General Description(Cybersecurity Specialist)
The Cybersecurity Specialist performs complex (journey-level) information technology, and cyber security analysis and control work. Work involves planning, coordinating and implementing Information Technology security policies and procedures to protect cybersecurity assets and delivering cybersecurity incident detection, incident response, threat assessment, cyber intelligence, software security, and vulnerability assessment services. May train others. Works under general supervision with moderate latitude for the use of initiative and independent judgement.
WHAT WILL YOU DO:
Duties and Responsibilities(Cybersecurity Specialist)
• Assists with collection, processing, preservation, and analysis of digital-related evidence to support network vulnerability mitigation and workplace investigations.
• Responsible for access control, passwords checks, and account modification.
• Uses information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
• Assists with responding to crises or urgent situations to mitigate immediate and potential threats; uses mitigation, preparedness, and response and recovery approaches; investigates and analyzes all relevant response activities.
• Researches and monitors for system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Structured Query Language [SQL] injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code).
• Implements security measures to resolve vulnerabilities, mitigate risks, and recommends security changes to system or system components as needed.
• Assesses and monitors cybersecurity events related to system implementation and testing practices.
• Coordinates with IT and other information security staff to validate network alerts.
• Performs event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
• Assesses adequate access controls based on principles of least privilege and need-to-know.
Performs related work as assigned, including providing after hours support for information security functions
WHAT WILL YOU BRING:
Minimum Required Qualifications(Cybersecurity Specialist)
• High school diploma or equivalent.
• Two (2) years of full-time cybersecurity, information security, systems analysis, programming, computer operations, IT business analysis, or other IT related experience.
• One (1) year of experience training employees on cybersecurity awareness.
• One (1) year of required experience may be substituted for a Bachelor’s degree in Cybersecurity, Information Security, or other related technical field”.
• Experience may be concurrent.
Preferred Qualifications(Cybersecurity Specialist)
• Experience with risk management frameworks as it pertains to the National Institute of Standards and Technology.
• Experience with various security monitoring tools, network and web assessment tools, and scripting languages.
• Certification such as Systems Security Certified Professional (SSCP), Security+, or other security related certifications.
Knowledge, Skills and Abilities(Cybersecurity Specialist)
• Computer systems and technology limitations, capabilities, and security infrastructures.
• Information security systems, controls, methodologies, practices, and regulations, including data encryption and information protection.
• National and international laws, regulations, policies, along with ethics as they relate to cybersecurity/privacy.
• Organization’s risk tolerance and/or risk management approach.
• Applicable state and federal laws, statutes, Presidential Directives, executive branch guidelines related to information security or cyber security.
• Current and emerging cyber technologies.
• Analyzing complex technical problems and developing workable solutions
• Managing multiple conflicting tasks/deadlines.
• Effective verbal and written communication of complex technical information.
• Effectively assess areas of risk associated with information security.
• Determine the validity of technology trend data.
• Develop policy, plans, and strategies in compliance with laws, regulations, policies, and standards in support of organizational information security assurance.
• Establish and maintain harmonious working relationships with co-workers, agency staff, and external contacts.
• Work effectively in a professional team environment.