IT Specialist (Security)

Employer
USAJobs
Location
Leesburg, Virginia
Posted
Sep 13, 2019
Closes
Sep 19, 2019
Function
IT, Security Engineer
Hours
Full Time
Duties

Summary

The Security Operations Center (SOC) provide 24x7 monitoring to detect security threats and attacks against the agency. They focus on detecting advanced cyber-attack campaigns, and opportunistic malware attacks. They help the agency prioritize the detection of threats, and the remediation of detected attacks, based on understanding the risk that given threats present to the FAA.

Learn more about this agency

Responsibilities

If selected, the incumbent will maintain tactical level situational awareness for the SOC Manager, recognize conditions that require additional layers of escalation and notification, oversee the execution of incident response plans, and oversee SOC Standard Operating Procedures (SOPs). The incumbent will work in a shared services organization to properly manage middleware solutions and hardware infrastructure.

They will design solution to meet growth while maintaining balance between performance, stability, and agility; Manage customer expectations, onboard data, support projects in multi-site or clustered installations, and assist with the development of advanced reports to meet the requirements of key stakeholders; Conduct research in areas driven by customer use cases, architect and support systems used to configure and deploy enterprise Security Information Event Management (SIEM) log management solutions, and develop automation for security tools management; and assist with the automation, deployment, integration, and testing of enterprise systems and services and create and optimize correlations.

In addition, the incumbent will assess premised based infrastructure and provide assessments and evaluations for moving to the Cloud. The incumbent will support the onboarding of new data sources, analyzing the data for anomalies and trends and building dashboards highlighting the key trends of the data. They will oversee the maintenance of configuration files and apps following best practice implementations; Build custom summary indexes, including tagging data and managing in a multi-tenant environment; Direct and perform the implementation of updates, patches, and routine maintenance to dashboard instances; Identify, analyze, implement, review, and recommend changes to standard operating procedures to support continuous improvement; Support incident response team analysts and other engineers to determine which log types have the most value for their analytics and detection; Analyze tools, processes, and procedures for responding to Cyber intrusions and come up with new methods for detecting Cyber adversaries; Deploy new monitoring infrastructure to aid the incident response team and ensure the organization has the proper Cybersecurity detection mechanisms in place; Develop and deploy new tools on the fly to assist with the detection of adversaries and meet the needs of incident response analysts and report overall growth and health of solutions, and report effectively to senior leaderships

Travel Required

Occasional travel - The job may require travel from time- to-time, but not on a regular basis. The travel may be for training or other work-related duties.

Supervisory status
No

Promotion Potential
NA

Requirements

Conditions of Employment

  • US Citizenship is required.
  • Selective Service Registration is required for males born after 12/31/1959.
  • Designated or Random Drug Testing required.


Qualifications

To view the complete qualifications standard, applicants should reference-U.S. Office of Personnel Management Group Coverage Qualification Standard for Information Technology (IT) Management Series, 2210 (Alternative A):

https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/

To qualify for this position you must demonstrate in your application that you possess at least one year of specialized experience equivalent to FV-I, FG/GS-13 in the Federal Service. Specialized experience is experience that has equipped you with the particular knowledge, skills, and abilities to perform successfully the duties of the position.

Specialized experience may include but not limited to: Experience in utilizing Security Information Event Management (SIMS) products with a focus on Splunk as an intrusion analyst, content developer or security professional.

Qualifications must be met by the closing date of this vacancy announcement.

Education

Preview Job Questionnaire
Make sure your resume includes detailed information to support your qualifications and answers to the job questionnaire.

Additional information

We may use this vacancy to fill other similar vacant positions.
Position may be subject to a background investigation.
A one-year probationary period may be required.
The person selected for this position may be required to file a financial disclosure statement within 30 days of entry on duty. FAA policy limits certain outside employment and financial investments in aviation-related companies.

This position is covered by the Department of Transportation's Drug and Alcohol Testing Program. Any applicant tentatively selected for this position will be subject to pre-employment or pre-appointment drug screening. Persons occupying a "testing designated position (TDP)" will be subject to random drug and/or alcohol testing.

As a part of the Federal-Wide Hiring Reform Initiative (streamlining the hiring process), the FAA is committed to eliminating the use of the Knowledge, Skills and Ability (KSA) narratives from the initial application in the hiring process for all announcements. Therefore, as an applicant for this announcement, you are NOT required to provide a narrative response in the text box listed below each KSA.

In lieu of providing a KSA narrative response in the text box listed below each KSA, in your work history, please include information that provides specific examples of how you meet the response level or answer you chose for each KSA. Your work history examples should be specific and clearly reflect the highest level of ability. Your KSA answers will be evaluated further to validate whether the level that you selected is appropriate based on the work history and experience you provided. Your answers may be adjusted by a Human Resource Specialist as appropriate.

Eligible applicants meeting the minimum qualification requirements and selective factor(s), if applicable, may be further evaluated on the Knowledge, Skills and Abilities (KSA) listed in the announcement. Based on this evaluation, applicants will be placed in one of the following categories: score order, category grouping, or priority grouping and referred to the selecting official for consideration.

Please ensure you answer all questions and follow all instructions carefully. Errors or omissions may impact your rating or may result in you not being considered for the job.

You may also be considered for this vacancy based on eligibility under the 30% or More Disabled Veteran Program, Veterans' Recruitment Appointment, and Persons with Disabilities/Persons with Targeted Disabilities. To be considered for one of these special hiring authorities, you must identify your eligibility in your questionnaire in the Applicant-Preferred Conditions of Employment section. In addition, you must submit documentation that provides evidence of eligibility as indicated in the Required Documents section of the announcement.

Qualification requirements must be met by the closing date of this vacancy announcement.

Some, all or none of the applicants may be interviewed.

Selection may be made from this announcement or from announcement ACT-ACT-AIS-19-AIS340-62610.

This is not a bargaining unit position.

Links to Important Information: Locality Pay , COLA

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

IMPORTANT: Applicants may be rated on the extent and quality of experience, education, and training relevant to the duties of the position(s). All answers provided in the on-line process must be substantiated. Ensure that your application package/resume supports your responses.

Background checks and security clearance

Security clearance
Top Secret

Drug test required
Yes

Required Documents

Only supplemental documentation, e.g. transcripts or veteran's documentation will be accepted in combination with your on-line application. These documents must be uploaded or faxed to 609-485-8995 on or before the closing date of this announcement. All submitted documents should reference the announcement number.

All Veterans: If you are claiming veterans' preference, you must submit either a DD Form 214 Certificate of Release or Discharge from Active Duty (Member 4 Copy or equivalent), or a document from the armed forces certifying that within 120 days you are expected to be discharged or released from active duty service under honorable conditions. If you are claiming 10 point preference, you must also submit a completed SF-15, Application for 10-Point Veteran's Preference, and supporting documents outlined on the SF-15. Documents must be uploaded or faxed to the Servicing Human Resource Management Office listed in this announcement and all documents must be received by the closing date of the announcement. If you fail to submit documentation, you will be assessed as a non-veteran.

If you are claiming 10 point preference but fail to submit the supporting documents outlined on the SF-15, you will be tentatively assessed as a 5 point preference eligible provided your DD Form 214 reflects that you have the service required to qualify for preference. Documents must be uploaded or faxed to the Servicing Human Resource Management Office listed in this announcement and all documents must be received by the closing date of the announcement. If you fail to submit documentation, you will be assessed as a non-veteran.

Veterans currently on active duty claiming veterans' preference: You will be granted tentative preference if you submit a document from the armed forces certifying that within 120 days you are expected to be discharged or released from active duty service under honorable conditions and your application shows that you have the required service. Prior to being appointed, you must provide to the Servicing Human Resource Management Office a DD Form 214 documenting discharge/release and showing that the service was honorable or general. If you are on terminal leave, you must provide documentation certifying authorized terminal leave.

If you are relying on your education to meet qualification requirements:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .

Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.

Similar jobs