facilities and data processing techniques, of personal computer hardware and software, of network operating system and security software, and of performance monitoring and capacity management tools.
- Considerable knowledge of systems administration, of computer hardware and software configuration and troubleshooting, of operating systems and applications, of computer programming and architecture of scripting languages and of internet security administration.
- Confidentiality and Protected Information – Must demonstrate an ability to responsibly handle sensitive and confidential information and situations, and adhere to applicable laws/statutes/policies related to access, maintenance and dissemination of information.