IT Specialist (Security)

2 days left

Employer
USAJobs
Location
Leesburg, Virginia
Posted
Sep 13, 2019
Closes
Sep 21, 2019
Function
IT, Security Engineer
Hours
Full Time
Duties

Summary

The Security Operations Center (SOC) provide 24x7 monitoring to detect security threats and attacks against the agency. They focus on detecting advanced cyber-attack campaigns, and opportunistic malware attacks. They help the agency prioritize the detection of threats, and the remediation of detected attacks, based on understanding the risk that given threats present to the FAA.

Learn more about this agency

Responsibilities

If selected, the incumbent will maintain tactical level situational awareness for the SOC Manager, recognize conditions that require additional layers of escalation and notification, oversee the execution of incident response plans, and oversee SOC Standard Operating Procedures (SOPs). The incumbent will work in a shared services organization to properly manage middleware solutions and hardware infrastructure.

They will design solution to meet growth while maintaining balance between performance, stability, and agility; Manage customer expectations, onboard data, support projects in multi-site or clustered installations, and assist with the development of advanced reports to meet the requirements of key stakeholders; Conduct research in areas driven by customer use cases, architect and support systems used to configure and deploy enterprise Security Information Event Management (SIEM) log management solutions, and develop automation for security tools management; and assist with the automation, deployment, integration, and testing of enterprise systems and services and create and optimize correlations.

In addition, the incumbent will assess premised based infrastructure and provide assessments and evaluations for moving to the Cloud. The incumbent will support the onboarding of new data sources, analyzing the data for anomalies and trends and building dashboards highlighting the key trends of the data. They will oversee the maintenance of configuration files and apps following best practice implementations; Build custom summary indexes, including tagging data and managing in a multi-tenant environment; Direct and perform the implementation of updates, patches, and routine maintenance to dashboard instances; Identify, analyze, implement, review, and recommend changes to standard operating procedures to support continuous improvement; Support incident response team analysts and other engineers to determine which log types have the most value for their analytics and detection; Analyze tools, processes, and procedures for responding to Cyber intrusions and come up with new methods for detecting Cyber adversaries; Deploy new monitoring infrastructure to aid the incident response team and ensure the organization has the proper Cybersecurity detection mechanisms in place; Develop and deploy new tools on the fly to assist with the detection of adversaries and meet the needs of incident response analysts and report overall growth and health of solutions, and report effectively to senior leaderships

Travel Required

Occasional travel - The job may require travel from time- to-time, but not on a regular basis. The travel may be for training or other work-related duties.

Supervisory status
No

Promotion Potential
NA

Requirements

Conditions of Employment

  • US Citizenship is required.
  • Selective Service Registration is required for males born after 12/31/1959.
  • Must submit an SF50 (See Required Documents)
  • Designated or Random Drug Testing required.


Qualifications

To view the complete qualifications standard, applicants should reference-U.S. Office of Personnel Management Group Coverage Qualification Standard for Information Technology (IT) Management Series, 2210 (Alternative A):

https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/

To qualify for this position you must demonstrate in your application that you possess at least one year of specialized experience equivalent to FV-I, FG/GS-13 in the Federal Service. Specialized experience is experience that has equipped you with the particular knowledge, skills, and abilities to perform successfully the duties of the position.

Specialized experience may include but not limited to: Experience in utilizing Security Information Event Management (SIMS) products with a focus on Splunk as an intrusion analyst, content developer or security professional.

Qualifications must be met by the closing date of this vacancy announcement.

Education

Preview Job Questionnaire
Make sure your resume includes detailed information to support your qualifications and answers to the job questionnaire.

Additional information

We may use this vacancy to fill other similar vacant positions.
Position may be subject to a background investigation.
A one-year probationary period may be required.
The person selected for this position may be required to file a financial disclosure statement within 30 days of entry on duty. FAA policy limits certain outside employment and financial investments in aviation-related companies.

This position is covered by the Department of Transportation's Drug and Alcohol Testing Program. Any applicant tentatively selected for this position will be subject to pre-employment or pre-appointment drug screening. Persons occupying a "testing designated position (TDP)" will be subject to random drug and/or alcohol testing.

As a part of the Federal-Wide Hiring Reform Initiative (streamlining the hiring process), the FAA is committed to eliminating the use of the Knowledge, Skills and Ability (KSA) narratives from the initial application in the hiring process for all announcements. Therefore, as an applicant for this announcement, you are NOT required to provide a narrative response in the text box listed below each KSA.

In lieu of providing a KSA narrative response in the text box listed below each KSA, in your work history, please include information that provides specific examples of how you meet the response level or answer you chose for each KSA. Your work history examples should be specific and clearly reflect the highest level of ability. Your KSA answers will be evaluated further to validate whether the level that you selected is appropriate based on the work history and experience you provided. Your answers may be adjusted by a Human Resource Specialist as appropriate.

Eligible applicants meeting the minimum qualification requirements and selective factor(s), if applicable, may be further evaluated on the Knowledge, Skills and Abilities (KSA) listed in the announcement. Based on this evaluation, applicants will be placed in one of the following categories: score order, category grouping, or alphabetical order and referred to the selecting official for consideration.

Please ensure you answer all questions and follow all instructions carefully. Errors or omissions may impact your rating or may result in you not being considered for the job.

Qualification requirements must be met by the closing date of this vacancy announcement.

Some, all or none of the applicants may be interviewed.

Selection may be made from this announcement or from announcement ACT-ACT-AIS-19-AIS340-62618.

This is not a bargaining unit position.

Links to Important Information: Locality Pay , COLA

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

IMPORTANT: Applicants may be rated on the extent and quality of experience, education, and training relevant to the duties of the position(s). All answers provided in the on-line process must be substantiated. Ensure that your application package/resume supports your responses.

Background checks and security clearance

Security clearance
Top Secret

Drug test required
Yes

Required Documents

SF-50, NOTIFICATION OF PERSONNEL ACTION. (See Below)

Your SF-50 my be faxed to 609-485-8995 on or before the closing date of this vacancy announcement. Applicants must reference the announcement number on their faxed documents.

Applicants claiming eligibility for the Expanded Veterans Hiring Opportunity (EVHO), MUST submit a DD Form 214 reflecting character of service to verify eligibility by the closing date of the announcement as requested by the Human Resource Office. Eligibility for EVHO will be considered based on applicable documentation submitted by the closing date.

If you are a current or former Federal employee (including a current FAA employee), you MUST provide a copy of your SF-50 (Notification of Personnel Action) containing information in Blocks 15, 17, 18, 19, 22, and 24 so it can be used to verify your position title, series, grade, tenure, and organization of record by the closing date of the announcement. You may fax your SF-50 or upload it into the on-line application. If faxing the SF-50, please ensure you include the vacancy announcement number on the faxed copy.

If you are a current Federal employee and need a current copy of your SF-50, please contact your personnel office. If you are an FAA employee, you can access and print your SF-50 from the eOPF system https://eopf.opm.gov/dot/ . If you are a former Federal employee, you can obtain a copy of your SF-50 by writing the National Personnel Records Center Annex, 1411 Boulder Boulevard, Valmeyer, IL 62295. Additional information is available from this link: http://www.archives.gov/st-louis/civilian-personnel/ .

Expanded Veterans Hiring Opportunity (EVHO) are thoseveterans who are honorably discharged from the Armed Forces after completing at least three (3) years of continuous active service.Applicants claiming eligibility for EVHO, MUST submit a DD Form 214 reflecting character of service to verify eligibility by the closing date of the announcement as requested by the Human Resource Office. Eligibility for EVHO will be considered based on applicable documentation submitted by the closing date.

If you are relying on your education to meet qualification requirements:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .

Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.

Similar jobs