The Office of Inspector General (OIG), works within the U. S. Department of Transportation (DOT) to promote efficiency and effectiveness, and prevent or stop waste, fraud and abuse in departmental programs. We do this through audits and investigations. OIG also consults with the Congress about programs in progress and proposed new laws and regulations. The Inspector General Act of 1978 gives the Office of Inspector General autonomy to do its work without interference. 

Duties

As a Supervisory Information Technology Specialist (INFOSEC)/Senior Red Team Operator you will:

Requirements

• Must be a U.S. Citizen.
• Submit application and resume online by 11:59 P.M. EST on the closing date.
• This position is subject to a background investigation.
• This position requires a secret clearance.

Qualifications

To be eligible, applicants must meet the basic education and/or experience requirements below. Specialized Experience GS-14: To qualify, you must have at least one year of specialized experience equivalent to the GS-13 grade level in the federal service including: expert knowledge of wide range of IT concepts, theory, computer methods and procedures; expert knowledge applying cyber- security and information security principles and concepts sufficient to plan, coordinate, and assess IT security operations and the security of data, networks, systems and applications; providing technical advice and guidance regarding IT security issues; conducting penetration testing, red teaming, audits and/or assessments of IT programs; conducting interviews with officials; conducting comprehensive analysis and studies requiring the application of complex analytical and statistical methods and techniques; and preparing audit assessment reports. And Experience Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate GS-5 through GS-15 (or equivalent): For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Preferred Qualifications: 5+ years of security testing experience (red teaming, cloud security, application security, or network security) One or more of the following industry certifications: OSCP, OSWA, OSWP, OSWE, OSEP, OSED, GPEN, GCPN, GWAPT, GMOB, GAWN, GXPN, eWPT, eCPPT, eMAPT, PNPT Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, blogs, publications, etc Experience with server administration, TCP/IP networking, vulnerability identification and exploitation, vulnerability exploit code development, offensive security operation coordination and communication, vulnerability tracking and remediation, mobile testing Familiarity with various programming languages such as Python, C, Ruby, ASM are a plus Experience with cloud-based environments (GCP, Azure, AWS, etc.) Experience with common testing frameworks, such as the MITRE ATT&CK framework Experience with NIST 800-53 rev 5, NIST 800-115 Qualifications must be met by the closing date of the announcements. 

Contacts

• Address DOT, OFFICE OF THE INSPECTOR GENERAL 1200 New Jersey Ave SE West Building, Room W71-123 Washington, District of Columbia 20590 United States
• Name: Davitta Kauffman
• Phone: 202-366-1490
• Email: [email protected]