Work Role Description: Conducts detailed investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.
Work Role Description: Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.
Work Role Description: Identifies, collects, examines, and preserves evidence using controlled and documented analytical and investigative techniques.
Work Role Description: Executes decision-making authorities and establishes vision and direction for an organization's cyber and cyber-related resources and/or operations.
Work Role Description: Responsible for the cybersecurity of a program, organization, system, or enclave.
Work Role Description: Develops and maintains cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.
Work Role Description: Uses data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within their environments for the purposes of mitigating threats.
Work Role Description: Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.
Work Role Description: Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.
Work Role Description: Develops, creates, maintains, and writes/codes new (or modifies existing) computer applications, software, or specialized utility programs.
Work Role Description: Analyzes the security of new or existing computer applications, software, or specialized utility programs and provides actionable results.
Work Role Description: Senior official or executive with the authority to formally assume responsibility for operating an information system at an acceptable level of risk to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation (CNSSI 4009).
Work Role Description: Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).