Security Specialist (Insider Threat)

Full Job Description

About the Position: This position is a DOD Cyber Excepted Service (CES) personnel system position in the Excepted Service under 10 USC 1599f.

Employees occupying CES positions are in the Excepted Service and must adhere to U.S. Code, Title 10, as well as Department of Defense Instruction 1400.25. This position is located at USCYBERCOM - Ft.

Meade. CYBER EXCEPTED SERVICE POSITIONS ARE NOT SUBJECT TO THE TWO-PAGE RESUME LIMIT.

YOUR FULL RESUME WILL NEED TO BE UPLOADED TO YOUR USAJOBS PROFILE USING THE DOCUMENT TYPE "OTHER DOCUMENTS".

Who May Apply: Only applicants who meet one of the employment authority categories below are eligible to apply for this job.

You will be asked to identify which category or categories you meet, and to provide documents which prove you meet the category or categories you selected.

See Proof of Eligibility for an extensive list of document requirements for all employment authorities.

Army CES positions apply Veteran's Preference to preference eligible candidates, as defined by Section 2108 of Title 5 U.S.C., in accordance with the procedures provided in DoD Instruction 1400.25, Volume 3005, "CES Employment and Placement".

If you are a veteran claiming veterans' preference, as defined by Section 2108 of Title 5 U.S.C., you must submit documents verifying your eligibility with your application package.

In order to qualify, you must meet the experience requirements described below.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student; social).

You will receive credit for all qualifying experience, including volunteer experience.

Your resume must clearly describe your relevant experience; if qualifying based on education, your transcripts will be required as part of your application.

Additional information about transcripts is in this document. This position is in the Professional Category at the Senior Work Level within the CES Occupational Structure.

To qualify based on your experience, your resume must describe one year of specialized experience that demonstrates the possession of knowledge, skills, abilities, and competencies necessary for immediate success in the position.

Such experience is typically in or directly related to the work of the position to be filled.

Specialized experience would be demonstrated by at least one year of applicable experience in support to the Insider Threat Program Manager on program development, operations and execution of the program; integrates and centrally analyzes key threat-related information on threats that insiders may pose to the Command's cyber space program; Serve as direct contact for insider threat inquiries, hub operations, training, and response/mitigation actions for open cases, collaborate with applicable stakeholders to ensure Insider Threat program and user Activity Monitoring is meeting mission requirements.

Major Duties:

• Facilitates synchronization of InTB efforts both internally and externally through regular meetings and coordination.
• Serves as a primary point of contact for USCYBERCOM personnel who have questions about InT issues, or who desire to report potential insider threats.
• Collects data, produces summary-level trend analysis products, and briefings concerning InT incidents, assessments, associated risks, and response/mitigation measures.
• Provides the InTB, InTP and Command leadership with clear and quantifiable information.
• Identifies appropriate information sources (human, data systems, LE, CI) and elicits/obtains inputs from them using a variety of inquiry methods. Validates and deconflicts these inputs, which often indicate the need for further inquiry.
• Assesses case-or scenario-specific results in comparison to other information (that concerning the nature of threats and targets) to determine if threats are isolated or part of a more comprehensive and wide-ranging effort.
• Devises and communicates proposed corrective actions designed to mitigate the vulnerabilities exploited in this case and avoid recurrence of similar attacks.
• Contributes substantively to the development and executes the workflow and processes for the InTB and InTP. Develops, reviews, and processes for InT risk management and referral products for review and approval by the InTB Chief.
• Contributes substantively to the development of risk management best practices, procedures to assess risk priority based on available information, potential risk reduction, and/or control measures based on applicable regulations and best practices.
• On a continuing basis, attends InT training, reviews professional community literature and participates in specialist forums to keep abreast of changes and developments that may affect the Command’s InTB, InTP management approaches and operations.
• Participates in working group meetings and supports colleagues’ investigations by providing expert opinions and by contributing written materials and data analyses.
• Coordinates with mitigation/response authorities for resolution of InT referrals and other matters.