California State University San Bernardino

On-the-job Training

• Occupational Skills
  • Administers accounts, network rights, and access to systems and equipment
  • Assists in network backup and recovery procedures
  • Assists in the coordination or installation of new or modified hardware, operating systems and another baseline software
  • Assists in the development of appropriate courses of action in response to identified anomalous network activity
  • Assists in the development of group policies and access control lists to ensure compatibility with organizational standards, business rules and needs
  • Characterizes and analyzes network traffic to identify anomalous activity and potential threats; performs computer network defense trend analysis and reporting
  • Checks system hardware availability, functionality, integrity and efficiency
  • Collaborates with system developers and users to assist in the selection of appropriate design solutions to ensure the compatibility of system components
  • Collects intrusion artifacts and uses discovered data to enable mitigation of potential computer network defense (CND) incidents
  • Conducts functional and connectivity testing to ensure continuing operability
  • Conducts periodic server maintenance including cleaning (physically and electronically), disk checks, system configuration and monitoring, data downloads, backups and testing
  • Coordinates with network administrators to administer the updating of rules and signatures for intrusion/detection protection systems, anti-virus and network black and white list
  • Correlates incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation
  • Diagnoses and resolves customer-reported system incidents
  • Diagnoses faulty system/server hardware; seeks appropriate support or assistance to perform server repairs
  • Diagnoses network connectivity problems
  • Documents compliance with or changes to system administration standard operating procedures
  • Ensures application of security patches for commercial products integrated into system design
  • Establishes adequate access controls based on principles of least privilege and need-to-know
  • Establishes adequate access controls based on principles of least privilege, role-based access controls (RBAC), and need-to-know
  • Helps perform damage assessments in the event of an attack
  • Implements security measures for uses in system and ensures that system designs incorporate security configuration guidelines
  • Installs and configures hardware, software and peripheral equipment for system users
  • Installs and maintains cyber security detection, monitoring and threat management software
  • Installs server fixes, updates and enhancements
  • Installs, replaces, configures and optimizes network hubs, routers and switches
  • Integrates new systems into existing network architecture
  • Maintains baseline system security according to organizational policies
  • Manages accounts, network rights and access to systems and equipment
  • Manages inventory of IT resources
  • Manages IP addresses based on current threat environment
  • Modifies network infrastructure to serve new purposes or improve workflow
  • Monitors and maintains server configuration
  • Monitors client-level computer system performance
  • Monitors external data sources to maintain currency of Computer Network Defense threat condition and determines which security issues may have an impact on the enterprise. Performs file signature analysis
  • Monitors network data to identify unusual activity, trends, unauthorized devices or other potential vulnerabilities
  • Patches network vulnerabilities to ensure information is safeguarded against outside parties
  • Performs analysis of log files from a variety of sources to identify threats to network security; performs file signature analysis
  • Performs computer network defense incident triage to include determining scope, urgency & potential impact; identifies the specific vulnerability; provides training recommendations; and makes recommendations that enable expeditious remediation
  • Performs intrusion analysis
  • Performs virus scanning on digital media
  • Provides ongoing optimization and problem- solving support
  • Provides timely detection, identification and alerts of possible attacks and intrusions, anomalous activities, and distinguish these incidents and events from normal baseline activities
  • Receives and analyzes network alerts from various sources within the enterprise and determines possible causes of such alerts
  • Reconstructs a malicious attack or activity based on network traffic
  • Repairs network connectivity problems
  • Resolves hardware/software interface and interoperability problems
  • Runs tests to detect real or potential threats, viruses, malware, etc.
  • Sets containment blockers to align with company policy regarding computer use and web access
  • Supports network components
  • Tests and maintains network infrastructure including software and hardware devices
  • Tests computer system performance
  • Tracks and documents computer network defense incidents from initial detection through final resolution
  • Triages systems operations impact: malware, worms, man-in-the-middle attack, denial of service, rootkits, keystroke loggers, SQL injection and cross-site scripting
  • Troubleshoots system hardware and software
  • Uses computer network defense tools for continual monitoring and analysis of system activity to identify malicious activity
  • Uses network monitoring tools to capture and analyze network traffic associated with malicious activity
  • Verifies data redundancy and system recovery procedures