This position is located within the IT Security Office (ITSO) of the Department of Technology Services (DTS).

Duties

The incumbent is a recognized cyber security expert with a proven record of successfully managing defensive cyber operations in a 24/7 environment. Must have a proven record of successfully leading cyber detection, response, and recovery activities at a national level, and "hands on" experience with intrusion detection and incident response. Duties include, but are not limited to the following: Maintaining deep technical awareness of all security events and situations on the 7x24 security watch floor. Rapidly distinguishes the difference between high priority and standard security events based on available data and triage procedures. Conducting security impact assessments for security events and declares security incidents based on objective criteria. Maintaining awareness of all available watch floor resource capabilities and assigns appropriate resources based on complexity and urgency of security event. Carefully coordinates the activity of those resources in the absence of clear, unambiguous data. Objectively measures and improves quality and timeliness of all security event responses. Functioning as Senior Defensive Cybersecurity SME during 24x7 operations. Requires the ability to think independent and make decisions/recommendations which will have an immediate effect on the security of judiciary networks. Not all triage procedures will be known in advance of a security event. Providing strong leadership for security watch floor. Monitors quality and provides correction and mentoring for more junior personnel on the shift. Briefs and advises senior leadership on events, potential courses of action, and ensures approved COAs are correctly implemented. Answers tactical questions from senior leadership on events and COAs.

Requirements

Qualifications

Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. Specialized Experience: Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience: working within a Computer Incident Response organization. Ability to apply cyber security related principles, theories, and concepts and investigating cybersecurity incidents and writing reports.

Education

This position does not require education to qualify.

Contacts

• Address Department of Technology Services One Columbus Circle, NE Washington, DC 20544 US
• Name: Bassin Njie
• Phone: (202) 502-2202
• Email: [email protected]