• Audit insider threat activities.• Recommend strategies for assessing inappropriate use of the Department’s networks; research and recommend tools for monitoring employee computer use and assessing user behavior.• Provide support to DS criminal investigators.• Perform in-depth log analysis to determine trend, patterns, and suspicious activity.• Interface and coordinate with other U.S. Government, Intelligence Community, and Law Enforcement organizations performing insider threat auditing.

Daily use of Firebird systems.Monitor and troubleshoot computer systems, cameras and audio; Windows OS, ProxiMex, MasterMind, and Bosch.Experience with SharePoint, C- Cure 9000, and Operator client control systems.Perform daily tasks using Microsoft word, PowerPoint and Excel.Provide technical assistance to government employees and contractors.Issue PIV, CAC and visitor badges to personnel. Responsible for access control, employee and visitor identification checks, security equipment monitoring.Ability to conduct investigations on security breaches and utilize technical measures to correct situations.Emergency Response & Active shooter certified.

• Review the ingestion of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts from external sources and determine its applicability to the environment.• Perform correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets.• Ensure continued security of the network and proactive enhancement of cybersecurity to meet evolving and emerging threats, to include compliance with DoD Risk Management Framework (RMF) and continuous monitoring requirements.• Be responsible for ensuring monitoring enterprise systems, defending against security breaches, and identifying, investigating, and mitigating cybersecurity threats including managing the operation of the SOC and the performance of ARNG RCC-NG SOC activities 24/7/365 to protect DOD information systems and infrastructure.• Compile and interpret the information received about emerging threats at different classification levels through data feeds from Internet security firms, Government organizations, private industry, and foreign governments into actionable monitoring either by developing custom content or by means suggested by the contractor.• Build, implement, and refine event correlation rules, logic, content, and analysis techniques that will enable SOC personnel to correlate events and security incidents with specific sources, such as individuals, threat actors, IT systems, devices, and IP addresses.• Responsible for performing correlation activities and trend analysis to discover attack patterns and assess the risks and potential exposure of assets and develop and enhance correlation rules, logic, and analysis techniques for associating data.• Determine risks to the enterprise and develop mitigations and/or countermeasures in coordination with the RCC-NG.adversary capabilities, intentions, and Techniques, Tactics, and Procedures (TTPs).

• Performs network security monitoring and incident response for a large organization.• Maintains records of security monitoring and incident response activities, utilizing case management and ticketing technologies.• Monitors Security Information and Event Management (SIEM) to identify security issues for remediation.• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.• Supports efforts to consolidate and conduct comprehensive analysis of threat data obtained from classified, proprietary, and open-source resources to provide indication and warnings of impending attacks against unclassified and classified networks.• Monitors and reviews logs from existing security tools and creates new security tool signatures to ensure maximum performance and availability.• Performs all aspects of intrusion detection, log and audit management, network and database vulnerability assessment and compliance management, and security configuration.• Analyze collected information to identify vulnerabilities and potential for exploitation.• Identifies network and operating systems vulnerabilities and recommends countermeasures.• Investigates, monitors, analyzes, and reports on information security incidents.• Use mitigation, preparedness, and response and recovery approaches, as needed to maximize information security.• Monitors network to actively remediate unauthorized activities.• Monitors intrusion detection sensors and log collection hardware and software to ensure systems are collecting relevant data.• Monitors all security systems to ensure maximum performance and availability.• Analyze computer security threat information from multiple sources, disciplines, and agencies across.

• Investigate, monitor, analyze and report on information security incidents;• Respond to crisis or urgent situations to mitigate immediate and potential threats;• Utilize mitigation, preparedness and response and recovery approaches to maximize information security;• Provide incident handling support for incident detection, analysis, coordination and response;• Test, implement deploy, maintain and administer information system security infrastructure hardware;• Monitor network to actively remediate unauthorized activities;• Monitor intrusion detection sensors and log collection hardware and software to ensure systems are collecting relevant data;• Perform day to day configuration and operation of production and test networks;• Analyze computer security threat information from multiple sources, disciplines and agencies.• Train new employees to ensure an equal level of service is provided to the customer and to impart known learning so as to build up the employee’s proficiency base.• Data center operations.

Supervise fellow officers.Responsible for all logs while on shift.Monitor fire control panel log for errors.Assemble security equipment for day to day tasks.Procurement of weapons, security equipment and vehicles.Perform security vehicle maintenance. Inspect and log all vehicles entering and exiting the facility.