bachelor’s degree* with at least 15 credit hours in cyber security, information assurance, or information technology; and three years of information technology experience, including two years of information security or information assurance experience**.
- Substitution: bachelor's degree candidates without at least 15 course credits in cyber security, information assurance, or information technology require an additional year of general information technology experience to qualify. Appropriate information security or information assurance experience may substitute for the bachelor's degree on a year- for-year basis; an associate's degree requires an additional two years of general
information technology experience.
**Experience solely in information security or information assurance may substitute for the general information technology experience.
Preferred Qualifications:
- Bachelor’s Degree with a concentration or major in Information Security, Cyber Security, Digital Forensics, Information Assurance, or a related field
- Applicable Information Security certificate(s), including but not limited to:
o Certificate in Computer Network Defense (e.g., GCIA, GCED, GDAT, GPPA, GCDA, GMON, GWEB, CND, ECIH, GCIH)
o Certificate in Cyber Threat Intelligence (e.g., CTIA, GCTI, CCIP, CSTIR)
o Certificate in Digital Forensics (e.g., ACE, GCFA, GCFE, GREM, GNFA)
o Certificate in Penetration Testing (e.g., GPEN, CEH, GAWN, GWAPT, LPT)
o Certificate in Information Security Management (e.g., GSLC, GSTRT, GCEIT, CISM, CCISO)
o Certified Information Systems Security Professional (CISSP)
- 3 years’ experience in technical writing.
- 2 years’ experience in the following areas:
o Leading a team in related work.
o Applying and implementing network and/or system security.
o Information security incident response.
o Cyber digital forensics.
o Log analysis (e.g. firewall logs, DNS logs, proxy logs, IDS/IPS logs)
o Using SIEM technologies to support in-depth investigations.
o Using computer security investigation tools (e.g. FTK)
o computer networks, intrusion detection systems, routers, firewalls, operating systems, network vulnerability assessments, web application vulnerability assessments, computer programming and scripting
o network security solutions (e.g., intrusion detection/prevention systems, firewalls)
o system administration
o vulnerability management
o computer programming and scripting
o Information Security (CIA triad, Information Classification, Risk Management, Incident Response, Vulnerability Management, Security Architecture & Engineering)
- Excellent oral and written communication skills including the ability to clearly articulate information technology and information security concepts to a varied audience to facilitate wide understanding
- Demonstrated critical thinking, problem solving and analytical skills