IT Specialist (InfoSec)
- Employer
- USAJobs
- Location
- District of Columbia, D.C
- Closing date
- Nov 3, 2020
View more
- Industry
- Government and Public Services, Federal
- Function
- IT
- Hours
- Full Time
- Career Level
- Experienced (Non-Manager)
You need to sign in or create an account to save a job.
Duties
Summary
This position is located in the Office of the Managing Director, FCC IT, Information Resiliency, Washington DC
Relocation expenses will not be paid.
Learn more about this agency
Responsibilities
The Incumbent serves as the FCC Incident Response Manager and as an IT security technical authority with responsibility for: (a) conducting and/or leading FCC security Technical projects and reviews in FCC bureaus/Offices; (b) facilitating the engineering of mechanisms used to defend FCC networks from external threats which involve developing, delivering, and maintaining FCC systems and networks; (c) participating with the Chief Information Security Officer (CISO) in identifying, developing, assessing and reporting Federal Information Security Management Act (FISMA) compliant security policies, processes, standards and practices. He/she reports directly to the Chief Information Security Officer.
As a recognized expert in the field of information technology security, the incumbent provides authoritative guidance to FCC's IT security programs, which involves: (a) developing long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities; (b) leading the implementation of security programs designed to anticipate, assess, and minimize system vulnerabilities, threats as well as the application of new technologies; and (c) isolating and defining complex issues; and (d) resolving critical problems.
The incumbent will be responsible for the following tasks:
1. Developing, implementing, and improving IT Security principles, methods, tools in support of cyber and information security standards;
2. Implementing a Cyber Incident Response Program for an agency;
3. Partnering with or leveraging external organizations such as U.S. Cyber Command (USCYBERCOM), United States Computer Emergency Readiness Team (US-CERT), Defense Information Systems Agency (DISA);
4. Analyzing, planning, and implementing security approaches for cyber and information security technologies;
5. Coordinating and facilitating with other IT teams to ensure federal security requirements are in place through the lifecycle of solution implementation;
6. Providing subject matter expertise in support of day to day SOC intrusion detection and incident response activities to ascertain extent of compromise and residual threat;
7. Identifying threat actor groups and their techniques, tools and processes;
8. Continuously improve processes for use across multiple detection sets and develop automated as well as machine assisted capabilities to enhance detection of anomalous behavior;
9. Document best practices using available collaboration tools and workspaces;
10. Develop and maintain SOPs and operation guides for mission functions, tools and infrastructure;
11. Develop dashboards and reports to identify threats, suspicious/anomalous activities, malware, user activity, etc;
12. Support forensic analysis and malware reverse engineering efforts to provide more effective indicators of compromise (IOC) in support of intrusion detection efforts;
13. Research and incorporate emerging threat tactics, techniques and procedures to detect new threats and threat actors.
Additionally, the incumbent must have:
Travel Required
Not required
Supervisory status
No
Promotion Potential
14
Requirements
Conditions of Employment
Please note your resume must thoroughly support your responses to the vacancy questions. Your resume is an integral part of the process for determining if you meet the basic qualifications of the position and determining if you are to be among the best qualified.
Qualifications
Applicants must meet eligibility and qualification requirements by the closing date of this announcement. Current Federal employees must meet time-in-grade requirements by the closing date of this announcement.
Individuals must have IT-related experience demonstrating each of the four competencies listed below.
1. Attention to Detail - Reviews technical and design specifications and action plans with milestones. Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Provides technical advice and consultation to top level officials. Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; and listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Assesses IT needs of customers, determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
AND
Specialized Experience: Applicants must have a minimum of one year of specialized experience equivalent to at least the GS-13 grade level in the Federal service.
For this position, specialized experience includes the following:
1. Developing, implementing, and improving IT Security principles, methods, tools in support of cyber and information security standards; 2. Implementing a Cyber Incident Response Program for an agency; 3. Partnering with or leveraging external organizations such as U.S. Cyber Command (USCYBERCOM), United States Computer Emergency Readiness Team (US-CERT), Defense Information Systems Agency (DISA); 4. Analyzing, planning, and implementing security approaches for cyber and information security technologies; and 5. Coordinating and facilitating with other IT teams to ensure federal security requirements are in place through the lifecycle of solution implementation.
PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work. You must clearly identify the duties and responsibilities in each position held and the total number of hours per week.
Education
N/A
Additional information
EEO Policy Statement Reasonable Accommodation Policy Statement Veterans Information Legal and Regulatory Guidance
How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
All applicants will be rated on the extent and quality of experience and education relevant to the duties of the position. An automated score is administered based on the on-line application process used.
There are several parts to the application process that affect the overall evaluation of your application including:
1. the core questions
2. the vacancy questions
3. supplemental documentation (e.g., DD-214, SF-50, SF-15, transcripts), if applicable; and
4. your resume.
Applicants will be rated ineligible, if they do not respond to job specific questions provide supplemental documents and submit resume. For more information, please click on Rating Process
You will be evaluated for this position on the following Knowledge, Skills, Abilities and Other characteristics (KSAOs):
IT /Security Knowledge/Experience. IT Policy and Guidelines. Oral Communications. Written Communications. Customer Service.
Applicants will be rated ineligible, if they do not respond to job specific questions, provide supplemental documents and submit resume. For more information, please click on Rating Process.
To preview questions please click here .
Background checks and security clearance
Security clearance
Top Secret
Drug test required
Yes
Position sensitivity and risk
Special-Sensitive (SS)/High Risk
Trust determination process
Credentialing , Suitability/Fitness , National security
Required Documents
**ALL SUPPLEMENTAL DOCUMENTS MUST BE RECEIVED IN THE FCC'S HUMAN RESOURCES OFFICE BY THE CLOSING DATE OF THIS ANNOUNCEMENT. ONCE YOU APPLY TO THIS VACANCY YOU WILL BE PROMPTED BY THE SYSTEM TO EITHER UPLOAD DOCUMENTS OR PRINT FAX COVERSHEETS. THE FAX NUMBER WILL BE LISTED ON THIS SHEET. IF FAXING, ALL DOCUMENTS REQUIRED SHOULD BE FAXED SEPARATELY ON THE FAX COVER SHEET PROVIDED. ONCE FAXED, YOU SHOULD RECEIVE AN EMAIL CONFIRMATION WITHIN AN HOUR. IF YOU DO NOT RECEIVE AN EMAIL CONFIRMATION, YOUR FAX HAS NOT BEEN SUCCESSFULLY RECEIVED AND YOU SHOULD FAX AGAIN.
IF YOU ARE UNABLE TO FAX THE REQUIRED DOCUMENTATION, CONTACT THE HUMAN RESOURCES OFFICE AT 202-418-0130 PRIOR TO THE CLOSING DATE OF THIS ANNOUNCEMENT.***
Hardcopy Supplement Documents Required:
Current Federal employees should submit a copy of their most recent annual performance appraisal;
Veterans must submit a legible copy of form DD-214, "Certificate of Release or Discharge from Active Duty," or an SF-15, Application for 10-Point Veterans' Preference, plus the proof
required by that form. Please refer to OPM's VetGuide for further information about veterans' preference at http://www.opm/veterans/html/vetguide or click on VetGuide
If you are relying on your education to meet qualification requirements:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
Summary
This position is located in the Office of the Managing Director, FCC IT, Information Resiliency, Washington DC
Relocation expenses will not be paid.
Learn more about this agency
Responsibilities
The Incumbent serves as the FCC Incident Response Manager and as an IT security technical authority with responsibility for: (a) conducting and/or leading FCC security Technical projects and reviews in FCC bureaus/Offices; (b) facilitating the engineering of mechanisms used to defend FCC networks from external threats which involve developing, delivering, and maintaining FCC systems and networks; (c) participating with the Chief Information Security Officer (CISO) in identifying, developing, assessing and reporting Federal Information Security Management Act (FISMA) compliant security policies, processes, standards and practices. He/she reports directly to the Chief Information Security Officer.
As a recognized expert in the field of information technology security, the incumbent provides authoritative guidance to FCC's IT security programs, which involves: (a) developing long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities; (b) leading the implementation of security programs designed to anticipate, assess, and minimize system vulnerabilities, threats as well as the application of new technologies; and (c) isolating and defining complex issues; and (d) resolving critical problems.
The incumbent will be responsible for the following tasks:
1. Developing, implementing, and improving IT Security principles, methods, tools in support of cyber and information security standards;
2. Implementing a Cyber Incident Response Program for an agency;
3. Partnering with or leveraging external organizations such as U.S. Cyber Command (USCYBERCOM), United States Computer Emergency Readiness Team (US-CERT), Defense Information Systems Agency (DISA);
4. Analyzing, planning, and implementing security approaches for cyber and information security technologies;
5. Coordinating and facilitating with other IT teams to ensure federal security requirements are in place through the lifecycle of solution implementation;
6. Providing subject matter expertise in support of day to day SOC intrusion detection and incident response activities to ascertain extent of compromise and residual threat;
7. Identifying threat actor groups and their techniques, tools and processes;
8. Continuously improve processes for use across multiple detection sets and develop automated as well as machine assisted capabilities to enhance detection of anomalous behavior;
9. Document best practices using available collaboration tools and workspaces;
10. Develop and maintain SOPs and operation guides for mission functions, tools and infrastructure;
11. Develop dashboards and reports to identify threats, suspicious/anomalous activities, malware, user activity, etc;
12. Support forensic analysis and malware reverse engineering efforts to provide more effective indicators of compromise (IOC) in support of intrusion detection efforts;
13. Research and incorporate emerging threat tactics, techniques and procedures to detect new threats and threat actors.
Additionally, the incumbent must have:
- Knowledge of the NCCIC National Cyber Incident Scoring System to be able to prioritize triaging of incidents
- Knowledge of Federal regulations such as NIST/FISMA and OMB/DHS guidance.
- Experience in recognizing and categorizing types of vulnerabilities and associated attacks
- Knowledge of basic system administration and operating system hardening techniques
- Experience performing US-CERT or DHS incident triage to include determining scope, urgency, and potential impact; identify the specific vulnerability and make recommendations that enable expeditious remediation
- Cyber operations management experience and responsibility leading cyber programs for government and/or commercial customers
- Knowledge of Cyber Operations including Incident Response and threat Hunting
Travel Required
Not required
Supervisory status
No
Promotion Potential
14
Requirements
Conditions of Employment
- US Citizenship.
- Suitable for employment as determined by a background investigation.
- Must submit a financial disclosure statement upon assuming the position.
- Serve a probationary period of one year, if applicable.
- Males born after 12/31/59 must be registered with Selective Service.
- Drug Testing Required
Please note your resume must thoroughly support your responses to the vacancy questions. Your resume is an integral part of the process for determining if you meet the basic qualifications of the position and determining if you are to be among the best qualified.
Qualifications
Applicants must meet eligibility and qualification requirements by the closing date of this announcement. Current Federal employees must meet time-in-grade requirements by the closing date of this announcement.
Individuals must have IT-related experience demonstrating each of the four competencies listed below.
1. Attention to Detail - Reviews technical and design specifications and action plans with milestones. Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Provides technical advice and consultation to top level officials. Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; and listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Assesses IT needs of customers, determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
AND
Specialized Experience: Applicants must have a minimum of one year of specialized experience equivalent to at least the GS-13 grade level in the Federal service.
For this position, specialized experience includes the following:
1. Developing, implementing, and improving IT Security principles, methods, tools in support of cyber and information security standards; 2. Implementing a Cyber Incident Response Program for an agency; 3. Partnering with or leveraging external organizations such as U.S. Cyber Command (USCYBERCOM), United States Computer Emergency Readiness Team (US-CERT), Defense Information Systems Agency (DISA); 4. Analyzing, planning, and implementing security approaches for cyber and information security technologies; and 5. Coordinating and facilitating with other IT teams to ensure federal security requirements are in place through the lifecycle of solution implementation.
PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work. You must clearly identify the duties and responsibilities in each position held and the total number of hours per week.
Education
N/A
Additional information
EEO Policy Statement Reasonable Accommodation Policy Statement Veterans Information Legal and Regulatory Guidance
How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
All applicants will be rated on the extent and quality of experience and education relevant to the duties of the position. An automated score is administered based on the on-line application process used.
There are several parts to the application process that affect the overall evaluation of your application including:
1. the core questions
2. the vacancy questions
3. supplemental documentation (e.g., DD-214, SF-50, SF-15, transcripts), if applicable; and
4. your resume.
Applicants will be rated ineligible, if they do not respond to job specific questions provide supplemental documents and submit resume. For more information, please click on Rating Process
You will be evaluated for this position on the following Knowledge, Skills, Abilities and Other characteristics (KSAOs):
Applicants will be rated ineligible, if they do not respond to job specific questions, provide supplemental documents and submit resume. For more information, please click on Rating Process.
To preview questions please click here .
Background checks and security clearance
Security clearance
Top Secret
Drug test required
Yes
Position sensitivity and risk
Special-Sensitive (SS)/High Risk
Trust determination process
Credentialing , Suitability/Fitness , National security
Required Documents
**ALL SUPPLEMENTAL DOCUMENTS MUST BE RECEIVED IN THE FCC'S HUMAN RESOURCES OFFICE BY THE CLOSING DATE OF THIS ANNOUNCEMENT. ONCE YOU APPLY TO THIS VACANCY YOU WILL BE PROMPTED BY THE SYSTEM TO EITHER UPLOAD DOCUMENTS OR PRINT FAX COVERSHEETS. THE FAX NUMBER WILL BE LISTED ON THIS SHEET. IF FAXING, ALL DOCUMENTS REQUIRED SHOULD BE FAXED SEPARATELY ON THE FAX COVER SHEET PROVIDED. ONCE FAXED, YOU SHOULD RECEIVE AN EMAIL CONFIRMATION WITHIN AN HOUR. IF YOU DO NOT RECEIVE AN EMAIL CONFIRMATION, YOUR FAX HAS NOT BEEN SUCCESSFULLY RECEIVED AND YOU SHOULD FAX AGAIN.
IF YOU ARE UNABLE TO FAX THE REQUIRED DOCUMENTATION, CONTACT THE HUMAN RESOURCES OFFICE AT 202-418-0130 PRIOR TO THE CLOSING DATE OF THIS ANNOUNCEMENT.***
Hardcopy Supplement Documents Required:
Current Federal employees should submit a copy of their most recent annual performance appraisal;
Veterans must submit a legible copy of form DD-214, "Certificate of Release or Discharge from Active Duty," or an SF-15, Application for 10-Point Veterans' Preference, plus the proof
required by that form. Please refer to OPM's VetGuide for further information about veterans' preference at http://www.opm/veterans/html/vetguide or click on VetGuide
If you are relying on your education to meet qualification requirements:
Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert