The primary purpose of this position is to serve as an experienced, Senior-skill-level defensive cyberspace operations technical expert and Cyberspace Protection Team (CPT) Mission Element crew member supporting tasked Service, Combatant Command and National Agency partners. 67th Cyberspace Operations Wing (67 CW), 567th Cyberspace Operations Group (567 COG), 836th Cyberspace Operations Squadron (836 COS), Operations Officer (CYO), Joint Base San Antonio- Lackland, AFB.

Duties

Serves as a functional expert, and/or team member at the Senior experience level on a CPT conducting cyber defense analysis and security investigations on complex networks and system architectures. Applies expert knowledge and experience, conducting difficult and complex analysis using a variety of cyber defense tools (e.g., IDS alerts, firewall logs, proxy logs), network packet capture, and host system information in order to discover and mitigate threats or malicious activity. Serves as a functional expert, and/or team member at the Senior experience level conducting penetration testing and assessments of mission partner defense capabilities on complex networks and system architectures. Serves as a functional expert, and/or team member at the Senior experience level conducting missions to detect and remove unauthorized, malicious, or adversary presence from operational systems, networks, or enclaves in order to ensure reliability and availability of mission critical capabilities. Serves as a functional expert, and/or team member preparing mission documentation in accordance with DoD, Air Force, CYBERCOM, CCMD, 24 AF, and local standards.

Requirements

• U.S. Citizenship Required
• All new DCIPS employees are required to complete a two-year DCIPS trial period.
• Position is designated special-sensitive and requires eligibility for access to Sensitive Compartmented Information (SCI), other intelligence-related Special Sensitive information.
• Involvement in Top Secret Special Access Programs (SAP) to fully perform the duties and responsibilities of the position. A non-disclosure agreement must be signed.
• This posn is subject to provisions of the DoD Priority Placement Program. Must be registered for Selective Service, see Legal and Regulatory Guide
• The employee may be required to work other than normal duty hours, which may include evenings, weekends, and/or holidays.
• If authorized, PCS will be paid IAW JTR and AF Regulations. If receiving an authorized PCS, you may be subject to completing/signing a CONUS agreement. More information on PCS requirements, may be found at: https://afciviliancareers.com/regulatory/
• This position has been designated by the Air Force as a Testing Designated Position (TDP) under the Air Force Civilian Drug Demand Reduction Program. Employee must pass initial and periodic short notice drug testing.
• Illegal drug use by employees in sensitive positions presents a clear threat to the mission of the Air Force, national security, and public safety.
• The employee may be required to travel to CONUS and OCONUS locations, to include austere locations. Notice of the need to travel may be received in less than three days.
• Travel may be frequent and/or may be for long periods lasting 6 months or more and may be to austere locations: Employee may be required to travel on military and commercial aircraft.
• Direct Deposit: All federal employees are required to have direct deposit. Advance in hire may be authorized if there is demonstrable proof provided on your resume. Leave accrual may be authorized upon request.
• The work may require the employee to drive a motor vehicle. A valid driver’s license is required for the position.
• Training required/provided for this position may be 80 hours or longer in duration and may require that the employee sign Continuing Service Agreement to attend the course.
• For all IQT, MQT or training required for position-related certification/readiness or continuing education, the employee must accept the CSA as a condition of employment.
• Current CPT Combat Mission Ready (CMR) individuals, regardless of civilian series are considered qualified to serve under this PD as long as the member has met other conditions of employment and civilian grade requirements.
• A signed memo from the 567 COG Group Commander stating the member is CMR along with IQT, MQT and CMR dates is sufficient documentation to meet this requirement.
• This position is designated as a key position IAW AFI 36-507. Duties of this position are essential to the accomplishment of wartime/contingency operations.
• Incumbents of key positions must be removed from their military recall status if alternative for filling of the position during an emergency are not available.
• This is a Mission-Essential position performing a Mission-Critical-Function which must continue uninterrupted after the occurrence of an emergency and continued through full resumption of all functions. Ref: AFI36-129, dated 17 May 2019

Qualifications

This is a GG-13 position in the Defense Civilian Intelligence Personnel System (DCIPS). The GG-13 duties for the "Professional" work category are at the "Full Performance" work level and are equivalent to those at the GS-13 level. The selectee's salary will be set within the grade equivalent to a GS/GG grade based on the selectee's qualifications in relation to the job. In order to qualify, you must meet the quality experience requirements described in the Office of Personnel Management (OPM) Qualification Standards for General Schedule Positions, Information Technology (IT) Management Series, 2210 (Alternative A). NOTE: You must meet both the Basic Qualifications and Specialized Experience requirements stated below: BASIC REQUIREMENTS:For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. NOTE: IN ADDITION TO MEETING THE BASIC REQUIREMENTS ABOVE APPLICANT MUST ALSO MEET THE QUALIFICATION REQUIREMENTS LISTED BELOW. EXPERIENCE REQUIRED: Your resume must reflect the quality level of experience which demonstrates the possession of the knowledge, skills, abilities, and competencies necessary for successful job performance required for this position. Examples of creditable experience include: Broad knowledge of IA and MA technologies such as COMSEC, COMPUSEC, EMSEC, and OPSEC, computer systems, digital communications systems, network protocols, and computer architectures; and computer security penetration tools and techniques. Knowledge and skill in applying analytical and evaluative methods and techniques to issues or studies concerning the efficiency and effectiveness of program operations. Knowledge of pertinent laws, regulations, policies, and precedents, which affect the use of program and related support resources in information protection. Note: Creditable experience may include previous military experience, experience gained in the private sector, or experience gained in another government agency. KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas: 1. Advanced knowledge of and skill in application of the concepts, and practices in two or more of the following areas: cyberspace security, computer programming, networking, computer operating systems (Windows, UNIX), malware forensics; threat analysis, operations research, artificial intelligence/machine learning; cyber incident handling and response, penetration testing, software/malware reverse engineering. the application of Information Assurance (IA), Mission Assurance (MA) and threat hunting technologies and techniques, analysis of computer systems, operating systems, network communication protocols, computer and network architectures and virtual machine (VM) technology; ability to analyze and correlate data in order to distinguish evidence of attacks or intrusions from normal activity. 2. Advanced knowledge of IA and MA technologies such as COMSEC, COMPUSEC, EMSEC, and OPSEC, computer systems, digital communications systems, network protocols, and computer architectures; and computer security penetration tools and techniques. Extensive knowledge and skill in one or more of the following areas: (a)computer operating systems (Unix, Windows, etc.) enterprise services, file systems, security, configuration and analysis; (2) network operations and security including netflows, protocols, PCAP, etc.; (3) computer programming and scripting; (4) malware identification and analysis; (5) system forensics. 3. Advanced knowledge and skill in identifying, analyzing, articulating and executing program goals and objectives, work processes, and administrative operations of the organization in support of major issues and operational challenges. 4. Skill in developing new or modified work methods, processes, or information protection procedures; and ability to develop and articulate technical direction and approaches to formulating interoperability plans, implementation plans, and contingency plans involving communications and connectivity between major command and control systems; proficiency in applying analytical and evaluative methods and techniques to issues or studies concerning the efficiency and effectiveness of program operations. 5. Ability to clearly and effectively discuss and present program objectives, managerial tasks, and technical information verbally and in writing to management and professional personnel at all levels within DoD and other government agencies within timelines prescribed by regulation or management. 6. Ability to effectively perform in both leadership and followership roles as part of teams comprised of military, federal civilian, and contract employees from within and outside of the employee's work center and unit. This includes effective interpersonal skills, as well as the ability to plan, organize work, and consult effectively with co-workers, as well as the ability to recognize and assume informal leadership and followership roles as appropriate to the team tasking and dynamics. PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work. You must clearly identify the duties and responsibilities in each position held and the total number of hours per week. VOLUNTEER WORK EXPERIENCE: Refers to paid and unpaid experience, including volunteer work done through National Service Programs (i.e., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student and social). Volunteer work helps build critical competencies, knowledge and skills that can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. CON'T OF CONDITIONS OF EMPLOYMENT: This position is covered by the Domestic Violence Misdemeanor Amendment (30 Sep 96) of the Gun Control Act (Lautenberg Amendment) of 1968. An individual convicted of a qualifying crime of domestic violence may not perform the duties of this position.

Education

CON'T OF CONDITIONS OF EMPLOYMENT:

Information Assurance Certification is a condition of employment. This position includes information assurance (IA) work as a paramount duty requirement. IA Technician Level III is required IAW the USCYBERCOM CPT JQR for this position (Cyber Threat Analyst, Host Analyst, Network Analyst). Per DOD 8570.01-M, the incumbent of this position must achieve the appropriate IA certification within six months of assignment of these duties. The point at which a member is deemed "assigned these duties" coincides with completion of requisite Initial Qualifications and Special Skills Training, but must be completed before being Combat Mission Ready (CMR) as IAT-III is a required for CMR. Failure to receive the proper IA certification, and/or CMR within 18 months of assignment may result in removal from this position and/or termination of employment.

Duty Standards are derived from USCYBERCOM's CPT 2.0 Crew Construct. Supervisors will use the CPT crew work role JQR to develop position specific duty standards that align with the duties defined in this PD. While there are variances in the technical duties of the Network Analyst, Host Analyst, and Cyber Threat Analyst crew positions, they leverage their role-specific technical expertise/specialties to perform the same duties under this PD. For positions assigned to the National CPTs, the Network Analyst, Host Analyst and Cyber Threat Analyst crew position titles may vary in title, but are equivalent. This PD applies to all CPTs regardless of Service, COCOM, or National mission partner alignment.

The primary difference between the 12 and 13 level positions are the required experience and knowledge. The 12 position loosely aligns with the CMF experience model definition of "Basic" while the 13 position aligns more closely with the "Senior" level experienced crew member qualification. This does not mean that an individual who attains the crew qualification of Senior is promoted to a 13 position or that the 12 position is converted to a 13 position. The Basic, Senior and Master experience designations align with the base-line experience required of an individual occupying a specific position on the crew UMD. The crew rating of Basic, Senior and Master reflects and individual's experience attained which can be more than is required of the actual PD they occupy. PD is based on mission needs; the experience rating is a reflection of an individual's technical experience.

A pre-employment physical examination is required and a condition of employment. Selectee must meet requirements specified on SF 78, Certificate of Medical Examination for position at overseas/deployed locations due to the following. The duties of this position require moderate physical exertion involving walking and standing, possible use of firearms, and exposure to inclement weather. Due to travel requirements, individual must be capable
of lifting and carrying a suitcase/transit case weighing a minimum of 50 lbs. unassisted. Manual dexterity with comparatively free motion of finger, wrist, elbow, shoulder, hip, and knee joints is required. Arms, hands, legs, and feet must be sufficiently intact and functioning in order that applicants may perform the duties satisfactorily. Sufficiently good vision in each eye, with or without correction, is required to perform the duties satisfactorily. Near
vision, corrective lenses permitted, must be sufficient to read printed material the size of typewritten characters. Hearing loss, as measured by an audiometer, must not exceed 35 decibels at 1000, 2000, and 3000 Hz levels. Since the duties of these positions are exacting and responsible and involve activities under trying conditions, applicants must possess emotional and mental stability. Any physical condition that would cause the applicant to be a hazard to himself/herself or others is disqualifying. The theater commander may specify theater unique medical/physical deployability criteria. Emergency Essential/deployment related medical /dental/ psychological examinations and required immunizations are at no expense to the employee.

Compliance with Cyber Mission Force (CMF) training specified in the USCYBERCOM Cyber Mission Forces Training and Readiness Manual; and applicable higher headquarters guidance memoranda for Cyber-Crew Training, Standardization and Evaluation, and Cyberspace Operations, is a condition of employment. Depending on experience and skill levels, portions of the CMF training may require incumbent to perform an extended TDY for a period of 3 to 6 months or longer. The incumbent must achieve and maintain appropriate CMF requirements as specified in Job Qualification Record (JQR) and attain Combat Mission Ready (CMR) certification within 18 months of assignment of these duties. The 567 COG Commander may extend this period only in cases where the member is unable to achieve full Mission Readiness (MR) by the 18 month point through no fault of his/her own. Delays due to an individual's course/certification failures and an individual's failure to plan adequate time to meet all requirements cannot be waivered. The Group Commander's waiver cannot extend beyond the 30-month point. Failure to achieve and maintain CMF requirements may result in removal from this position. If an employee obtains CMR but later loses his/her certification and is unable to regain certification, or the employee repeatedly regains and subsequently loses CMR in less than three-years' time, the employee will be considered in violation of the CMR condition of employment and will be removed from this position and/or processed for termination of employment.

Contacts

• Address IC - Air Force DCIPS 550 C Street W JBSA Randolph AFB, TX 78150 US
• Name: Total Force Service Center
• Phone: 1-800-525-0102
• Email: [email protected]