Cyber Incident Response Team (Cirt)
Current• Serve as a subject matter expert (SME) for USACE and ACE-IT on Cyber Network Defense tools and concepts.• Identify, investigate, analyze, mitigate and remediate information security events to ensure enterprise integrity against technical and physical risks.• Prevent adversary access schemes and/or infiltration of friendly networks via the use of defensive measures and information collected from variety sources.• Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.• Monitor external data sources to maintain awareness of CND threat conditions and identify security issues impacting the enterprise.• Conduct quality management reviews to evaluate the effectiveness of security controls.• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.• Research and recommend new tools, processes, and techniques to discover, mitigate, or correct vulnerabilities in support of stakeholders utilizing enterprise defense-in-depth risk management.