Network Operations and Security Center (INOSC)

–  One or more of the following IAT Level II Certifications (GSEC, Security +, SSCP, CCNA-Security)

–  CND Certification (GCIA, CEH, GCIH).

Active Top Secret or TS/SCI

–  Intermediate knowledge with one or more of the IDS/IPS systems currently in use by the Department of Defense (DoD), Services, and Agencies (i.e., AF, Navy, Army, DC3, DISA) or Federal Government and intermediate experience in the following areas: IP addressing and domain name service; network components; Transmission Control Protocol (TCP)/User Datagram Protocol (UDP), File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), and Hypertext Transfer Protocol (HTTP); and understand the network Open Systems Interconnection (OSI) model

Must be able to work shifts as required.

–  Conduct network security monitoring and intrusion detection analysis for the NIPRNet using the AF’s selected IDS/IPS toolset

–  Research NIPR and SIPR defensive cyber operations events to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activities.

–  Enter event data into mission support systems according to operational procedures and reports through the 33rd operational chain.

–  Record suspicious events, meeting established thresholds, into the operational database for suspicious traffic. Records shall contain sufficient information to stimulate future research of suspicious traffic. The record shall answer the: who, what, where, why and when for this suspicious activity.

–  Compile suspicious events records and other artifacts as part of its Monthly Operational Report.

–  Provide pass-on information to bring incoming crews up to speed on latest suspicious traffic seen from a given port, IP, etc.

–  Coordinate with the Crew Commander for authorization before departing after pass-on to incoming shift.

–  Provide computer security-related assistance to Air Force field units (example: the Integrated Network Operations and Security Center (INOSC), Base Information Assurance shop) in countering vulnerabilities, minimizing risk, and improving the security posture of AF computer networks and systems within the scope of operational requirements and mission execution.

–  Provide focused DCO, tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named DCO operations and exercises.

–  Must be willing to receive additional training and maintain position qualification to perform assigned duties, as required