Cyber Defense Firewall Administrator 104-024 with Security Clearance

Cyber Defense Firewall Administrator: Job Description Summary: Investigates, analyzes, and responds to cyber incidents within the network environment or enclave. This position has alternate locations in the National Capital Region. Level 0: * Investigates, analyzes, and responds to cyber incidents within a network environment or enclave * Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats. * Interprets, analyzes, and reports all events and anomalies in accordance with computer network directives, including initiating, responding, and reporting discovered events. * Evaluates, tests, recommends, coordinates, monitors, and maintains cybersecurity policies, procedures, and systems, including access management for hardware, firmware, and software. * Ensures that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards. * Identifies security risks and exposures, determines the causes of security violations and suggests procedures to halt future incidents and improve security. * Understands and applies more advanced processes to daily activities. * Develops techniques and procedures for conducting cybersecurity risk assessments and compliance audits, the evaluation and testing of hardware, firmware and software for possible impact on system security, and the investigation and resolution of security incidents such as intrusion, frauds, attacks or leaks. Job Description: * Performing Enterprise Defense Countermeasure (DC) activities and coordination with other government agencies to record and prepare incident reports and analysis methodology and results. * Monitoring and analyzing signature alerts from Intrusion Detection/Prevention Systems (IDS/IPS) for false positives. * Providing technical enforcement of organizational security policies. * Providing "tune-or-drop" recommendations towards the DC team's Signature Lifecycle Review procedure. * Provide insight to Detection and Response teams on signature functionality and providing signature tuning as needed. * Providing guidance and work leadership to less-experienced staff. * Communicating with customers and teammates clearly and concisely. * Maintaining current knowledge of relevant technology as assigned and may have supervisory responsibilities. * Participating in special projects as required. * May serve as a technical team or task leader. * Position may require evening, weekend, or shiftwork (depending on operational tempo). Desired Skills: * Experience with Perl Compatible Regular Expressions (PCRE) * Experience authoring Yara rules * Experience authoring Snort signatures Education and Experience: * HSD/GED+4yrs * Associates+2yrs * Bachelors+0yrs Training and Certifications: * IAT Level II Security Clearance: * DoD Approved Clearance and Poly