IT SPECIALIST (INFOSEC)

Full Job Description

Click on "Learn more about this agency" button below to view Eligibilities being considered and other IMPORTANT information.

The primary purpose of this position is: This position is to carry out unique and, as appropriate, one of-a-kind computer forensic analyses; write concise, comprehensive computer-forensic-analysis reports; evaluate and use computer-forensic-analysis techniques and procedures; and document computer-forensic-analysis procedures.

In order to qualify, you must meet the specialized experience requirements described in the Office of Personnel Management (OPM) Qualification Standards for General Schedule Positions, Individual Occupational Requirements for the Information Technology (IT) Management Series, GS-2210 (Alternate A).

https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/ SPECIALIZED EXPERIENCE: Applicants must have at least one (1) year of specialized experience at the next lower grade GS-13, or equivalent in other pay systems.

Examples of specialized experience includes experience with advanced concepts, theories, principles, practices, methods, and techniques of computer science, and engineering.

Experience with recover computer data and what the data means once it has been retrieved.

Experience with investigative procedures and rules of evidence and understand courtroom procedures and the law as it applies to the handling of evidence in order to avoid destruction of evidence or a break in the chain-of-custody.

Experience with network operations and protocols; systems testing and evaluation; and performance management methods sufficient to implement and coordinate activities designed to ensure, protect, and restore IT systems.

FEDERAL TIME-IN-GRADE (TIG) REQUIREMENT FOR GENERAL SCHEDULE (GS) POSITIONS: Merit promotion applicants must meet applicable time-in-grade requirements to be considered eligible.

One year at the GS-13 level is required to meet the time-in-grade requirements for the GS-14 level. TIG applies if you are in a current GS position or held a GS position within the previous 52 weeks.

NOTE: Applicants applying as VEOA candidates who are current GS civil service employees or are prior GS civil service employees within the past 52 weeks must also meet time-in-grade requirements.

KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas: Knowledge and experience with computer operating systems is required.

The employee must have direct knowledge and experience with PC operating systems (Windows 95/98/NT). Knowledge of other older operating systems is desired.

Knowledge of networking standards (e.g., TCP/IP, Novel, Windows NT and UNIX Networking) and operating systems is desired. Previous experience as a system administrator is desired.

Knowledge of computer hardware to the board level is required.

The employee should be familiar enough with personal computer hardware that they could be handed a box of parts and put one together Knowledge and experience in the development of computer programs is desired.

The ability to write programs in "C," "C++," UNIX Shell Scripting Languages, or Pearl is desired.

Ability to communicate very well orally and in writing including providing accurate and timely technical reports is required.

Significant experience and/or education in digital forensic analysis, malware analysis, intrusion analysis, or the equivalent is required.

This experience includes an understanding of the chain of custody, working at a crime scene, and testifying in court.

Knowledge of a full range of IT security principles, concepts, practices, products and services (including systems software, database software, immediate access storage technology), and methods for evaluating risk and vulnerability, implementing mitigating improvement, and disseminating IT security tools and procedures Knowledge of IT INFOSEC security requirements for certification and accreditation, network operations and protocols, systems testing and evaluation, and performance management methods sufficient to plan and conduct security accreditation reviews for installed systems or networks and assess and advise on new or revised security measures and countermeasures based on the results of accreditation reviews.

PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work.

You must clearly identify the duties and responsibilities in each position held and the total number of hours per week.

VOLUNTEER WORK EXPERIENCE: Refers to paid and unpaid experience, including volunteer work done through National Service Programs (i.e., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student and social).

Volunteer work helps build critical competencies, knowledge and skills that can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

Conducts substantive forensics analyses of computers and digital media to develop evidence in the specialty area of computer forensics.

Conducts substantive analysis of malicious files and artifacts generated by malicious code.

Conducts analysis ranging from the tracking of surface-level artifacts to exhaustive functional reversing of malicious samples.

Incumbent performs the full range of supervisory functions defined for such positions in Office of Personnel Management (OPM) guidance.