Computer Emergency Response Team (CERT)
Description of Responsibilities
- Provide incident response functions and coordinate activities with government site personnel and offsite management, as directed
- Publish and distribute Notifications which address major information security threats, i.e. hacking, malicious activity, damaging vulnerabilities with exploits in the wild, Trojans, Worms, and Viruses
- Report information security Events and Incidents to appropriate internal and external agency authorities
- Produce daily, weekly, and monthly reports for Agency management and higher headquarters
- Develop security architectures, and engineering system specifications.
- Conduct strategic planning and recommend implementation strategies.
- Oversee and assist, as necessary, the Duty Analysts (DAs) as they perform the Protect and Detect functions
- Conduct research pertaining to the latest viruses, worms, etc. and the latest technological advances in combating unauthorized access to information
- Write Information Papers and Technical White Papers, as required
- Conduct an end-of-shift turnover summarizing activities for each shift
- Advise the government community of best security practices, as necessary
- Update reports and notifications on CERT Information Portal
- Participate in multi-agency Continuity of Operations (COOP) Exercises
- Provide input to draft InfoSec policies
- Perform other Network Security/Information Assurance tasks as assigned
- Assist with the development of process documentation for Duty Officer and other functions to ensure standardization and quality of support by performing the following functions:
- Develop standard operating procedures
- Develop process descriptions for appropriate Capability Levels
- Develop workflow diagrams of key processes
- Identify work areas where repeatable processes and documentation are required
- Provide recommendations on how to improve efficiency and effectiveness of operations
- Task appropriate in-house subject matter experts to develop the above items and assign process owners
- Knowledge and experience in security disciplines including, but not limited to, information systems security, operations security, administrative security, personnel security, physical security and communications security.
- Expert professional knowledge and experience o f information systems security policies and practices, computer science, state-of-the-art security tools and applications, and a thorough knowledge of IT.
- Knowledge of DoD/IC system security control requirements
- Knowledge and experience with XACTA (pronounced "Eggsacta")
Certified in accordance with DoD 8570 .01-M, (Security+) "Information Assurance Training, Certification, and Workforce Management" (in either Technical or Management Level II or higher) at no additional cost (travel, training, or labor) to the government, to the level commensurate with the roles and responsibilities they perform.
Location and Hours
- All Functional Specialist/Advisors in this section at levels, 4. 3 and 2 shall be DoD 8570.01-M compliant at Management or Technical level III (CISSP, CISA, GSE, GCIH, GSLC, CISM). All functional Specialists/Advisors in this section at Level 1 shall be DoD 8570.01-M compliant at Management or Technical level II (GSEC, Security+, SCNP, SSCP, CISSP, GSLC, CISM .
- The work site is located in Springfield, VA.
- Shift work, 24/7