DFC ranked a Best Places to Work in 2022. This position is part of the U.S. International Development Finance Corporation (DFC), Office of Information Technology (OIT). As an IT Cybersecurity Specialist, you will be responsible for developing and implementing strategies for continuous monitoring, hunting and detection of security threats and indicators of compromise (IOCs).

Duties

As an IT Cybersecurity Specialist, you will: Proactively hunt for potential threats and indicators of compromise (IOCs) and perform vulnerability scanning to analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of unauthorized software and proper identification of vulnerabilities. Develop and implement strategies for continuous monitoring and detection of security threats by performing advanced event and incident analysis including baseline establishment and trend analysis for on-premises and cloud based systems and services. Analyze security breach and incident data by participating on Incident Response teams as needed to address security incidents or investigations and provide lesson learned to improve security architecture and potential vulnerabilities. Coordinate internal and external penetration tests as needed, to identify, prioritize and remediate any vulnerabilities. Develop and maintain comprehensive documentation regarding threats and vulnerabilities to support ongoing security systems operations, maintenance and specific problem resolution. Evaluate new security technology, emerging threats, tactics and mitigation techniques and provide recommendations to strengthen the information security environment for local and deployed agency personnel. Coordinate and maintain the IT security tool set to support the organization's continuous monitoring and authorization program. Provide training and guidance to other team members on cybersecurity best practices. Please Note: This is not a Bargaining unit position.

Requirements

• Must be a U.S. Citizen or National
• Males born after 12-31-59 must be registered for Selective Service
• Must submit resume and supporting documents (See How To Apply)
• Suitability for Federal employment, as determined by a background investigation
• May be required to successfully complete a probationary period
• Must be able to obtain and maintain a secret/top-secret security clearance
• Obtainment of certification from Int'l Info. System Security Certification Consortium (ISC2), Info. Systems Audit and Control Association (ISACA) or Global Information Assurance Certification (GIAC) is required within 12 months of on-boarding.

Qualifications

Status candidates must meet time-in-grade requirements (52 weeks at the next lower grade level). Applicants must meet all eligibility and qualification requirements no later than the closing date of this announcement. TIME-IN-GRADE: Current career or career-conditional employees of the Federal government, or former career or career-conditional employees, who have a break in service of less than one year, are required to meet the time-in-grade restriction of one year of Federal experience at the next lower grade, with few exceptions outlined in 5 CFR 300.603(b). BASIC REQUIREMENT For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below: 1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. 2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. 3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. 4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND ADDITIONAL REQUIREMENT In addition to the Basic Requirement listed above, you must meet the required specialized experience listed below. One year of specialized experience equivalent to the GS-13 grade level in the Federal service that demonstrates your experience in all of the following: 1) Experience performing system administration on specialized cyber defense applications and systems (install/configure, test, maintenance, backup and restoration) (Ex. CrowdStrike, Qualys, Lookout, Splunk, Nessus, Tenable, Defender); 2) Experience implementing Risk Management Framework (RMF)/Security Assessment and Authorization (SA&A) requirements for IT systems within the enterprise; and 3) Experience using and configuring tools such as Security Information and Event Management (SEIM), Managed Detection and Response (MDR) and Endpoint Detection and Response (EDR). Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. This announcement may be used to fill similar positions, if additional vacancies occur.

Education

This job does not have an education qualification requirement.

Contacts

• Address International Development Finance Corporation 1100 New York Ave. NW Washington, DC 20527 US
• Name: Laura Whitlock
• Phone: 771-201-9229
• Email: [email protected]