Cyber Systems Engineer

The overall goal of DCO support is to provide defensive analysis, reporting and recommendations, provide cyberspace defensive posture risk analysis, mitigation strategies and solutions, and analyze cyberspace network events to determine the impact on current operations. The DCO support activities require research, analysis, and coordination across multiple agencies, adherence cyberspace best practices, and cyberspace subject matter expertise (SME) consultative support to the USFK Command and Staff, Services and components operating in the KTO and US Indo-Pacific Command (USINDOPACOM) AOR.

The Cyber Systems Engineer shall perform DCO support by conducting research and evaluating technical, nontechnical, intelligence, and commercially available information with specific emphasis on network operations and cyberspace warfare techniques, tactics, and procedures focused on the threats to US networks, and where applicable, commercial networks and systems that directly or indirectly supporting DoD interests and operations. The Cyber Systems Engineer shall develop and deliver defensive reports that include recommendations and solutions to strengthen cyberspace defensive posture to determine the impact on current operations.

Responsibilities:

• Assist with ROK liaison activities in support of cyberspace actions, including sharing of cyberspace information and reports, attending meetings, and performing cyberspace operations in a combined environment.
• Exercise communications and coordination with the Defense Information System Agency (DISA), the Cyber Security Service Providers (CSSP), USINDOPACOM, and other cyberspace and NetOps related organizations in support of the flow and exchange of information, reports, and the coordination of defensive cyber operations.
• Facilitate the direct support relationship to the Korea DoDIN Operation Center (KDOC), USFK J6, Component NetOps units, and specific cyberspace intelligence, cyberspace source, and other DCO activities.
• Provide analysis of cyberspace Attack Sensing & Warning capabilities based on data from USFK components to include items such as: Intrusion Detection System logs, Intrusion Prevention System logs, firewall logs, USCYBERCOM Red Reports and Cyber Tasking Orders (CTO), DISA security briefings, and additional Joint Information Environment IA Defense-in-Depth solution sources. Coordinate with service CSSPs for additional cyberspace information on those networks not operated or maintained by USFK.
• Conduct follow-up analysis of incident reports and other suspicious activity reported by the local service providers as well as external agencies as directed by the Government (e.g., tippers, IC reports, Situational Awareness Reports (SARs), etc.).
• Conduct cyberspace trends, correlation, and risk analysis of all cyberspace threat activity identified in the KTO and maintain historical cyberspace files of incidents and threat events. Incorporate intelligence reporting to enhance understanding of the threats to the KTO.
• Interpret, analyze, and report all events and anomalies IAW incident handling processes by coordinating with related and affected organizations. The contract shall provide assessments and recommendations to mitigate events and anomalies.
• Produce GO quality papers, presentations, recommendations, findings and develop a research reference list to quickly find answers to cyberspace related questions for a diverse range of cyberspace operations personnel and officials. Products may be oriented to a range of technical, operational, and other audiences and for various purposes (information, decision making, etc.). The audience, purpose and context must be appropriately considered when preparing materials.
• Develop and recommend Director Critical Information Requirements (DCIRs) in coordination with Intel section and other subsections of this contract as required.
• ICW the Cyber Watch, develop a process for review and daily reporting of Directors Friendly Forces Information Requirements (FFIRs).
• Analyze research and provide recommendations for procedures, processes, and improvements to enhance capabilities, operations, functions, mission-essential tasks, and deliverables.
• Develop and propose command guidance, prioritize recommendations, and, when directed, integrate cyberspace concepts of operations with CCMD, Joint Task Forces, USFK supporting organizations/units, and Joint Cyberspace Headquarter organizations.

Qualifications:

• Active TS/SCI Clearance.
• Bachelor’s degree in computer science, information technology or another related field; in a combination of computer science or information technology, or a combination of the above.
• 5 years of experience in computer network defense.
• DoD Cyber Workforce Framework 8570/8140 IAT III, IAM III.
• Demonstrated ability of complete understanding and wide application of principles, theories, and concepts within the cyberspace operations.
• Demonstrated ability to communicate with and synchronize operations among multiple lateral and horizontal organizations, including US and foreign military, federal agency and civilian organizations.
• Experience in briefing senior military and civilian personnel.
• Must have strong written, communication and interpersonal skills with the ability to prepare and brief complex technical and non-technical information to non-technical stakeholders.
• Possess a desire and ability to work on multiple fast-paced projects and be willing and able to aggressively learn the activities and focus of the organization.
• Must be comfortable working in a dynamic team environment.
• Willingness and ability to travel.