Description
Summary Objective: The purpose of this position is to provide Metro Government and the Cyber Security teams with timely and usable cyber threat intelligence and to manage information flow of the intelligence. This position will create strategic partnerships for information sharing, perform analysis of the information obtained, and manage the information flow into key security systems. This position works independently, under limited supervision, reporting major activities through periodic meetings. This position works under direct supervision of the CISO and Senior Security Advisor.
Examples of Duties
ESSENTIAL FUNCTIONS
The essential functions listed below are those that represent the majority of the time spent working in this class. Management may assign additional functions related to the type of work of the class as necessary.
Provides timely information that impacts computer security policies and procedures.
Assists in planning, incident response, and operational oversight.
Research information technology security trends and products, and evaluates against current threat actor TTP (tactics, techniques, and procedures).
Collaborates on development and coordination of Metro information security awareness program by providing current threat trends.
Investigates and responds to security policy violations regarding threat actor TTP.
Evaluates upgrades, system modifications, conversions, and application development projects against current threat actor TTP.
Evaluates and ensures network architecture and projects are designed to be resilient against current threat actor TTP.
Coordinates and assists with implementation on threat feed ingest and resulting threat alert processes.
Performs related work as assigned.
S:SKINTIAGP11
