IT Specialist (SOC Operations Manager)

Employer
USAJobs
Location
Washington, D.C
Posted
Jan 24, 2023
Closes
Jan 28, 2023
Hours
Full Time
Duties

The IT Specialist (SOC Operations Manager) performs the following major duties:
  • Program Management, Advice and Recommendations:
    • Provides authoritative guidance related to the information security program.
    • Ensure that cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
    • Implement specific cybersecurity countermeasures for systems and/or applications.
    • Perform cybersecurity testing of developed applications and/or systems.
    • Provide cybersecurity guidance to leadership.
    • Assess and monitor cybersecurity related to system implementation and testing practices.
    • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
    • Notify designated managers, cyber incident responders, and cybersecurity service provider team members of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
    • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
    • Assess the effectiveness of cybersecurity measures utilized by system(s).
    • Design and develop cybersecurity or cybersecurity-enabled products.
    • Design hardware, operating systems, and software applications to adequately address cybersecurity requirements.
    • Develop specific cybersecurity countermeasures and risk mitigation strategies for systems and/or applications.
    • Identify, assess, and recommend cybersecurity or cybersecurity-enabled products for use within a system and ensure that recommended products are in compliance with organization's evaluation and validation requirements.
    • Manage a small team of cyber security professionals to include analysts, incident responders, and security tool engineers.
    • Serve as the overall escalation point for the SOC. Frequent direct interface with federal staff counterpart to advise and coordinate operational activities to include notable threats, active incidents, and situation awareness. Must also coordinate/communicate with OCIO senior leadership on notable operational and programmatic issues.
    • Act as incident commander during high severity incidents, if necessary.
    • Operate autonomously to further investigate and escalate in accordance with protocols and contractual SLAs.
    • Uphold and enforce established processes.
    • Manage and report SOC related metrics as defined.
    • Identify SOC capability enhancement ideas for continuous improvement. Prioritize and assign resources to support enhancement projects and special requests.
    • Coordinate SOC services and responsibilities with the Network Operations team.
    • Work with subject matter experts across the program to transform the maturity of the SOC to an industry-leading organization.


Requirements

Conditions of Employment


  • Applicants must be U.S. citizens.
  • Applicants must successfully complete a background security investigation with favorable adjudication. Failure to successfully meet this requirement will be grounds for employment termination.
  • All Federal employees are required to have federal salary payments made by direct deposit to a financial institution of their choosing.
  • A one year trial period is required.
  • This job has been identified as a testing designated position under our Drug-Free Workplace Program. Therefore, you must satisfactorily complete a drug test prior to being hired. As an employee, you will be subject to random drug testing.
  • This is not a bargaining unit position.
  • This position requires a Top Secret background investigation.
Peace Corps Information
  • This is a Federal civilian job in the Excepted Service. Peace Corps employees are paid on the Foreign Personnel (FP) pay scale.
  • Initial appointment of employment cannot exceed five years.
  • This position has been designated as Remote Work eligible and a location will be negotiated after selection.
  • Additional hiring needs may be filled through this vacancy.
  • The Peace Corps is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service, or other non-merit factors.
  • The Peace Corps is a drug-free workplace and promotes a drug-free environment.
  • The Peace Corps is committed to maintaining a diverse and inclusive culture. Our goal is to attract and develop the best and brightest from all lifestyles and backgrounds. The Peace Corps strives to create a culture of inclusion where individuals feel respected and are treated fairly in all aspects of differences. Our commitment is to make a difference in the lives of people around the world.
The Peace Corps provides reasonable accommodation to applicants with disabilities. If you need a reasonable accommodation for any part of the hiring process, please notify the Office of Human Resources by calling 202-692-1200 or the Office of Civil Rights and Diversity on 202-692-2139. Decisions on granting reasonable accommodation are made on a case-by-case basis.

Qualifications

Specialized Experience:

You must meet the specialized experience at the grade level(s) in which you choose to be considered by 11:59 p.m. Eastern Time (ET) on 01/27/2023 (the closing date of the announcement). You will receive credit for all qualifying experience, including volunteer experience. To ensure full credit for your experience, please indicate dates of employment by month, day, and year and the number of hours worked per week in your resume.

This vacancy is being announced at one grade level:

FP-2

Qualifying experience for the FP-2 level includes one year of specialized experience at least equivalent to the FP-3 or GS-13 level which is in or directly related to the line of work of the position to be filled and which has equipped the applicant with the particular knowledge, skills, and abilities to successfully perform the duties of the position. Specialized experience includes: Prior Security Operations Center (SOC) Management or Supervisory experience; AND Experience performing cybersecurity testing of developed applications and/or systems; Experience providing cybersecurity recommendations to leadership based on significant threats and vulnerabilities; AND Experience overseeing policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies; AND Leading cybersecurity programs/projects to enhance cybersecurity capabilities and reducing threats against an organizations computer and network infrastructure.
  • Knowledgeable on multiple technology and system and software types (e.g., SIEM, SOAR, IDS/IPS, AlienVault, Splunk, Tenable, Endpoint Detection & Response);
  • Advanced knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a complex Enterprise;
  • Experience with investigating and reporting data breaches;
  • Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing medium-large-scale incident response;
  • Create reports and presentations on research and findings.
  • Share knowledge with members of the SOC and Cyber Security teams.
  • Analyze collected data to determine trends in the security environment of the organization.

Desired Qualifications
  • Prior Security Operations Center (SOC) Management or Supervisory experience.
  • Advanced knowledge in planning, directing, and managing Computer Incident Response Team (CIRT) and/or Security Operations Center (SOC) operations for a complex Enterprise.
  • Experience in incident detection and response, malware analysis, or cyber forensics Significant experience supervising or leading employees of various labor categories and technical skill levels in efforts similar in size and scope to a mature Security Operation.
  • Mature understanding of federal accepted standards for incident response actions and best practices related to SOC operations.
  • Knowledgeable on multiple technology and system and software types (e.g., SIEM, SOAR, IDS/IPS, AlienVault, Splunk, Tenable, NextGen AV for endpoint).
  • Experience with investigating and reporting data breaches.
  • Deep technical understanding of core current cybersecurity technologies as well as emerging capabilities.
  • Hands-on cybersecurity experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization including prior experience performing medium-large-scale incident response.
  • Demonstrated understanding of the life cycle of cybersecurity threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
  • Familiarity with Cloud concepts and experience performing monitoring and responding to threats in Cloud environments.
  • Strong written and verbal communication skills, and the ability to create technical reports based on analytical findings.
  • Strong analytical and troubleshooting skills.
  • Identify process improvement and technology opportunities for increased innovation, cost savings, and customer satisfaction.
  • Prior experience as a change agent to implement cultural and operational changes
  • BS and 10 years' experience with 5 years of management/project experience. CEH, GCIH, or equivalent certifications or higher DESIRED

AND

For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled.

1.Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

2.Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

3.Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

4.Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Additional information on qualification requirements is outlined in the OPM Qualifications Standards Handbook of General Schedule Positions. It is available for your review on the OPM web site at https://www.opm.gov/policy-data-oversight/classification-qualifications/

Time-in-Grade Requirements: Internal applicants and Federal employees who are currently holding, or who have held within the previous 52 weeks, a position under a non-temporary appointment in the competitive or excepted service, must meet "time-in-grade" requirements (have served 52 weeks at the next lower grade of the grade for which you are applying (FP-3 or GS-13).Note: All current or former Federal employees (including internal employees) must provide a copy of their SF-50 (you may need to submit more than one), "Notice of Personnel Action" that indicates proof of status and time-in-grade eligibility. The SF-50 must include your position, title, series, grade, step, tenure, and type of service (Competitive or Excepted).

All qualification requirements must be met by 01/27/2023 (the closing date of this announcement). Qualification claims will be subject to verification.

Please note:
Peace Corps employees are employed using the Foreign Personnel (FP) pay scale. The FP pay plan does not follow the same structure as the GS pay plan. In the FP pay plan, as the grade-level numbers decrease the level/pay for the position increases (e.g., the FP-09 is the lowest entry-level pay and the FP-01 is the highest senior-level pay).

Education

This job does not have an education qualification requirement.

Additional information

Intelligence Background Information

Peace Corps Manual Section 611 is applicable to this position. This section prohibits the employment of certain persons previously engaged in intelligence activities or connected with intelligence agencies within the past 10 years. If you have ever worked for the Central Intelligence Agency (CIA), you are not eligible for employment at the Peace Corps in any capacity, and you should not apply for employment.

Acceptance of employment with Peace Corps precludes employment by certain intelligence organizations for a specific period of time, determined by the employing agency, after Peace Corps employment ceases.

Applicants who are found to be otherwise qualified will be required to submit upon request in the future a completed Intelligence Background Questionnaire, or narrative signed statement, indicating whether the applicant has been involved in or has had any connection with intelligence activities or related work and, if so, the nature and dates of his or her involvement. Failure to meet this requirement will result in the applicant being rated ineligible for further consideration. If you have any other type of possible intelligence connection, your application will not be further considered until you submit this form. Except when the CIA or the National Security Agency (NSA) is involved (see below), if your connection with an Intelligence Agency involves an immediate family member who works or has worked in intelligence, the immediate family member should complete the form, not the applicant. Usually relying on memory is sufficient to answer most if not all of the questions.

If you have an immediate family member who works or has worked for the CIA, you should not give them this form to complete. Please contact your relative in person-not by phone, email, social networking, or any other means that is not in person- and ask him or her to contact the Office of General Counsel at the CIA.

If you or an immediate family member have been employed by or associated with the NSA, you or your family member must contact the NSA Prepublication Review Office at 443-634-4095.