Skip to main content

This job has expired

Associate Director for Threat Hunting

Employer
USAJobs
Location
Arlington, Virginia
Closing date
Jun 18, 2021
Duties

Summary

This position is located in the Cybersecurity Division (CSD) within Cybersecurity and Infrastructure Security Agency (CISA). The Cybersecurity Division leads cybersecurity efforts for CISA as the Nation's flagship civilian cyber defense organization. The division collaborates with partners across the government and private sector to enhance the Nation's cybersecurity by sharing information, providing cybersecurity services and technical assistance, as well as through education and awareness.
Learn more about this agency

Responsibilities

The Associate Director (AD) for Threat Hunting (TH) serves as a senior CISA official. The AD for TH is responsible for developing and implementing a cohesive strategy that improves the organization's ability to fulfill its statutory cybersecurity mission. Applicants must demonstrate the ability to manage large and high-value projects, identify limitations in a complex organization, implement effective and efficient solutions, and synthesize complex strategic concepts into operational processes and procedures. The Threat Hunting mission is to identify, analyze, detect and respond to significant cyber threats to the United States by understanding cybersecurity threats, detecting malicious activity in the federal civilian executive branch, critical infrastructure, and critical partner networks, proactively hunting for malicious cyber activity and coordinating and responding to cyber incidents as the national lead for asset response under Presidential Policy Directive-41.

Specific responsibilities include:

Overseeing and leading the development, implementation and management of the TH mission and execution of the CSD strategic plan.

Communicating progress toward accomplishing the mission and reaching objectives. Present ideas and initiatives clearly and understandably. Develops methods to improve results continuously.

Developing, implementing, and managing TH input into the CSD Annual Operating Plan.

Conducting day-to-day management and oversight of all TH lines of effort and programs. This includes conducting daily analysis and situational monitoring to provide information on incidents and other events as they are detected and unfold to raise awareness and understanding better.

Overseeing the execution of the Threat Hunting ability to conduct continuous, at scale hunts across the Federal Civilian Executive Branch.

Leading sensitive, complex incident response engagements to support organizations impacted by cybersecurity intrusions.

Developing communication, negotiation, conflict resolution, leadership, and similar skills to resolve problems and make critical decisions regarding programs and mission performance issues.

Building and sustaining an effective and efficient TH organization, with appropriate performance metrics capable of supporting the CSD mission.

Participating in complex IT and communications acquisition programs. Ensure compliance with appropriate acquisition program management practices.

Deploying and operationally pilots analytical capabilities to support engagements in varied environments, including cloud, on-premises, and hybrid.

Travel Required

Occasional travel - You may be expected to travel for this position.

Supervisory status
Yes

Promotion Potential
None

Requirements

Conditions of Employment


  • You must be a U.S. citizen to apply for this position.
  • You must successfully pass a background investigation. This may include a credit check, a review of financial issues, as well as certain criminal offenses and illegal use or possession of drugs.
  • Selective Service - males born after 12/31/59 must be registered or exempt from Selective Service see http://www.sss.gov/
  • Filing of OGE 278 - Public Financial Disclosure.
  • You must be able to obtain and hold a obtain/maintain a Top Secret (SCI) clearance.
  • If selected, a one-year SES Probationary period may be required.
  • You must submit to a drug test and receive a negative test result prior to appointment to this position.
  • If you receive a conditional offer of employment for this position, you will be required to complete an Optional Form 306, Declaration for Federal Employment, and to sign and certify the accuracy of all information in your application.
  • DHS uses e-Verify, an Internet-based system, to confirm the eligibility of all newly hired employees to work in the United States. Learn more about E-Verify , including your rights and responsibilities.
  • Relocation expenses are not authorized. Other recruitment incentives may be authorized.
  • All employees are required to participate in Direct Deposit/Electronic Funds Transfer for salary payments.
  • This position may be designated as essential personnel. Essential personnel must be able to serve during continuity of operation events without regard to declarations of liberal leave or government closures due to weather, protests, and acts of terrorism or lack of funding. Failure to report for or remain in this position may result in disciplinary or adverse action in accordance with applicable laws, rules, and regulations (5 U.S.C. § 7501-7533 and 5 CFR Part 752, as applicable).


Qualifications

As a basic requirement for entry into the SES, applicants must provide detailed evidence of possession of each of the Executive Core and Technical Qualifications listed below in a supplemental statement to assist reviewing officials in determining the best qualified candidates to be referred to the selecting official. Qualification and experience determinations will be based only on the information you submit.

The application process used to recruit this position is the Traditional Method.

Executive Core Qualifications:

ECQ 1 - LEADING CHANGE:
You must have demonstrated an ability to bring about strategic change, both within and outside the organization, to meet organizational goals. Inherent to this ECQ is the ability to establish an organizational vision and to implement it in a continuously changing environment. Leadership Competencies: Creativity & Innovation, External Awareness, Flexibility, Resilience, Strategic Thinking, Vision.

ECQ 2 - LEADING PEOPLE: You must demonstrate the ability to lead people toward meeting the organization's vision, mission, and goals. Inherent to this ECQ is the ability to provide an inclusive workplace that fosters the development of others, facilitates cooperation and teamwork, and supports constructive resolution of conflicts. Leadership Competencies: Conflict Management, Leveraging Diversity, Developing Others, Team Building.

ECQ 3 - RESULTS DRIVEN: This core qualification involves the ability to meet organizational goals and customer expectations. Inherent to this ECQ is the ability to make decisions that produce high-quality results by applying technical knowledge, analyzing problems, and calculating risks. Leadership Competencies: Accountability, Customer Service, Decisiveness, Entrepreneurship, Problem Solving, Technical Credibility.

ECQ 4 - BUSINESS ACUMEN: This ECQ involves the ability to manage human, financial, and information resources strategically. Leadership Competencies: Financial Management, Human Capital Management, Technology Management.

ECQ 5 - BUILDING COALITIONS: This ECQ involves the ability to build coalitions internally and with other Federal agencies, State and local governments, nonprofit and private sector organizations, foreign governments, or international organizations to achieve common goals. Leadership Competencies: Partnering, Political Savvy, Influencing/Negotiating.

FUNDAMENTAL COMPETENCIES: The following competencies are the foundation for success in each of the Executive Core Qualifications: Interpersonal Skills, Oral Communication, Integrity/Honesty, Written Communication, Continual Learning, Public Service Motivation.

Mandatory Technical Qualifications (MTQs):

MTQ 1 :
Ability to deal effectively on complex homeland security and cybersecurity-related issues with senior officials from all branches and levels of government and with critical infrastructure owners, operators, and other stakeholders.

MTQ 2 :
Experience in directing large-scale public, private sector, and critical infrastructure technical programs focused on enabling defensive cyber operations.

Challenge Context Action Result Model
An ECQ or Mandatory Technical Qualification (MTQ) statement should include more than one examples of relevant experience.
    Challenge. Describe a specific problem or goal. Context. Talk about the individuals and groups you worked with, and/or the environment in which you worked, to tackle a particular challenge (e.g., clients, co-workers, members of Congress, shrinking budget, low morale). Action. Discuss the specific actions you took to address a challenge. Result. Give specific examples of the results of your actions. These accomplishments demonstrate the quality and effectiveness of your leadership skills.
Additional information on the Executive Core Qualifications is available at Senior Executive Service Executive Core Qualifications

Veteran's preference does not apply to the SES.

Probationary period: You will serve a one-year probationary period unless you previously completed the probationary period in the SES.

Education

There is no positive education requirement for this position.

Additional information

As a basic requirement for entry into the SES, applicants must provide evidence of progressively responsible executive leadership and supervisory experience that is indicative of senior executive level management capability and directly related to the skills and abilities outlined under Executive Core Qualifications and Mandatory Technical Qualifications listed above.

The ideal candidate will have experience supervising employees through subordinate supervisors and have experience hiring, developing, and evaluating employees. Typically, experience of this nature will have been gained at or above the GS-14/15 grade level in the federal service or its equivalent in the private sector or non-governmental organizations.

Failure to meet this basic qualification requirement and all executive and technical qualification factors automatically disqualifies an applicant. Applicants who meet all the mandatory executive and technical qualifications will be evaluated by a panel of SES members to determine the degree to which they possess each of the listed qualifications.

This evaluation will determine which applicants are best qualified. Total background, including experience, education, awards, self-development, and training will be reviewed. This information will be obtained from the application package, including the required narrative statements for the technical and Executive Core Qualifications described in this vacancy. As such, your resume should demonstrate that you have the knowledge, skills, and abilities to successfully fulfill responsibilities inherent in most SES positions such as:
  • Directing the work of an organizational unit;
  • Ensuring the success of one or more specific major programs or projects;
  • Monitoring progress toward strategic organizational goals, evaluating organizational performance and taking action to improve performance; and
  • Supervising the work of employees; and exercising important policy-making, policy determining, or other executive functions.
  • If your resume does not include these basic qualifications, you will not be determined qualified for this position.
We recommend that your resume addressing the ECQs include examples that are clear, concise, and emphasize their level of responsibilities, the scope and complexity of the programs, activities, or services managed; program accomplishments; policy initiatives undertaken; level of contacts; the sensitivity and criticality of the issues addressed; and the results of actions taken.

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

You will be evaluated for this job based on how well you meet the qualifications above. Your application will be evaluated to determine if you meet the minimum qualification requirements for this position. A panel will be convened to determine "best qualified" candidates. The rating and ranking will be based upon consideration of the degree to which you meet the Executive Core Qualifications, and Mandatory Technical Qualifications. Interviews and qualifications inquiries may be required.

Background checks and security clearance

Security clearance
Sensitive Compartmented Information

Drug test required
Yes

Position sensitivity and risk
Special-Sensitive (SS)/High Risk

Trust determination process
National security

Required Documents

1. REQUIRED Your resume - it must contain information sufficient to make a valid determination that you fully meet the specialized experience requirements as stated in this vacancy announcement. Insufficient information will result in a not qualified rating. It is recommended that you include the following information:
  • Full name, mailing address, and day and evening telephone numbers
  • Educational information, including the name, city and state of colleges or universities you attended, as well as the type and year of any degrees received
  • Information about your paid and nonpaid work experience related to this position including:
    • Job title (include series and grade if Federal job)
    • Duties and accomplishments
    • Employer's name and address
    • Supervisor's name and phone number
    • Starting and ending dates of employment (month and year)
    • Salary
    • Indicate if we may contact your current supervisor
    • Information about honors, awards, and special accomplishments
2. REQUIRED two separate documents: (1). A narrative statement addressing each of the Executive Core Qualifications (ECQ), and (2). Narrative statement addressing the Mandatory Technical Qualifications (MTQs). Each ECQ and each technical qualification must be addressed separately. The narrative addressing ECQ's must follow the format provided at Guide To Senior Executive Service Qualifications (Adobe Acrobat required). MTQs narrative statements must not exceed 2 pages for each individual technical qualification(s). Your entire ECQ package (i.e., all five ECQ's narrative statements) may not exceed 10 pages in its totality. Two pages per ECQ is desired. IF YOU EXCEED THESE LIMITS, YOU WILL NOT BE CONSIDERED.

OR

If you are a graduate of an approved SES Candidate Development Program, you must include a copy of the OPM certification of eligibility and a narrative statement addressing only the mandatory technical qualifications.

OR

If you are a current or former career SES member, you must submit documentation of your SES status (i.e., SF-50 appointing you into the SES) and a narrative statement addressing only the mandatory technical qualifications.

3. REQUIRED If you are a current Federal employee, a copy of a recent SF-50, Notification of Personnel Action, that indicates Federal status, grade, tenure, and type of service. Please remove your social security number and date of birth.

The following categories of applicants MUST address the Mandatory Technical Qualification factors. These Categories include:
  • Applicants who are currently serving under a SES career appointment (must provide a copy of Standard Form 50-Notification of Personnel Action that documents career appointment to the SES), or
  • Applicants who are eligible for reinstatement to the SES (must provide a copy of Standard Form 50-Notification of Personnel Action that documents career appointment to the SES), or
  • Applicants who are graduates of OPM-approved SES Candidate Development Programs (must provide proof of OPM Qualifications Review Board certification).

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert