Duties

The incumbent is a recognized IT security expert within the Judiciary with a strong background in cyber security, networking, security devices, operating systems, and a proven record of successfully deploying solutions to improve the organization's cyber security posture. The incumbent will perform various duties under the direction and guidance of the Chief, Security Mission Integration.

The incumbent is responsible for leading ITSO's solution engineering in all phases of the systems development life cycle. The candidate will oversee all ITSO systems and applications while developing new capabilities in response to cross-ITSO requirements. Additionally, the candidate will be responsible for coordinating systems protections with stakeholders across the judiciary and continually developing process to measure and refine the judiciary's cyber security posture.

Duties may include, but are not limited to, the following:

Leading the Security Systems Team by providing oversight for all federal and contractor staff in meeting the branch mission and responsibilities.

Planning and developing the Security Systems budget for personnel, training, and systems to support the ITSO submissions to the Judiciary Information Technology Fund (JITF).

Ensuring operational readiness and maintenance of all ITSO security systems.

Ensuring high levels of customer satisfaction for all supported applications and systems.

Integrating judiciary cyber security systems to the maximum extent practical to provide automated mitigations in cyber-relevant timeframes.

Developing key performance metrics to demonstrate the operational effectiveness and efficiency of judiciary cyber security systems.

In conjunction with other AO offices and judiciary stakeholders, developing long-range cyber security architecture to ensure programmatic solutions to emerging threats.

Providing cyber security architecture leadership, including developing threat models that highlight operational risk to systems or applications while annotating additionally required security protections.

Developing and refining Team procedures for daily tasks to ensure compliance with appropriate judiciary policies.

Providing security engineering and operations support to Enterprise Operations Center and Cloud Hosting & Network Office.

Ensuring Security Operations Center Feedback and data analytics are leveraged to continually tune and refine Security Incident & Event Management alerts.

Overseeing the management all ITSO systems in the Internet Data Centers and the Judiciary Data Center in accordance with applicable policies and procedures.

Overseeing the mitigation of all vulnerabilities in ITSO systems in accordance with the Judiciary Information Security Framework (JISF).

Leading the development of a security capabilities roadmap that matches existing gaps with expected solutions.

Leading the development of new alerting methodologies to identify advanced persistent threats or insider threats.

Overseeing the development of new tools and capabilities to emulate threat actors while validating the capability of the security stack to appropriately identify and categorize the activity.

Providing weekly activity reports for all Team personnel that highlight ongoing operational improvements.

Developing methodologies for continually monitoring and assessing the security posture of the judiciary to ensure that all systems are performing within expected tolerances.

Serving as subject matter expert on cyber security as it applies to networking, operating systems and information security technologies and methodologies.

Requirements

Conditions of Employment

CONDITIONS OF EMPLOYMENT

All information is subject to verification. Applicants are advised that false answers or omissions of information on application materials or inability to meet the following conditions may be grounds for non-selection, withdrawal of an offer of employment, or dismissal after being employed.

Selection for this position is contingent upon completion of OF-306, Declaration of Federal Employment during the pre-employment process and proof of U.S. citizenship for competitive status positions or conversion to a competitive status position with the AO. If non-citizens are considered for hire into a temporary or any other position with non-competitive status or when it is confirmed by the AO Human Resources Office there are no qualified U.S. citizens for a competitive status position (unless prohibited by a law or statue), non-citizens must provide proof of authorization to work in the U.S. and proof of entitlement to receive compensation. Additional information on the employment of non-citizens can be found at USAJOBS Help Center | Employment of non-citizens / . For a list of documents that may be used to provide proof of citizenship or authorization to work in the United States, please refer to Form I-9, Employment Eligibility Verification .

All new AO employees will be required to complete an FBI fingerprint-based national criminal database and records check and pass a public trust suitability check.

New employees to the AO will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights/responsibilities, visit https://www.e-verify.gov/ .

All new AO employees are required to identify a financial institution for direct deposit of pay before appointment.

You will be required to serve a trial period if selected for a first-time appointment to the Federal government, transferring from another Federal agency, or serving as a first-time supervisor. Failure to successfully complete the trial period may result in termination of employment.

If appointed to a temporary position, management may have the discretion of converting the position to permanent depending upon funding and staffing allocation.

Qualifications

Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions.

Specialized Experience : Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience in systems engineering with emphasis on delivering high quality cyber security solutions.

Your resume must show clear and convincing evidence of the specialized experience requirements. We cannot make assumptions.

Applicants with the following certifications/experiences are highly desirable:

• Bachelor of Science degree in Computer Science, Mathematics, Engineering or Data Science or other STEM degree from fully accredited university
• Master's degree in disciplines relevant to cyber security
• Cisco Certified Internetwork Expert (CCIE) Security Certification
• Cisco Certified Network Professional (CCNP)
• Splunk Architect
• Splunk Power User v8 Certification
• One advanced technology-agnostic cyber security certification from ISC2, ISACA, or SANS. Preference will be given to CISSP
• Advanced vendor certifications including CCIE-Security, CCNP or Splunk Architect

Education

This position does not require education to qualify.

Additional information

The AO is an Equal Opportunity Employer.