Required Security Clearance:
8570 Category Requirement:
IAT Level II
8570 Specialist Requirement:
CSSP Incident Responder
Potential for Teleworking:
Identify and report detected events through persistent monitoring and analysis of indications and warnings (I&W) and attack, sensing, and warning (AS&W) indicators
Respond to identified network or system cyber incidents
Analyze, contain, eradicate malicious code
Prepare and disseminate AS&W to enterprise and the CND-SP community
Conduct cyber trend analysis as well as malware analysis
Disseminate and report cyber related activities and trends
Support or conduct CND/CI coordination and reporting to the organization, DoD, and IC
Skills and Tasks. Exceptionally Complex, Inter-Discipline, Inter-Organizational. Can perform tasks of senior level technicians, specialists, and or managers not performed at Level 3 due to the size and/or complexity of the tasks.
Leadership/Management. May work individually or as a key member of a senior leadership team. Oversees and monitors performance across several disciplines, and when required, takes steps to resolve issues.
Guidance. Provides expert guidance and direction to Government and Vendor senior level technicians and managers. Directs multiple contractor and subcontractor teams through to project completion.
Training and Certifications. DoD 8570 compliance or information assurance certification commensurate with technical objectives and services required within the task order. Applicable software or hardware training and certifications commensurate with the technical objectives, services required, and IT environment specified within the task order.
Capabilities and additional Requirements. Apply Standard Characteristics of Labor Category Capability Levels.
Education and Experience
HS/GED + 12 years
Associates Degree + 10 years
Bachelor’s Degree + 8 years
Master’s Degree + 6 years
PhD + 4 years
Functional role: Cyber Incident Responder – Detect/Respond
Performs forensic analysis of digital information and gathers and handles evidence. Identifies network computer intrusion evidence and perpetrators, and
coordinates with other government agencies to record and report incidents.
Monitors Intrusion Detection Systems (IDS) to identify security issues for remediation.
Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of
vulnerability scanning devices.
Prepare incident reports of analysis methodology and results.
Provide guidance and work leadership to less-experienced technical staff members.
Participate in special projects as required.
Position may require evening, weekend or shift-work (depending on operational tempo).
Intrusion Detection Systems