Information Assurance/Security Specialist – Cyber Watch and Incident Response Support

C.4.2.1.1  Task 2 Cyber Watch And Incident Response Support
Description: The Contractor shall provide 24 x 7 x 365 support to conduct real-time analysis of ongoing IA / CND events on the MCEN, identifying incidents and making recommendations to protect the MCEN. The Contractor shall lead efforts in collecting and analyzing network and computing events presented via numerous sources in order to identify and document malicious or unauthorized activity on the MCEN.

The Contractor shall conduct initial, formal incident reporting (outlined in CJCSM 6510.01B, “Cyber Incident Handling Program,” dated 10 Jul 2012 or later) and documenting technical details in the Marine Collections Database (MCD). The Contractor shall appropriately resolve daily incidents tracked in the MCD. The Contractor shall use appropriate skills and techniques in scoping, containing and eradicating incidents based on the processes outlined in CJCSM 6510.01B. Additionally, The Contractor shall be responsible for supporting the transition of network defense configurations as informed by resolved incidents in order to prevent future occurrences.

The Contractor shall be responsible for continuity of services as data sources, analysis tools, and techniques will evolve to changes in the Marine Corps’ technical computing environment as well as by mandates from US Cyber Command.

8570 IAT Certification Requirements:  Level 2

GSEC or Security + CE or SSCP or CCNA Security

8570 CNDSP Certification Requirements:  Incident Response

GCIH or CSIH or CEH or GCFA or SCYBER

Clearance Requirements:  Secret, TS preferred
Shift Requirements:  1.       1900-0700 W/Th/F/Alt-Sa