This position is being filled under the memorandum from the Under Secretary of Defense for Personnel and Readiness (USD(P&R)) "Expansion of Direct Hire Authority for Certain Personnel of the Department of Defense," dated June 23, 2023.
As a IT CYBERSECURITY SPECIALIST (INFOSEC/NETWORK) at the GS-2210-13/14 some of your typical work assignments may include:
Represents the Division Chief as an authoritative expert with outside organizations, working groups, and leadership councils within the Department of Defense and non-Department of Defense Agencies and Activities as it relates to the execution of cyber security assessments. Performs as an Advanced Cybersecurity Analytics Team (ACAT) Lead supporting NE-MAC's cyber assessment priorities. Works with customers to develop objectives, scope, approach, time constraints, cost estimates, and staffing requirements that will be collated into an assessment plan and ensures Mission Assurance Cyber Division leadership has the information.
Capable of acquiring knowledge to conduct all three phases of a NE-MAC cyber security assessment including network modeling, host vulnerability scanning, and network traffic collection and analysis. Shall be able to assess indicators of compromise, unauthorized activities, and network system misconfigurations. This includes identifying, conducting analysis and reporting on indicators of malware, data exfiltration, and insider activity; indicators of rouge network connections and anomalous packets as well as unexplainable traffic; and indicators of poor cyber hygiene and cybersecurity practices.
Conduct cyber security assessments using the NE-MA Toolkit(s) to identify and correlate indicators of compromise, non-authorized activity, misconfigurations, classified spillage, non-protected personally identifiable information and other key cyber vulnerabilities. Leads a highly technical team of operators in the examination of key networks, data, industrial control systems, configuration management, security controls, and network/software/system configurations.
Partner with Mission Assurance Department's IT support staff to conduct market research to determine the best IT solutions for the division's cyber assessment capability with an eye towards life cycle of the equipment, current and future cyber threats, and applicability to the Division's long-term strategy. Provide technical guidance for matters affecting configurations and operations to maintain standalone network infrastructure used for cyber assessments, training, and analysis. Applies cybersecurity analytical and networking techniques to resolve existing system problems and prepare studies to design alternatives to meet performance criteria. Coordinates with the Mission Assurance Department's IT support staff to ensure network maintenance and system upgrades are implemented on the NE-MA Cyber Toolkit(s). Interface with vendors for problem resolution. Coordinate with applicable authorities to gain access to connect the NE-MA Cyber Toolkit(s) on specific networks identified by customer objectives. Deploy with and lead a highly technical team of cyber operators. Provide briefs to DoD and USG Senior Leaders on cyber security assessment processes and methodology, assessment results, vulnerability mitigation, and program initiatives.
Leads team of technical cyber operators on cyber security assessment by analyzing computer components and architectures, including the functions of various components and peripherals, basic programming concepts, assembly code, TCP/IP, OSI models, underlying networking protocols, security hardware, and software options including the network artifacts they induce. Maintains operational, technical, and authoritative situational awareness during assessments. Conducts classified and open-source data collection via various online tools as well as test and evaluate open-source and locally developed tools for operational use.
Represents DTRA in interactions with OSD, Joint Staff, CCMDs, Military Services, and other DoD and government agencies. Defends findings, mitigation strategies and methodologies by composing correspondence, briefings, memoranda, and other documentation to present objectives and justifications to senior leaders throughout DoD, the interagency, and the federal government. Develops additional supporting material as required. Interacts with Service staffs and agencies at the GO/FO/SES level as necessary.
Applies program/project management techniques required to implement all aspects of research and development associated with ACAT assessments: documents customer requirements, prepares realistic assessment plans, applies appropriate controls, conducts periodic reviews and assesses and manages risks. Responsible for directing technical analysis of assigned ACAT assessments; establishes schedule milestones, makes staff task assignments, reviews and consolidates input, prioritizes tasks and recommends funding profiles as appropriate. RequirementsConditions of Employment
- Must be a U.S. Citizen
- Occasional Travel
- Work Schedule: Full-time
- Males born after 12-31-59 must be registered for Selective Service
- Suitable for Federal employment, determined by a background investigation
- May be required to successfully complete a probationary period
- Overtime: 25%
- Tour of Duty: Flexible
- Recruitment Incentives: Not Authorized, https://www.dtra.mil/Careers-Opportunities/DTRA-Opportunities/
- Fair Labor Standards Act (FLSA): Exempt at GS-14; Non-Exempt at GS-13
- Financial Disclosure: Not Required
- Telework Eligibility: This position is telework eligible
- This is a designated drug testing position.
- Must be able to obtain/maintain a Special Sensitive (Top Secret/SCI) clearance.
- Must be able to work odd/extended hours as directed by the program environment.
- This is a DoD Information Assurance Workforce Improvement Program (DoD 8570.01M) position. Must obtain the Computer Network Defense-Service Provider Specialty Auditor certification within 12 months of being assigned IA functions.
- Must be obtain a valid passport.
You may qualify at the GS GS-13 , if you fulfill the following qualifications:
One year of specialized experience equivalent to the GS-12 grade level in the Federal service as listed below:
- Applying cyber assessment methodologies to define and manage cyber security operations and assessments of contractor scopes of work.
- Conducting vulnerability assessments and gathering data on past cyber attacks in order to build a creditable portfolio of scenarios to assist leadership in developing mitigation strategies.
- Designing and analyzing network vulnerabilities and virtual networks utilizing industry standard cyber security toolsets.
- Applying the Risk Management Framework for networks in order to develop an Authority to Operate for each system.
- Briefing senior civilian or military personnel through written and oral communication through various organizations and agencies related to IT cyber security and cyber vulnerability assessments.
You may qualify at the GS GS-14 , if you fulfill the following qualifications:
One year of specialized experience equivalent to the GS-13 grade level in the Federal service as listed below:
- Applying computer network defense knowledge to protect, monitor, analyze, detect and respond to network attacks, intrusions, disruptions or other unauthorized actions that would compromise or cripple a defense information system and networks.
- Utilizing defense cyber concepts to perform reconnaissance, infiltration, internal networking pivoting and exploration, and/or data exfiltration.
- Ensuring the effective execution of cyber-threat emulation through general cyber-attack stages (e.g. foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering attacks).
- Performing reconnaissance, scanning, exploitation and post-exploitation through the use of commercial or open-source defensive security tools.
- Analyze system risks, develop and/or implement security plans/measures to ensure accessibility, authentication, confidentiality, integrity, and/or availability, and validate/accept system residual risk. Protect operational systems data and/or networks.
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
In addition to meeting qualifications, your application package must reflect the applicable experience to meet the Individual Occupational Requirements for the 2210, series as listed below: Attention to Detail
- Is thorough when performing work and conscientious about attending to detail. Customer Service
- Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication
- Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving
- Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Education
Substitution of education may not be used in lieu of specialized experience for this grade level.Additional information
This is a DoD Information Assurance (IA) Workforce Improvement Program (DoD 8570.01M) position. New hires' must obtain the Computer Network Defense-Service Provider Specialty (CND-SP) Auditor (CND-AU) certification as identified in 8570.01M within 12 months of being assigned IA functions beginning the date they start in the position.RE-EMPLOYED ANNUITANT:
This position DOES NOT meet criteria for re-employed annuitant. The DoD criteria for hiring Re-employed Annuitants can be found at: https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/140025/1400.25-V300.pdf
All applicants must meet qualifications and eligibility criteria by the closing date of the announcement.Interagency Career Transition Assistance Programs
: This program applies to employees who have been involuntarily separated from a Federal service position within the competitive service or Federal service employees whose positions have been deemed surplus or no longer needed. To receive selection priority for this position, you must: 1) meet ICTAP eligibility criteria; 2) be rated well-qualified for the position; Well qualified is defined as possessing the type and quality of experience that exceeds the positions minimum qualifications. and 3) submit the appropriate documentation to support your ICTAP eligibility. For more information:
https://www.opm.gov/policy-data-oversight/workforce-restructuring/employee-guide-to-career-transition/ Males born after 12-31-59 must be registered or exempt from Selective Service
(see Who Needs to Register | Selective Service System : Selective Service System (sss.gov) )