Cyber Protection Brigade Information Technology Specialist

Organization

U.S. Army Cyber Command

Duty Location

FORT MEADE, ANNE ARUNDEL, MD

Major Duties

The U.S. Army Cyber Protection Brigade (CPB), also known as the "Hunter" brigade, is Army's premier cyber threat hunter. We hunt advanced adversaries to enable information advantage in multi-domain operations and maintain and defend strategic cyber infrastructure. We are comprised of 1,300-plus specially trained and mission-focused Soldiers and civilians who work as a cohesive team to drive cyberspace operations and impose cost on our nation's enemies.
The incumbent will serve as a Network Analyst on a U.S. Army Cyber Protection Team (CPT) in the U.S. Army Cyber Protection Brigade (CPB). Uses knowledge of networking and network security monitoring to enable cyber security operations. The role of Network Analyst includes hunt, clear, enable hardening, and continual assessment operations as well as provide Cyber Threat Emulation (CTE) and Discovery and Counter-Infiltration (D&CI) capabilities.

• Analyze network architecture by installing, operating, maintaining, configuring, testing, and securing hardware and software-based routers, switches, firewalls, and various operating systems to enable network hardening recommendations.
• Provide expert technical support to enterprise-wide and local network technicians to identify and resolve cyber defense incidents.
• Interpret provided network diagrams, run local scanning software, and encompass sensor related data to create logical, physical, and persona-based diagrams utilized by the Cyber Protection Team during missions.
• Survey and evaluate network traffic, identify baselines to facilitate locating adverse network trends, anomalous traffic, or malicious cyberspace activity (MCA).
• Develop Army and Department of Defense incident response and threat mitigation countermeasures, friendly network forces prioritization, and operational assessments.
• Provide technical advice, guidance, and assistance on a wide range of complex cybersecurity issues and distribute information pertaining to cyber related threats impacting the Department of Defense Information Network (DoDIN).
• Defend and clear critical assets, Mission Relevant Terrain (MRT), or Key Terrain Cyber (KT-C) either remotely or by deploying to the affected location as needed.

Qualifications/ Specialized Experience

To qualify, you must meet the education and/or experience requirements described below for each applicable grade level you wish to be considered. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, Ameri Corps) and other organizations. You will receive credit for all qualifying experience, including volunteer experience. Your resume must clearly describe your relevant experience;

if qualifying based on education, your transcripts will be required as part of your application.

Additional information about transcripts is in this document. To qualify based on your experience, your resume must describe one year of specialized experience that demonstrates the possession of knowledge, skills, abilities, and competencies necessary for immediate success in the position. Such experience is typically in or directly related to the work of the position to be filled. Specialized experience would be demonstrated by:

GG-07:
Monitoring network traffic and/or host processes to determine anomalies; assisting with analysis of information systems (e.g. networks, security, operating systems) compliance; and assisting customers in resolving technical issues.

GG-09:
Installing network switches to establish new services; modifying network switch configurations to resolve incidents; performing remote diagnostics; and troubleshooting network related issues.

GG-11:
Conducting research to identify unanticipated network threats; monitoring and analyzing network traffic and performance; monitoring tools such as Wireshark and Splunk to formulate hypothesis on anomalous traffic.

GG-12:
Conducting analysis on network traffic using any tool such as Wireshark and Splunk; applying cybersecurity best practices and providing recommendations to customers or management, either individually or as part of a team; applying an understanding of the Open Systems Interconnection (OSI) Reference Model as it relates to networking and traffic flow.

EDUCATION:

GG-07 Substitution of Education for

Experience:

One full year of graduate level education from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management; or, graduate level education from an accredited or pre-accredited institution that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks.

GG-09 Substitution of Education for

Experience:

Master's or equivalent graduate degree or 2 full years of progressively…