Employer’s hire CCDAs to preform critical tasks which include:
Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
Document and escalate incidents (including event’s history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.
Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and information.
Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.