This position is located in the Department of Technology Services, Information Technology Security Office, Security Operations Division.

Duties

This position is located within the IT Security Office (ITSO) of the Department of Technology Services (DTS). The incumbent is a recognized cyber security expert that has successfully managed defensive cyber operations, testing and assessment services, and insider threat programs. Must have a proven record of successfully leading threat detection, incident response and recovery activities at a national level, and extensive experience managing, developing and mentoring federal and contract personnel conducting defensive cyber operations. Will perform multiple and varying assignments under the Security Operations Division Chief. Duties may include, but are not limited to, the following: Fostering a collaborative culture within the Division. Testing attack techniques and responses. Identifying gaps in cyber threat detection. Enhancing Red and Blue Team skill sets. Preparing for real-world events and exercise activities. Identifying gaps in the judiciary's security operational framework and develops requirements to drive futures planning. Driving the judiciary to continuously improve its capabilities, processes and services. Researching, testing and procuring new tools and technologies to enhance primary functions of detecting, responding to and recovering from cyber security incidents. Communicating and influencing key stakeholders in the Judiciary to encourage security conscious decision making by providing relevant security awareness documentation and reporting. Ensuring's key metrics, reports and documentation align with the IT Security Office's national security strategies. Facilitating the development and communication of appropriate insider threat awareness messaging and training across the judiciary. Coordinating with other government agencies to facilitate information sharing and joint response actions for any cross-agency incidents. Identifying both technical and process improvements to elevate the quality of work performed by individual analysts, team leads, and other technical staff. Providing statistical cyber management reports and supporting data in response to ad-hoc requests for information. This is performed in addition to routine situational awareness reporting. Providing timely, clear, technically accurate notification to impacted judiciary stakeholders of the risk potential associated with IT security events and options for remediation. Ensuring notifications are tracked to closure and that escalations occur consistently in accordance with documented procedures. Developing and maintaining reporting metrics to measure and categorize intrusion attempts and related activities as well to identify incident trends. Developing technical articles and host webinars supporting Judiciary security awareness. Developing and maintaining processes and procedures used to manage operations and incident response processes. Maintaining and enhancing the security roadmap used to provide technical, personnel and procedural growth. Interfacing with clients and management to understand their security needs and overseeing the development and implementation of procedures to accommodate them. Planning, scheduling, assigning, and directing staff on technical and operational projects and during regular departmental activities as well as participating in federal recruitment and contract management activities.

Requirements

Qualifications

Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. Specialized Experience: Applicants must have at least one full year (52 weeks) of specialized experience, which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience as a cyber security specialist in a 24/7 security operations center. Be clear and specific when describing your work history since human resources cannot make assumptions regarding your experience. Your application will be rated based on your resume. Applicants with the following certifications/experiences are highly desirable: CompTIA Advanced Security Practitioner (CASP+) The GIAC Intrusion Analyst certification (GCIA) Certified Ethical Hacker Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Equivalent certifications

Education

This position does not require education to qualify.

Contacts

• Address Department of Technology Services One Columbus Circle, NE Washington, DC 20544 US
• Name: Kymberli Camber
• Phone: (210) 301-6303
• Email: [email protected]