CERT
 
CERT Contact Information CERT Statistics Meet CERT Publications by CERT Staff Presentations by CERT Staff Employment Opportunities
 

Job #4885 - Computer Security Information Analyst

CERT Coordination Center, Networked Systems Survivability Program

SUMMARY

The Information Coordination and Analysis Team (ICAT) within the CERT Program’s Coordination Center (CERT/CC) is responsible for managing daily operations that integrate disperse sources of analytical information into strategic and tactical intelligence and ensure coordinated responses to ongoing internet security activity.

The successful candidate will be responsible for performing tasks related to analyzing information from a wide variety of sources, conducting technical analysis of incidents and other security threats, coordinating response actions, and disseminating technical information as appropriate in support of the protection of national and economic security and our critical infrastructure assets. Key responsibilities include:

  • Monitoring, managing, and coordinating the information collection and cataloging activities from a variety of public and private analytical information sources
  • Corresponding with internal analysis teams, sponsors, reporters, and other Computer Security Incident Response Teams (CSIRTs)
  • Managing the authentication of vendor contacts, which includes validating encryption keys and technical diagnosis of problems related to various channels of communication
  • Conducting technical investigation of computer security incidents, including forensic analysis, and coordinating incident response activities
  • Assessing the severity of security threats (e.g., incidents, vulnerabilities, malicious code) and coordinating broad notifications in a timely manner
  • Performing initial surface analysis of vulnerability reports and coordinating responses to incoming email sent to the CERT® Coordination Center
  • Answering constituent telephone inquiries during normal business hours and outside of business hours for emergencies
  • Developing and maintaining procedural documentation and participating in internal tools specification

This position could be located in either Pittsburgh, PA or Washington D.C.

ESSENTIAL FUNCTIONS

  1. Conducting technical investigation of computer security incidents, including forensic analysis and coordinating incident response activities
  2. Monitoring, managing, and coordinating the information collection and cataloging activities from disperse sources of analytical information (e.g., mailing lists, web sites, rss feeds), performing surface analysis, and producing strategic and tactical intelligence that can be shared with interested parties.
  3. Performing initial surface analysis of vulnerability reports and coordinating responses to incoming email sent to the CERT® Coordination Center
  4. Corresponding with internal analysis teams, sponsors, reporters, and other Computer Security Incident Response Teams (CSIRTs).
  5. Managing the authentication of vendor contacts, which includes validating encryption keys and technical diagnosis of problems related to various channels of communication.
  6. Developing and maintaining procedural documentation, participating in internal tools specification, and serving as team liaison to development and infrastructure teams.
  7. Answering constituent telephone inquires during normal business hours and outside of business hours for emergencies.
  8. Representing and presenting material in open forums and conferences.
  9. Travel for training, conferences, and customer meetings.

QUALIFICATIONS

Education/Training:

BS in Computer Science Information Science, Information Systems Management with eight years applicable experience or MS in Computer Science, Information Technology with five years applicable experience

Experience:

Candidates should have at least 5 years of experience in a Windows and Unix/Linux environment and be able to demonstrate knowledge in all of the following areas:

  • core Internet protocols (e.g., IP, TCP, UDP, BGP, DNS, HTTP, SMTP)
  • system and/or network administration
  • computer security incident handling and analysis
  • common types of security vulnerabilities
  • basic computer security forensics
  • current internet security issues
  • various security technologies (e.g., encryption, firewalls, antivirus)
  • defending against common types of attacks against systems and networks
  • one or more programming languages (e.g., C++, Perl, Java)

Skills/Abilities:

Successful candidates will

  • have a strong interest in and possess basic knowledge of network and computer security issues
  • be able to work meticulously with careful attention to detail
  • be able to identify and ensure the timely delivery of critical information to internal analysis teams, sponsors, customers, and other interested parties
  • be able to communicate effectively within a team environment
  • be able to effectively prioritize work
  • be able to develop and explain technical decisions
  • recognize and deal appropriately with confidential and sensitive information
  • interact effectively with technical and non-technical audiences via both verbal and written communications (e.g., technical writing, user guide development, requirements analysis)
  • be able to quickly learn new procedures, techniques, and approaches

OTHER

Mobility: Primarily sedentary, long periods of sitting; ability to travel to various locations within the SEI and CMU community, customer sites, conferences, and offsite meetings with some frequency.

Environmental Conditions: Normal office conditions; however close contact with computer for prolonged periods of time

Mental: Ability to work under pressure; pay attention to detail; meet inflexible deadlines; deal with difficult individuals while maintaining composure.

Other: Candidate must be able to pass a background investigation, obtain a security clearance, and be a US citizen


Resumes from recruiting firms will not be accepted.

To apply please go to
Careers@CarnegieMellon

Carnegie Mellon is an Affirmative Action/Equal Opportunity Employer.

The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University.

CERT® and CERT Coordination Center® are registered in the U.S. Patent and Trademark Office.

This page was last updated September 08, 2008