Provide Computer Security Monitoring and Incident Response to the Bureau of Indian Affairs as part of a multi-person Computer Incident Response Team (CIRT).
Responsible for monitoring the integrity and security of enterprise-wide cyber systems and networks as part of an incident response team. Supports cyber security initiatives through both predictive and reactive analysis, articulating emerging trends to leadership and staff. Performs network traffic analysis utilizing raw packet data, IDS, IPS, and custom sensor output as it pertains to the cyber security of communications networks. Reviews threat data from various sources and assists Engineers with development of custom signatures for Open Source IDS or other custom detection capabilities. Correlates actionable security events from various sources including Security Information Event Management System (SIEM) data. Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.