Collect and analyze intrusion artifacts (e.g., source code, malware, and system configuration) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
Core KSAT for the following Work Roles
Analyzes digital evidence and investigates computer security incidents to derive useful information in support of system/network vulnerability mitigation.
Additional KSAT for the following Work Roles
Conducts deep-dive investigations on computer-based crimes establishing documentary or physical evidence, to include digital media and logs associated with cyber intrusion incidents.