Duties

Summary

If selected, you will lead a team of experienced technical experts who are responsible for defense of agency information, information systems, and data networks. This position requires expertise in cyber security incident response, analyzing/leveraging/generating threat intelligence, use of analytical tools/models to detect malicious activity, and ability to provide technical leadership for highly skilled group of federal cyber security analysts.

The position is located in Washington, DC.

Learn more about this agency

Responsibilities

This position is for the Branch Chief, Cybersecurity Analysis. Your responsibilities will include:

• Develop and maintain policies and standard operating procedures for cybersecurity incident response operations.
• Serve as the primary cybersecurity incident handler.
• Perform historical and near real-time network traffic and log analysis.
• Manage compliance with appliance incident handling policies, procedures, and guidance, such as the US-CERT Federal Incident Notification Guidelines, NIST SP 800-61, DOD CJCSM 6510.01B.
• Prepare detailed analytical reports on potential information system incidents, events, or anomalies.

Travel Required

Not required

Supervisory status
Yes

Promotion Potential
15

Requirements

Conditions of Employment

• You must be a US Citizen.
• Application procedures are specific to this vacancy announcement. Please read all the instructions carefully. Failure to follow the instructions may result in you not being considered for this position.
• Supplementary vacancies may be filled in addition to the number stated in this announcement.
• This position has promotion potential to the SK-15.
• SUPERVISORY PROBATIONARY PERIOD: This appointment may require completion of a two-year supervisory probationary period.
• SECURITY CLEARANCE: Entrance on duty is contingent upon completion of a pre-employment security investigation. Favorable results on a Background Investigation may be a condition of employment or selection to another position.
• DRUG TESTING: This position may be subjected to drug testing requirements.
• PERMANENT CHANGE OF STATION (PCS): Moving/Relocation expenses are not authorized.
• DIRECT DEPOSIT: All Federal employees are required to have Federal salary payments made by direct deposit to a financial institution of their choosing.
• This position is not in the collective bargaining unit.

Qualifications

All qualification requirements must be met by the closing date of this announcement.

Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

BASIC REQUIREMENT: Applicants must possess IT related experience demonstrating each of the four competencies: reviewing work to ensure it is in line with established standards or to identify deficiencies (Attention to Detail); collaborating with customers to identify their information technology needs or to resolve their hardware and software problems (Customer service); explaining technical information orally to non-technical audiences (Oral Communication); and evaluating alternatives to recommend solutions to hardware or software problems (Problem Solving).

MINIMUM QUALIFICATION REQUIREMENT: In addition to meeting the basic requirement, applicants must also meet the minimum qualification requirement:

SK-15: Applicant must have at least one year of specialized experience equivalent to the GS/SK-13 level. Specialized experience includes all of the following:

Leading organizational cybersecurity operations functions (to include incident response and the management of cybersecurity infrastructure, e.g. firewalls and intrusion detection systems); and

Applying knowledge of hacker methodologies and tactics (TTPs) to develop defense strategies or mitigation techniques for system vulnerabilities and key indicators of attacks and exploits.; and

Implementing standardized measures and metrics to deliver a quality security operations program; and

Managing responses to identified Plan of Action and Milestones (POA&Ms), and;

Managing operational and administrative tasks for an organizational security services contract.

Education

This job does not have an education qualification requirement.

Additional information

IMPORTANT INFORMATION FOR SURPLUS OR DISPLACED FEDERAL EMPLOYEES: Career Transition Assistance Plan (CTAP) and Interagency Career Transition Assistance Plan (ICTAP) are available to individuals who have special priority selection rights under this plan. Individuals must be well-qualified for this position to receive consideration for special priority selection. CTAP or ICTAP eligibles will be considered well-qualified when receiving an adjudicated score of 80 or higher.

Reasonable Accommodation: If you are an applicant who needs a reasonable accommodation for disability to participate in the application process at the SEC, submit the form for Reasonable Accommodation for Participation in Job Application Process here . Please be sure to submit your request at least 5 business days in advance of the date you need the requested accommodation.

Equal Employment Opportunity (EEO) Information for SEC Job Applicants: Federal EEO laws protect all applicants from discrimination on the following bases: race, color, sex (not limited to conduct which is sexual in nature, includes pregnancy, gender identity, sexual orientation, transgender status), age (40 and over), religion, national origin, disability, genetic information, retaliation for participating in the EEO process or opposing discrimination. Applicants who believe they have been discriminated against on any EEO basis can seek recourse through the SEC's administrative complaints process. To be timely, an individual must enter the EEO process within 45 days from when they know (or should have known) of the alleged discrimination. Click here for additional information.

TTY/ASCII: Video Relay Service users are welcome to contact the appropriate SEC office or employee via the contact information listed above. If you do not otherwise have access to a Video Phone or Video Relay service, you may send us an email or use the Federal Video Relay Service via the internet. For more information about using the Federal Relay Service and to create a new account, please see: http://fedvrs.us/

SEC COMPENSATION PROGRAM: For questions regarding SEC pay setting practices, please click here .

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

This position is being advertised through the Office of Personnel Management's (OPM) Delegated Direct-Hire Authority (Section 1312 of the Homeland Security Act of 2002) and is open to All U.S. Citizens. Under this authority, competitive rating, ranking and veterans' preference do not apply.

We will review your resume and supporting documentation to determine if you meet the minimum qualifications for the position. If you meet the minimum qualifications stated in the vacancy announcement, we will compare your resume and supporting documentation to your responses on the scored occupational questionnaire. Your resume must support your responses to the scored occupational questionnaire.

Your qualifications will be evaluated on the following competencies (knowledge, skills, abilities and other characteristics):

• Information Systems/Network Security and Management Experience

The Occupational Questionnaire will take you approximately 20 minutes to complete. To preview the Occupational Questionnaire, click the following link https://apply.usastaffing.gov/ViewQuestionnaire/10905551 .

Background checks and security clearance

Security clearance
Other

Drug test required
No

Position sensitivity and risk
High Risk (HR)

Trust determination process

Required Documents

You must provide a complete Application Package, which includes:

• Required: Your responses to the Occupational Questionnaire.
• Required: Your complete and comprehensive resume that includes a complete history of your work experience and the applicable employment dates with months and years. To determine if you qualify for this position, OHR will review your work history that is relevant to the specific position for which you applied. If you are an external candidate selected for this position, OHR will review your complete work history to establish your starting salary. If you are a current SEC employee selected for this position, the standard percentage increases will be applied (i.e., 8% for supervisory positions) if your selection results in a promotion. If your selection results in lateral movement (i.e. no change in grade) you will maintain your current salary. Note: Your resume must directly address the definition of specialized experience listed in the qualification section of this announcement and must NOT contain pictures. For external candidates: Information on how your resume will be used for pay setting purposes can be found here .
• Required, if applicable: CTAP/ICTAP documentation (a copy of a separation notice or other proof of eligibility for priority selection; a copy of an SF-50, Notification of Personnel Action, showing current position, grade, promotion potential, and duty location; AND a copy of your most recent performance appraisal.)