Incident Handler I - DCO
Determine appropriate course of action in response to identified cyber security attacks or anomalous network activity.
For Cyber Defensive Operations (CDO) Branch, maintains on-site capability to work directly with RCC-CONUS Operations personnel in order to conduct initial triage/cyber incident analysis to include, review correlated events, system/device logs, and SIEM event data to determine and recommend/take immediate DCO response actions.
- Education/Experience Requirements
- AA/AS + 2 years or BS/BA + 1 year
- CSSP-IR (CEH, CFR, CCNA Cyber Ops, CCNA-Security, CHFI, CySA+, GCFA, GCIH, SCYBER, PenTest+)
- IAT II (CCNA-Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
- Computing Environment Certification
- Clearance Requirement
- Top Secret/SCI Clearance