Robert Half

On-the-job Training

• On the Job Training - Principles and Practices
  • Apply security fundamentals
  • Apply security best practices
• On the Job Training - Cybersecurity Fundamentals
  • Perform network and wireless intrusion detection
  • Perform security activity monitoring
  • Execute incident response processes
  • Perform scans of databases, web applications, anti-virus and others
• On the Job Training - Tools and Technologies
  • Use various cybersecurity tools and technologies
  • Perform Application maintenance and troubleshooting
  • Run, review and analyze application reports
• Foundational Competencies - Principles and Practices
  • Demonstrate knowledge of Security best practices
  • Demonstrate knowledge of organizational security offerings
  • Demonstrate knowledge of basic security fundamentals
• Foundational Competencies - Security Fundamentals
  • Demonstrate knowledge and ability to conduct network intrusion detection
  • Demonstrate knowledge and ability to conduct wireless intrusion detection
  • Demonstrate ability to perform security activity monitoring
  • Demonstrate ability to initiate incident response processes
  • Demonstrate ability to maintain and troubleshoot applications
  • Demonstrate ability to perform scans of databases, web and mobile applications
• Foundational Performance Criteria - Demonstrate knowledge of Security best practices
  • Demonstrate understanding of information security principles as they relate to system and network security
  • Demonstrate knowledge of MSS tools and security applications (e.g., log & event monitoring, Security information and Event Management (SIEM), etc.)
  • Demonstrate functional knowledge of Security MSS tooling and infrastructure
  • Demonstrate functional knowledge of system, network, and application vulnerability scanning and remediation techniques.
  • Demonstrate functional knowledge of risk-ranking vulnerabilities and remediation priorities
• Foundational Performance Criteria - Demonstrate knowledge of Security Fundamentals
  • Demonstrate knowledge of TCP/IP, ports, protocols, and system functions
  • Demonstrate knowledge of how security should be a multi-layered approach
  • Demonstrate knowledge of scripting languages
  • Demonstrate the ability to troubleshoot and correct security-related issues
• Foundational Performance Criteria - Demonstrate knowledge and ability to conduct network intrusion detection
  • Demonstrate ability to verify appliance functionality to ensure log data is being collected and forwarded to the Security Information and Event Management (SIEM) application
  • Demonstrate ability to analyze event reports
  • Demonstrate ability to initiate Incident response processes
  • Demonstrate the ability to configure SIEM rulesets to detect potential threats
  • Demonstrate the ability to configure IPS/IDS and other permitter security appliances/systems
• Foundational Performance Criteria - Demonstrate knowledge and ability to conduct wireless instruction detection
  • Demonstrate knowledge of how enterprise wireless networks are architected
  • Demonstrate knowledge of how wireless encryption and authentication
  • Demonstrate the ability to identify and detect rogue wireless devices
  • Demonstrate the ability to configure a wireless network, securely
  • Demonstrate the ability to configure wireless network logging correctly
• Foundational Performance Criteria - Demonstrate ability to perform Security Activity Monitoring
  • Demonstrate ability to perform Security Activity Monitoring including, but not limited to: Correcting log source failures
  • Demonstrate ability to perform Security Activity Monitoring including, but not limited to: Monitoring of backup of the applications and reports
  • Demonstrate ability to perform Security Activity Monitoring including, but not limited to: Provide recommendations to the network infrastructure teams for blocking of malicious sites or IP addresses based upon log activity
  • Demonstrate ability to perform Security Activity Monitoring including, but not limited to: Perform roll up reporting
  • Demonstrate ability to perform Security Activity Monitoring including, but not limited to: Perform Basic tuning of false positives
  • Demonstrate ability to perform Security Activity Monitoring including, but not limited to: Create new roles to identify or tune false positives
  • Demonstrate ability to perform Security Activity Monitoring including, but not limited to: Initiate Incident Response Processes in the event of an incident or investigation
• Foundational Performance Criteria - Demonstrate ability to initiate and conduct incident response
  • Demonstrate knowledge of the Incident Response Process
  • Demonstrate the ability to be a team member during an incident response
  • Demonstrate the ability to brief stakeholders during an incident response
  • Demonstrate the ability to develop reporting related to incident response
• Foundational Performance Criteria - Demonstrate ability to maintain and troubleshoot applications
  • Demonstrate ability to troubleshoot applications and related tools
  • Demonstrate ability to remediate vulnerabilities identified during scans - patching
  • Demonstrate ability to remediate vulnerabilities during scans - application configuration
  • Demonstrate ability to work with vendors to correct issues or perform updates
  • Demonstrate ability to create, review and analyze reports
  • Demonstrate ability to create and maintain dashboards
• Foundational Performance Criteria - Demonstrate ability to perform scans of databases, web applications, anti-virus and other
  • Demonstrate knowledge of vulnerability scanning
  • Demonstrate ability to configure and initiate automated scans for networks, and applications
  • Demonstrate the ability to work with system and application owners to remediate identified vulnerabilities