Monitors information system networks to validate configuration status, using information readily available through automated support tools and implemented security controls, to support organizational risk management decisions. Maintains situational awareness, provides risk impact, and makes recommendations to CSSP Watch decision-makers and system owners regarding compliance, cybersecurity posture, enclave and network accesses, hygiene, vulnerability, and unmitigated risks. Consults with configuration managers to compare real-time information system metrics and values with established baselines and controls. Records and reports assessments of scheduled and unscheduled outages and tracks status of information system life-cycle milestones (installation; connectivity; online/offline; removal).
Requires DoD 8570 compliance with CSSP Auditor baseline certification, Information Assurance Technical (IAT) Level II or Level III certification, and Computing Environment (CE) certification.
The CE certification requirements can be fulfilled with either Microsoft OS, Cent OS/Red Hat OS CE certifications.
Higher level Requires successful completion of the Splunk software training course “Fundamentals 1”