TECH LEVELS

Tech Levels

 

Level 1 Tech:

Assists with the development and implementation of information assurance (IA), and security standards and procedures.

Coordinates, develops and evaluates security programs for an organization.

Performs analysis, design, and development of security features.

Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.

Performs vulnerability/risk analyses of systems and applications during all phases of the system development life cycle.

Assists in the coordination and escalation of security incidents based on the tiered Incident Response approach.

Has experience with experience in threat analysis, hunting, experience with multiple SIEMs and analyst detection workflow.

Performs at entry-level or development level assignments.

Minimum Education: Bachelor’s degree

 

Level 2 Tech:

Assists with the development and implementation of information assurance (IA), and security standards and procedures.

Coordinates, develops and evaluates security programs for an organization.

Performs analysis, design, and development of security features.

Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.

Performs vulnerability/risk analyses of systems and applications during all phases of the system development life cycle.

Assists in the coordination and escalation of security incidents based on the tiered Incident Response approach.

Has experience with experience in threat analysis, hunting, experience with multiple SIEMs and analyst detection workflow.

Performs at entry-level or development level assignments.

Minimum Education: Bachelor’s degree plus 4-years of experience

 

Level 3 Tech:

Assists with the development and implementation of information assurance (IA), and security standards and procedures.

Coordinates, develops and evaluates security programs for an organization.

Performs analysis, design, and development of security features.

Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.

Performs vulnerability/risk analyses of systems and applications during all phases of the system development life cycle.

Assists in the coordination and escalation of security incidents based on the tiered Incident Response approach.

Has experience with experience in threat analysis, hunting, experience with multiple SIEMs and analyst detection workflow.

Performs at entry-level or development level assignments.

Minimum Education: Bachelor’s degree plus 8-years of experience

 

Level 4 Tech:

Cyber Security Qualifications / Skills:

System administration

Network security

Problem solving

Information security policies

On-call network troubleshooting

Firewall administration

Network protocols

Routers, hubs, and switches

Informing others

Process improvement

Tech Level 4:

Education, Experience, and Licensing Requirements:

Bachelor’s degree in Computer Science, Information Systems, or equivalent education or work experience

4+ years of prior relevant experience

Advanced certifications such as SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification

Hold DoD-8570 IAT Level 2 baseline certification (Security+ CE or equivalent) at start date

Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

Hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations

Experience with vulnerability scanning solutions

Familiarity with the DOD Information Assurance Vulnerability Management program.

Proficiency with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security

In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk)

Experience developing and deploying signatures (e.g. YARA, Snort, Suricata, HIPS)

Understanding of mobile technology and OS (i.e. Android, iOS, Windows), VMware technology, and Unix and basic Unix commands