Duties

Summary

JOB DESCRIPTION: Cybersecurity Service Providers protect, monitor, analyze, detect, and respond to unauthorized activity associated with NGA computer networks. They collect information and data to identify, analyze, and report events and incidents that may impact the network. They respond to crises or urgent situations and support the mitigation of immediate and potential threats. They also perform audit assessmen

Learn more about this agency

Responsibilities

ADDITIONAL INFORMATION: The National Geospatial-Intelligence Agency (NGA) serves as the world leader in providing timely, relevant, accurate and actionable geospatial intelligence (GEOINT). NGA's civilian, military and contract personnel evaluate imagery, maps, charts, multiple layers of foundation data - such as terrain, elevation and gravity - and the full spectrum of visible and invisible light in order to help users visualize what is happening at a particular place and time. Our intelligence officers go beyond describing 'what, where and when' to revealing 'how and why.' our work enables decision advantage for our policymakers, warfighters, intelligence professionals and first responders. NGA uses a flexible, high mobility career model. Individuals are hired for their overall skills within a specialty such as Cybersecurity Service Provider, and then placed in various positions throughout the agency once they complete the clearance process. Although currently advertised as a supervisory, permanent, telework-eligible job posting with occasional travel, it is unknown which specific positions will be available after applicants complete the selection and clearance process. Because of this, aspects of the job such as travel, supervisory, telework, etc may change, depending on specific positions available at that time. It is also possible that applicants could be hired into a position with specific aspects and then change positions after serving for a period of time in that assignment. Applicants who have completed the clearance process receive final documentation about the nature of the specific position before they make the final commitment to join NGA.

The Vulnerability Technician position under the Cybersecurity Management Officer work role resides within CIO-T and IT Services Directorate, TS, Cybersecurity Office, TST, Information Technology and Monitoring Division. This position is responsible for conducting assessments of threats and vulnerabilities; determining deviations from acceptable configurations, enterprise or local policy, assessing the level of risk, and developing and/or recommending appropriate mitigation countermeasures in operational and nonoperational situations. The VM technician ensures Information Technology (IT) cyber security vulnerabilities are effectively executed in order to mitigate and prevent attacks against NGA Information Technology Services. Vulnerability Technicians conduct comprehensive assessments and continuous monitoring of operational and technical controls levied against or inherited by an information system (IS) to determine the overall effectiveness of the controls. These officers recognize potential security violations, report incidents, in an attempt to mitigate any adverse impact. Technicians execute daily work for the IAVA function, collaborate on day to day activities with government and contractor staff, ensuring Workflow Diagrams, Standard Operating Procedures, Work Instructions, appropriate policies and documents are developed and remain current. Communicate issues/concerns to the applicable program managers and senior executives.

1. Coordinate computer security incident response activities against threats to include, but not be limited to: viruses, worms, Trojan horses, other malicious code, system security breaches, and cyber-terrorist attacks.
2. Inform the Intelligence Community (IC) of priority intelligence requirements (PIR) and indications and warning requirements for potential attacks against DoD information systems and computer networks.
3. Provide DoD-wide situational awareness and attack sensing and warning through fusion, analysis and coordinated information flows.

Additional Application Requirement: You may be asked to complete one or more assessments in addition to the application you submit on this website as part of your application to NGA. These assessments may include but are not limited to:
1) Online questionnaires or assessments that require you to describe your job-related knowledge, skills(U) , abilities, or other characteristics that are aligned with the mandatory and desirable qualifications of this job posting. The information you provide in the application you submit must support the response you provide to this questionnaire.
You will receive an email to describe any additional assessments required. Please monitor your emails and complete any required assessments as soon as possible.

Travel Required

Occasional travel - Occasional Travel Required

Supervisory status
No

Promotion Potential
PB3

Requirements

Conditions of Employment

• US Citizenship is required.
• Designated or Random Drug Testing required.
• Security Investigation

SPECIAL INFO:
As a condition of employment at NGA, persons being considered for employment must meet NGA fitness for employment standards.

- U.S. Citizenship Required

- Security Clearance (Top Secret/Sensitive Compartmented Information)

- Polygraph Test Required

- Position Subject to Drug Testing

- Two Year Probationary Period

- Direct Deposit Required

SPECIAL REQUIREMENTS:
You must be able to obtain and retain a Top Secret security clearance with access to Sensitive Compartmented Information. In addition, you are subject to a Counterintelligence Polygraph examination in order to maintain access to Top Secret information. All employees are subject to a periodic examination on a random basis in order to determine continued eligibility. Refusal to take the examination may result in denial of access to Top Secret information, SAP, and/or unescorted access to SCIFs.

Employees with SCI access and who are under NGA cognizance are required to submit a Security Financial Disclosure Report, SF-714, on an annual basis in order to determine continued eligibility. Failure to comply may negatively impact continued access to Top Secret information, Information Systems, SAP, and/or unescorted access to SCIFs.

NGA utilizes all processes and procedures of the Defense Civilian Intelligence Personnel System (DCIPS). Non-executive NGA employees are assigned to five distinct pay bands based on the type and scope of work performed. The employee's base salary is established within their assigned pay band based on their unique qualifications. A performance pay process is conducted each year to determine a potential base pay salary increase and/or bonus. An employee's annual performance evaluation is a key factor in the performance pay process. Employees on term or temporary appointments are not eligible to apply for internal assignment opportunity notices.

This position is a DCIPS position in the Excepted Service under 10 U.S.C. 1601. DoD Components with DCIPS positions apply Veterans' Preference to preference eligible candidates as defined by Section 2108 of Title 5 USC, in accordance with the procedures provided in DoD Instruction 1400.25, Volume 2005, DCIPS Employment and Placement. If you are an external applicant claiming veterans' preference, as defined by Section 2108 of Title 5 U.S.C., you must self-identify your eligibility in our ERecruit application.

Qualifications

MANDATORY QUALIFICATION CRITERIA: For this particular job, applicants must meet all competencies reflected under the Mandatory Qualification Criteria to include education (if required). Online resumes must demonstrate qualification by providing specific examples and associated results, in response to the announcement's mandatory criteria specified in this vacancy announcement:

1. Demonstrated experience with developing and/or applying cybersecurity principles, policies, practices, standards, or controls Security Controls
2. Ability to conduct analysis to determine unauthorized activity; elevates issue to appropriate stakeholders.
3. Demonstrated experience with managing routine projects, allocating tasks and coordinating resources to ensure that projects are completed within defined constraints.
4. Demonstrated ability to comprehensively identify, quantify, qualify and estimate the degree of vulnerabilities.

EDUCATION REQUIREMENT: A. Education: Bachelor's degree from an accredited college or university in Computer Information Systems, Computer Science, Cybersecurity, Electrical Engineering, Information Assurance, Information Science, Information Systems, Information Systems Management, Information Technology, Mathematics, Operations Research, Physics, Statistics, Technology Management, or degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks. -OR- B. Combination of Education and Experience: A minimum of 24 semester (36 quarter) hours of coursework in any area listed in option A, plus experience in cyber-analytics, computer forensics, incident response, or a related area that demonstrates the ability to successfully perform the duties associated with this work. As a rule, every 30 semester (45 quarter) hours of coursework is equivalent to one year of experience. Candidates should show that their combination of education and experience totals 4 years. -OR- C. Experience: A minimum of 4 years of experience in cyber-analytics, computer forensics, incident response, or a related area that demonstrates the ability to successfully perform the duties associated with this work. -AND- LICENSES/CERTIFICATIONS: Computer Network Defense Service Provider certifications (e.g., CND-A, CND-IS, CND-IR, CND-AU) and Information Assurance Management (IAM) or Information Assurance Technical (IAT) Level 1 certification must be obtained within 6 months. -AND- Relevant Competencies: IT-related experience demonstrating each of the four competencies: Attention to Detail, Customer Service, Oral Communication, and Problem Solving.

DESIRABLE QUALIFICATION CRITERIA: In addition to the mandatory qualifications, experience in the following is desired:

1. Knowledge of Vulnerability Disclosure Program (VDP), Knowledge of Cybersecurity Information Assurance Vulnerability Management (IAVM) Compliance Knowledge Cybersecurity.

Education

Additional information

How You Will Be Evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Applicants are not required to submit a cover letter. The entire cover letter cannot exceed the specified limits provided in the Cover Letter field (3,000 characters). Pages exceeding this limit will not be considered. THE COVER LETTER IS RECOMMENDED BUT IS NOT REQUIRED FOR EMPLOYMENT CONSIDERATION WITH THE NATIONAL GEOSPATIAL-INTELLIGENCE AGENCY.

APPLICANT EVALUATION PROCESS: Applicants will be evaluated for this job opportunity in three stages:

1) All applicants will be evaluated using the Mandatory Qualification Criteria,
2) Qualified applicants will then be evaluated by an expert or panel of experts using a combination of qualification criteria to determine the best-qualified candidates,
3) Best-qualified applicants may then be further evaluated through an interview process.

Military retiree applicants, if selected, may be impacted by the 180-day appointment restrictions of DODI 1402.01. HD personnel will provide additional information if applicable.

Applicants are encouraged to carefully review the Assignment Description, Additional Information Provided By the Selecting Official, and the Qualification Requirements; and then construct their resumes to highlight their most relevant and significant experience and education for this job opportunity. This description should include examples that detail the level and complexity of the performed work. Applicants are encouraged to provide any education information referenced in the announcement. If education is listed as a mandatory requirement, only degrees obtained from an institution accredited by an accrediting organization recognized by the Secretary, US Department of Education will be accepted.

As a condition of employment at NGA, persons being considered for employment must meet NGA fitness for employment standards.

In accordance with section 9902(h) of title 5, United States Code, annuitants reemployed in the Department of Defense shall receive full annuity and salary upon appointment. They shall not be eligible for retirement contributions, participation in the Thrift Savings Plan, or a supplemental or redetermined annuity for the reemployment period. Discontinued service retirement annuitants (i.e., retired under section 8336(d)(1) or 8414(b)(1)(A) of title 5, United States Code) appointed to the Department of Defense may elect to be subject to retirement provisions of the new appointment as appropriate. (See DoD Instruction 1400.25, Volume 300, at http://www.dtic.mil/whs/directives.)

All candidates will be considered without regard to race, color, religion, sex, national origin, age, marital status, disability, or sexual orientation.

NGA provides reasonable accommodations to applicants with disabilities. Applications will only be accepted online. If you need a reasonable accommodation for any part of the application and hiring process, please notify us at recruitment@nga.mil. The decision on granting reasonable accommodation will be on a case-by-case basis.

Background checks and security clearance

Security clearance
Sensitive Compartmented Information

Drug test required
Yes

Required Documents

None

If you are relying on your education to meet qualification requirements:

Education must be accredited by an accrediting institution recognized by the U.S. Department of Education in order for it to be credited towards qualifications. Therefore, provide only the attendance and/or degrees from schools accredited by accrediting institutions recognized by the U.S. Department of Education .

Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.