Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

Similar documents
Position Description. Engagement Manager UNCLASSIFIED. Outreach & Engagement Information Assurance and Cyber Security Directorate.

POSITION DESCRIPTION

POSITION DESCRIPTION

POSITION DESCRIPTION

POSITION DESCRIPTION

CYBER RESILIENCE & INCIDENT RESPONSE

Information Security Controls Policy

NSPCC JOB DESCRIPTION

External Supplier Control Obligations. Cyber Security

Position Description For ICT Systems Officer Information, Technology and Communication Department Hobart

New Zealand National Cyber Security Centre Incident Summary

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

Strategic Security Analyst

Todmorden High School Job Description

Position Description IT Auditor

Digital Health Cyber Security Centre

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Sage Data Security Services Directory

Information Security Controls Policy

Security by Default: Enabling Transformation Through Cyber Resilience

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Marine Institute Job Description

The University of Queensland

To use centralised systems for remote control of computers and deployment of software, system images and security updates.

PERSON SPECIFICATION. Cyber PROTECT Officer. Job Title: Status: Established

Continuous protection to reduce risk and maintain production availability

Information Technology Branch Organization of Cyber Security Technical Standard

JOB DESCRIPTION. ICT Network Manager. Varndean JOB TITLE: SECTION: PURPOSE OF JOB

Position Description For ICT Officer Support Information, Technology and Communication Department Hobart

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

Marine Institute Job Description

Incident Response Services

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Cyber Threat Report. National Cyber Security Centre. Unclassified

Are we breached? Deloitte's Cyber Threat Hunting

Defence services. Independent systems and technology advice that delivers real value. Systems and Engineering Technology

Model Curriculum. Analyst Security Operations Centre SECTOR: IT-ITeS SUB-SECTOR: IT Services OCCUPATION: Information/Cyber Security SSC/Q0909 REF ID:

THE CYBER SECURITY PLAYBOOKECTOR SHOULD KNOW BEFPRE, DURING & AFTER WHAT EVERY DIRECTOR SHOULD KNOW BEFORE, DURING AND AFTER AN ATTACK

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

IT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)

Security Director - VisionFund International

INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER

CYBER INCIDENT REPORTING GUIDANCE. Industry Reporting Arrangements for Incident Response

Implementation Strategy for Cybersecurity Workshop ITU 2016

ROLE DESCRIPTION IT SPECIALIST

Vulnerability Assessments and Penetration Testing

Cyber Security Strategy

to Enhance Your Cyber Security Needs

भ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)

Defense Security Service. Strategic Plan Addendum, April Our Agency, Our Mission, Our Responsibility

NATIONAL INFORMATION TECHNOLOGY AUTHORITY - UGANDA (NITA-U) REGIONAL COMMUNICATIONS INFRASTRUCTURE PROGRAM (RCIP) INFORMATION SECURITY SPECIALIST

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Position Title: IT Security Specialist

National Initiative for Cyber Education (NICE) and the Cybersecurity Workforce Framework: Attract and Retain the Best in InfoSec.

1. To provide an update on the development of the SPA Assurance Map.

Manager, Infrastructure Services. Position Number Community Division/Region Yellowknife Technology Service Centre

Qualification Specification. Level 2 Award in Cyber Security Awareness For Business

Gujarat Forensic Sciences University

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

April Appendix 3. IA System Security. Sida 1 (8)

ACTIVE SHOOTER RESPONSE CAPABILITY STATEMENT. Dynamiq - Active Shooter Response

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Chartered Membership: Professional Standards Framework

SECURING THE UK S DIGITAL PROSPERITY. Enabling the joint delivery of the National Cyber Security Strategy's objectives

Ministry of Civil Defence & Emergency Management

STRATEGIC PLAN. USF Emergency Management

Canada Life Cyber Security Statement 2018

Policy. Business Resilience MB2010.P.119

School of Engineering & Built Environment

Presentation to the ITU on the Q-CERT Incident Management Team. Ian M Dowdeswell Incident Manager, Q-CERT

The UK s National Cyber Security Strategy

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Recruitment Pack Marketing Officer Battersea Dogs & Cats Home

2017 Company Profile

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

Leading Authority Doug Kaminski On 3 Key Ways To Protect Your IP. #FearlessLaw on High Performance Counsel

Unit 3 Cyber security

PROGRAMME SPECIFICATION

TRUE SECURITY-AS-A-SERVICE

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES

Protecting information across government

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

STANDARD INFORMATION SHARING FORMATS. Will Semple Head of Threat and Vulnerability Management New York Stock Exchange

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Security and Privacy Governance Program Guidelines

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Evaluation of technologies that will improve the UEL IT infrastructure, recommending and advising on strategic improvements

Protecting your data. EY s approach to data privacy and information security

ISAO SO Product Outline

Big data privacy in Australia

Guide to Cyber Security Compliance with GDPR

Cyber risk Getting the boardroom focus right

Securing strategic advantage

CYBER CAMPUS KPMG BUSINESS SCHOOL THE CYBER SCHOOL FOR THE REAL WORLD. The Business School for the Real World

Forensic analysis with leading technology: the intelligent connection Fraud Investigation & Dispute Services

Cybersecurity, Trade, and Economic Development

National Certificate in Meat Processing (Level 4) with strands in Supervisory Management, and Risk Management

Transcription:

Position Description Computer Network Defence (CND) Analyst Position purpose: Directorate overview: The CND Analyst seeks to discover, analyse and report on sophisticated computer network exploitation events. The CND Analyst utilises open source, commercial and internally developed intrusion/anomaly detection tools and infrastructure. The Information Assurance and Cyber (IAC) Directorate contributes to the national security of New Zealand by providing technical advice and assistance to Government and organisations with significant national information infrastructures to enable them to protect their information from advanced technology-borne threats. To achieve this, the directorate provides high assurance services; information assurance policy and advice; and high-end cyber security services to detect and respond to such threats. GCSB mission and values Our mission Protecting and Enhancing New Zealand s Security and Wellbeing. Our values Respect, Commitment, Integrity, Courage. UNCLASSIFIED PAGE 1

Information Assurance & Cyber security Directorate vision and mission Our vision Protect New Zealand s vital information infrastructures Our mission To be a team of confident professionals, admired for our innovation and regarded both domestically and internationally as leaders in the Information Assurance and Cyber sectors. To have a comprehensive understanding of the advanced, technology-borne attempts to target our vital information infrastructures and steal our secrets and intellectual property. To be confident about our ability to monitor these threats and either reduce harm directly through timely provision of assurance and technical services or help others to mitigate risks through authoritative policy and expert advice built on our unique capabilities. Functional relationships External contacts: Internal contacts: NZ Government Agencies 2 nd Party Cryptologic agencies Other national and international CND specialists IT service providers IACD Staff GCSB IT security staff Other GCSB staff as necessary Objectives The position of CND Analyst encompasses the following major functions or objectives: Understanding the cyber threat environment Conduct CND activities Delivery of output UNCLASSIFIED PAGE 2

The requirements in the above Key Result Areas are broadly identified below: Jobholder is accountable for: Understanding the cyber threat environment Maintaining an understanding of the current and past methodology of threat actors, their tools, aims, intentions and methodology Maintaining an understanding of attack tool capabilities and infrastructure in order to be an effective CND specialist Conducting technology-based research projects, incorporating classified and open source material to ensure individual knowledge is class leading Conduct CND activities Contribute to the Discovery and analysis of new or emerging cyber threats Prepare, document, and maintain event reports and analytic findings Contribute to the detection, analysis and understanding of sophisticated electronic attack events If required, assist with the analysis of forensic evidence, in support of the Incident Response Team Develop, maintain, and improve technical understanding and analytic techniques. Provide briefings and accounts of these analytic techniques to NCSC colleagues, as appropriate Delivery of output Contribute to the provision of technical answers to questions regarding the compromise of New Zealand victim networks. Contribute to mitigation design, and advice Enhance GCSB s relationships and reputation with customers and partners Jobholder is successful when: GCSB remains aware of cyber threat actors intentions and capabilities NCSC (National Cyber Security Centre) remains the point of contact as the area of Cyber expertise and knowledge within New Zealand Threats to New Zealand information infrastructures of significance, are identified and understood Network traffic analysis is performed in accordance with agreed procedures Technical analysis on detected threats identifies the capability and intention of adversary Detection capabilities are enhanced NCSC provides timely and accurate technical advice and expertise The content of the NCSC s technical reporting and advice is unambiguous, and the implications of why it has been provided are clear The result of technical analysis is documented UNCLASSIFIED PAGE 3

through professional representation and engagement Represent GCSB as a knowledgeable point of contact for information regarding specific high-threat intrusion set(s) Provide technical assistance to other NCSC, partner or customer entities NCSC reporting complies with all guidelines and policies Precise performance measures for this position will be developed in discussion between the jobholder and manager as part of the performance development and review process. It is also expected that you will undertake other duties that can be reasonably be regarded as relevant to the position, your experience and capability. Person specification This section is designed to capture the expertise required for the role at the 100% fully effective level. (This does not necessarily reflect what expertise the current jobholder has.) This may be a combination of knowledge, experience, key skills, attributes, job specific competencies, qualifications or equivalent level of learning. Qualifications Essential: Tertiary degree, or equivalent experience, in Computer Science, Computer Forensics, Software Engineering, or Computer Security. Desirable Professional computing/networking qualification, e.g. in computer networking, or systems administration. Professional Information Security certifications. Knowledge/experience Essential: Interest in, and enthusiasm for, computer security. Excellent knowledge of network protocols or host internals. Desirable: Experience in IT security or network defence. Experience with operating systems, both UNIX / Linux and Windows. Experience with network defence and attack tools. Software engineering and programming. Knowledge of vulnerability assessment methodologies, tools and techniques. UNCLASSIFIED PAGE 4

Personal attributes Demonstrates a practical and robust troubleshooting philosophy A commitment to the documentation of process and actions Results oriented with a demonstrable commitment to perform Thinks critically and logically Excellent communication and interpersonal skills The ability to be self-motivated, flexible and a team player An ability and desire to learn new and sometimes complex skills Demonstrate sound judgment, tact and integrity in dealing with sensitive issues Excellent organisational skills and the ability to prioritise and work to deadlines Displays initiative and self-confidence The resilience to operate under pressure and correctly identify and asses risk, and make justifiable operational decisions Specialist competencies The following would typically be expected for the 100% fully effective level: Network and Endpoint Intrusion Detection, Methods and Signature Development Network Protocol Analysis Malware Analysis and Reverse Engineering Adversary Intentions and Methodology Programming Core competencies Core competencies are based on and consistent with our values. They describe qualities that are common requirements for all GCSB staff at differing levels in the organisation, irrespective of their specialist skills or the particular requirements of their job. They are complemented by specialist competencies, which (where applicable) are set out in individual performance agreements. Security Teamwork and Leadership Results Focus Communication and Knowledge Sharing Professionalism Innovation Customer Focus UNCLASSIFIED PAGE 5

Change to position description Positions in GCSB may change over time as the organization develops. Therefore, we are committed to maintaining a flexible organization structure, which best enables us to meet changing market and customer needs. Responsibilities for this position may change over time as the job evolves. Such change may be initiated as necessary by the manager of this position. This Position Description may be reviewed as part of the preparation for performance planning for the annual performance cycle. Health & Safety GCSB is committed to providing a healthy and safe work environment and safe management practices for all employees. Employees are expected to share this commitment as outlined in the current Health and Safety legislation by taking all practicable steps to ensure:- a. The employee s safety while at work, and b. That no action or inaction of the employee while at work causes harm to any other person. Knowledge Management Employees are responsible for ensuring that all business records created are accessible and stored in the correct manner according to GCSB record keeping policy, standards and procedures Employee: Date: Manager: Date: UNCLASSIFIED PAGE 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback