Key responsibilities

• Identifies, analyzes, monitors, mitigates and manages threats and vulnerabilities to IT systems and networks.

• Uses defensive measures and multi-source information to report events and respond to incidents.

• Uses data collected from cyber defense tools to analyze events that occur within their organization to detect and mitigate cyber threats.

• Performs vulnerability assessments of systems and networks. Identifies where they deviate from acceptable configurations or applicable policies. Measures effectiveness of
  defense-in-depth architecture against known vulnerabilities.

• Conducts authorized attempts to penetrate computer systems or networks and physical premises, using realistic threat techniques, to evaluate their security and detect
  potential vulnerabilities.

• Investigates, analyzes and responds to cybersecurity incidents.

• Collects and analyzes digital evidence, investigates cybersecurity incidents to derive useful information to mitigate system and network vulnerabilities.

• Identifies, collects, examines and preserves evidence using controlled and documented analytical and investigative techniques.

• Analyzes (by disassembling and/or decompiling) malicious software, understands how it works, its impact and intent and recommends mitigation techniques and incident
  response actions.

• Collects and analyzes multi-source information about cybersecurity threats to develop deep understanding and awareness of cyber threats and actors' Tactics, Techniques and

• Procedures (TTPs), to derive and report indicators that help organizations detect and predict cyber incidents and protect systems and networks from cyber threats.

• Proactively searches for undetected threats in networks and systems, identifies their Indicators of Compromise (IOCs) and recommends mitigation plans.

Skills

• Knowledge of network components, their operation and appropriate network security controls and methods.

• Knowledge of the principles of cybersecurity and privacy.

• Knowledge of cybersecurity related threats and vulnerabilities.

• Knowledge of the likely operational impact on an organization of cybersecurity breaches

• Knowledge of cybersecurity authentication, authorization and access control methods.
  Knowledge of vulnerabilities in applications and their likely impact.

• Knowledge of cybersecurity defense and vulnerability assessment tools and their capabilities

• Knowledge of computer algorithms.

• Knowledge of cryptography and cryptographic key management concepts.

• Knowledge of appropriate data backup and recovery methods and solutions, including testing

• Knowledge of cybersecurity considerations for database systems

• Knowledge of host and network access control mechanisms.

• Knowledge of sources of information relating to the identification and effective treatment of vulnerabilities.

• Knowledge of best practices for incident response and incident management.

• Knowledge of cybersecurity and privacy principles and organizational requirements.

• Knowledge of IT security principles and methods.

• Knowledge of best practice network traffic analysis methods.

• Knowledge of operating systems.

• Knowledge of programming language structures and logic.

• Knowledge of key security management concepts.

• Knowledge of industry-standard systems diagnostic tools and fault identification techniques.

• Knowledge of Virtual Private Network (VPN) security

• Knowledge of network tools

• Knowledge of the national cybersecurity regulations and requirements relevant to the organization

• Knowledge of cybersecurity policies, procedures, and regulations.

• Knowledge of Windows and Unix ports and services