CYBERSECURITY SPECIALIST (CYBER OPERATIONS & INCIDENT RESPONDER)

Full Job Description

The Cybersecurity Specialist (Cyber Operations & Incident Responder) position is located in the Office of Information and Technology Services (EXIT), U.S. Consumer Product Safety Commission (CPSC).

EXIT is responsible for managing and securing the information technology resources for the CPSC. The incumbent is a recognized authority responsible for leading the CPSC cybersecurity program.

All applicants must have 52 weeks of specialized experience equivalent to at least the next lower grade level in the Federal Service.

Specialized experience is experience that has equipped the candidate with the particular knowledge, skills, and abilities to perform successfully the duties of the position.

Qualifying specialized experience must demonstrate the following: 1) Experience applying cyber security and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data; 2) experience in Azure Cloud security; 3) experience in incident response and handling methodologies; 4) knowledge of NIST Special Publications (e.g., SP 800-53, SP 800-37, etc.); 5) experience in vulnerability identification, scanning, management and remediation; and 6) ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Evidence of the above specialized experience must be supported by detailed documentation of duties performed in positions held.

Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position.

Therefore, we encourage you to be clear and specific when describing your experience. We will not make assumptions regarding your experience or based on job titles alone.

If your resume does not support your questionnaire answers, we will not allow credit for your response(s).

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Applicants must meet the qualifications for this position by the closing date of this announcement.

In addition to the above specialized experience, applicants must also meet the IT-Related proficiency level for all four of the competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Evidence of the above specialized experience and IT-related proficiency must be supported by detailed documentation of duties performed in positions held.

Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position.

Therefore, we encourage you to be clear and specific when describing your experience. Major Duties:

The primary purpose of the position is to assess the impact of forecasted changes in technology and business requirements on the agency's long-range Information Technology (IT) cybersecurity plans and recommend appropriate changes to goals and strategies.

The work involves developing, implementing, and ensuring compliance with IT cybersecurity plans and policies; serving as the incident response coordinator for cyber security operations, analyzing cyber events occurring in the agency's network environment; monitoring network activity; analyzing evidence of suspicious behavior; implementing and managing cyber defense tools; conducting assessments of threats and vulnerabilities; testing and implementing new technologies; and determining deviations from acceptable network configurations and policies assessing the level of risk, and recommending appropriate mitigation countermeasures to top-level management.

The Cybersecurity Specialist (Cyber Operations & Incident Responder) serves as a recognized authority in leading and establishing the framework for CPSC Cybersecurity Information Security IT programs.

Assesses and anticipates the effects of new emerging technology and develops policies to prevent cybersecurity violations and govern activities.

Develops and maintains strategic plans to define current and future cybersecurity requirements and establish metrics to measure and evaluate systems performance.

Represents the agency on interagency committees and participates in high- level collaboration, coordination, decision-making meetings, and conferences regarding classified and unclassified cybersecurity programs and projects.

Briefs senior agency management on the status of committee activities and decisions made.

The duties of this position include: Monitoring agency network activities and cyber incident response activities.

Analyzing evidence of suspicious behavior to identify and report events that occur or may occur within the network to protect the information, systems, and networks from threats.

Advising top- level management on immediate and long-term measures that must be taken in accordance with the level of risk involved, including exploring new concepts and technologies.

Analyzing cyber events and the network environment to find trends, patterns, or anomaly correlations that indicate more serious attacks or future threats.

Developing new policies, procedures, standards, methods, techniques, and solutions to highly complex technical issues; evaluating the impact of technological change; and recommending proactive measures to contain identified incidents.

Reviewing data collected from various cyber defense tools (e.g., Intrusion Detection System (IDS) alerts, firewalls, network traffic logs) to analyze events within the operating environment and identify and mitigate threats and deter future security attacks.

Responds to security alerts indicating possible cyber events.

Performing real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support the agency's Cyber Security Incident Response Team (CSIRT).

Performing malware and system forensic analysis. Capturing and analyzing network traffic associated with malicious activities using network monitoring tools.

Correlating incident data and develops cyber defense reports for top-level management review. Evaluating and recommending the acquisition of IT security tools.

Installing and configuring new hardware, software, and peripheral equipment to support IT security tools in accordance with agency standards.