This position is located in the Department of Technology Services (DTS), Information Technology Security Office (ITSO), Security Operations Division (SOD).

Duties

The incumbent is a recognized cyber security expert with a proven record of successfully managing tier 3 level support to defensive cyber operations in a 24/7 environment. Must have a proven record of successfully leading digital forensics threat hunting at a national level, and extensive experience managing, developing, and mentoring federal and contract personnel conducting defensive cyber operations. Duties include, but are not limited to, the following: Serving as the branch chief for Threat Hunt and partnering with ITSO and Security Operations leadership to build and maintain the threat hunt roadmap and branch budget. Providing thought leadership in threat actor techniques, tactics, and procedures (TTPs) for the threat hunt team. Planning, scoping, and monitoring threat hunt operations based on data sets and knowledge of the judiciary's environment (cloud and on-prem). Briefing the status, results, and implications of threat hunt operations to ITSO leadership and other stakeholders on a regular cadence. Recruiting, mentoring, supervising, and developing threat hunt engineers. Developing and maintaining annual performance objectives for threat hunt engineers. Developing contract quality and management standards as a contracting officer's representative (COR) for contracts within the branch. Serving as the Contracting Officer's Representative (COR) for relevant software and service contracts. Monitoring and driving proactive threat detection development derived from threat research and hunt operations. Liaising with threat intel and vulnerability management teams to develop threat hunt hypotheses. Developing standard operating procedures and reporting templates for threat hunt operations. Producing and reviewing weekly, monthly, and ad-hoc reporting. Developing Key Performance Indicators (KPIs) for the threat hunt branch. Maintaining awareness and knowledge of ongoing operational security incidents, utilizing the information to build more comprehensive threat models and threat hunt hypotheses. Fostering collaboration and promoting technical excellence. Developing work force development plans. Coordinating an on-call rotation, if required. Developing and maintaining a prioritized backlog of threat hunt hypothesis to be used for structured threat hunts.

Requirements

Qualifications

Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. Specialized Experience: Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience as a lead or manager performing threat hunt operations.

Education

This position does not require education to qualify.

Contacts

• Address Department of Technology Services One Columbus Circle, NE Washington, DC 20544 US
• Name: Kymberli Camber
• Phone: (210) 301-6303
• Email: [email protected]