IT Cybersecurity Specialist (INFOSEC)

Full Job Description

This position is located in the Forensics and Vulnerability Management Branch (FVMB). FVMB prevents cyberattacks before they happen and if they occur, determines how they happened and responds.

This is performed through expertise in advanced intrusion detection, computer forensics, vulnerability management, and penetration testing.

You must meet the United States Office of Personnel Management's (OPM) qualification requirements (including specialized experience and/or educational requirements) for the advertised position.

You must meet all eligibility and qualifications requirements by the closing date of the job announcement.

OPM Qualifications Standards are available at: Information Technology (IT) Management Series 2210 This position is being filled as a College Graduate under Public Law 115-232, 5 CFR § 315.614 (i).

Applicants must meet the BASIC REQUIREMENTS of the College Graduate authority: Recent graduates who have completed, within the previous two years, a bachelor's or graduate degree OR Veterans who have completed a bachelor's or graduate degree and were unable to apply within two years of obtaining their degree due to a uniformed service obligation of at least 4 years, may apply within two years of their discharge from uniformed service.

In addition to meeting the specialized experience below you must meet the basic requirement above to qualify for this position.

Specialized Experience is experience that has equipped applicants with the particular knowledge, skills and abilities to successfully perform the duties of the position, and that is typically in or related to the position to be filled.

To be creditable, specialized experience must have been equivalent to at least the next lower grade level in the federal service.

Specialized experience for this position: For the GS-09: The next lower grade level is a GS-07. Specialized experience for this position includes: 1.

Performing digital forensic acquisitions and examinations (forensic imaging, memory capture, evidence preservation). 2.

Participating in cyber incident response such as: triage, containment, remediation, and documentation using playbooks and standard operating procedures. 3.

Collecting logs from servers, network devices, and security tools (like IDS, EDR, and SIEM) and verifying whether an incident occurred. 4.

Assisting in vulnerability assessments or authorized penetration testing and recommending remediation priorities.

OR EDUCATION: Master's or equivalent graduate degree or 2 full years of progressively higher level graduate education leading to such a degree from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management; or, two full years of graduate education from an accredited or pre-accredited institution that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks.

OR A combination of education and experience. For the GS-11: The next lower grade level is a GS-09. 1.

Leading incidents from detection through triage, containment, eradication, recovery, and post-incident reporting. 2.

Conducting risk and vulnerability assessments and recommending cost effective security controls or remediation priorities. 3.

Leading incident handling activities from security escalations through resolution, to include triage, containment, eradication, recovery, and lessons learned. 4.

Collecting and correlating logs (host, network, firewall, IDS/EDR, SIEM) and verifying alerts with packet captures. OR EDUCATION: Ph.D.

or equivalent doctoral degree or 3 full years of progressively higher level graduate education leading to such a degree from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management; or, three full years of graduate education from an accredited or pre-accredited institution that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks.

OR A combination of education and experience. In addition to meeting the specialized experience you must meet the basic requirement competencies below to qualify for this series.

Basic Requirement Competencies: The specialized experience must include, or be supplemented by, information technology related experience (paid or unpaid experience and/or completion of specific, intensive training, as appropriate) which demonstrates each of the four competencies, as defined: Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. NOTE: This is a career-ladder position that includes grades GS-09, 11, 12 and 13.

Upon satisfactory completion of qualification/performance requirements and at management's discretion, the incumbent may be advanced non-competitively to the next higher level.

It is the ability to demonstrate satisfactory performance at the next higher level in all aspects of the position that is the primary basis for consideration for promotion.

Meeting the time-in-grade requirement for the higher-grade position does not automatically entitle the incumbent to a promotion. Major Duties:

The physical worksite for this position is located in Alexandria, Virginia.

Presence at the Alexandria, VA campus is required for this role, as it includes on site functions that must be performed in person.

Position may be eligible for situational telework in accordance with agency policy/business unit discretion. The agency currently allows for 52 hours of telework per calendar year.

The individual selected for this position will...

Perform intrusion detection, vulnerability management, and/or penetration testing to ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.

Review solutions to mitigate security concerns and issues.

Assess planned system changes for security impacts and coordinating with system owners and managers to enable implementation of security controls while meeting current and future business requirements.

Develop and implement robust incident response plans and operational continuity strategies.

Collect forensically sound duplicates of evidence (i.e., forensic image) to use for data recovery and analysis processes for investigations or litigation holds.