This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one-year probationary period. Who May Be Considered: U.S. Citizens View common definitions of terms found in this announcement.

Duties

This is a shared job announcement across the Cybersecurity and Infrastructure Security Agency, with multiple participating divisions. Multiple positions may be filled from this announcement. These divisions include, but are not limited to: Cybersecurity Division (CSD) Emergency Communications Division (ECD) Infrastructure Security Division (ISD) Integrated Operations Division (IOD) National Risk Management Center (NRMC) Office of the Chief Information Officer (OCIO) Office of the Chief Operations Support Officer (OCOSO) Stakeholder Engagement Division (SED) Typical work assignments include: Communicating information relevant to cyber defense for reporting awareness. Developing solutions for effective modernization of threat hunting techniques using cloud technologies and harmonize techniques and technology with cloud technologies in adjacent divisions to maximize cost savings and efficiencies to CISA. Using security monitoring tools to capture real-time traffic spawned by running malicious code. Conducting forensic analysis of data and systems within various cloud service provider environments and Operational Technology (OT) network traffic and devices.

Requirements

Qualifications

To be considered minimally qualified for this position, you must demonstrate that you have the required experience for the respective grade level in which you are applying: EXPERIENCE: Experience must be Information Technology (IT)-related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. You must have IT-related experience demonstrating each of the six competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Technical Competence - Uses knowledge that is acquired through formal training or extensive on-the-job experience to perform job; works with, understands, and evaluates technical information related to the job; advises others on technical issue. Teamwork - Encourages and facilitates cooperation, pride, trust, and group identity; fosters commitment and team spirit; works with others to achieve goals. AND SPECIALIZED EXPERIENCE: In addition to meeting the qualification requirement listed above, you must have at least one year of specialized experience at the next lower GS-grade level (or equivalent). Specialized experience is experience that has equipped you with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT. GS-12 You qualify for the GS-12 grade level if you have at least one (1) year of specialized experience at the GS-11 grade level (or equivalent) performing at least four of the following duties: Collecting, correlating, and analyzing host/network-based events and alerts from multiple enterprise technologies (e.g., VPNs, Firewalls, routers, IDS, security event logs, endpoint artifacts, service logs and operating system event logs, etc.) to investigate and/or research cyber security incidents. Providing technical summaries of findings in accordance with established reporting procedures and in accordance with existing frameworks. Performing incident triage by recommending scope, urgency, and potential impact, while collaborating with other reporting stakeholders and system owners. Configuring and managing networking technologies (e.g., routing, sensing, and monitoring). Performing command and control functions in response to incidents. GS-13 You qualify for the GS-13 grade level if you have at least one (1) year of specialized experience at the GS-12 grade level (or equivalent) performing at least four of the following duties: Developing tradecraft to identify attackers living off the land, obscuring artifacts with anti-forensics techniques, and the challenges around the use of modern encryption and distributed data platforms. Capturing and analyzing network traffic, network signature development, network behavioral analysis and network device integrity for incident response. Conducting threat hunting and incident response capabilities and detection gap-analysis to identify courses of action for national mission capability enhancements. Evaluating threat decision-making processes and generate requests for information/ intelligence to identify threat tactics and methodologies. Correlating incident data to identify exploited vulnerabilities or system weaknesses and make recommendations that enable expeditious remediation. National Service Experience (i.e., volunteer experience): Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement.

Education

Some federal jobs allow you to substitute your education for the required experience in order to qualify. For this job, you must meet the qualification requirement using experience alone--no substitution of education for experience is permitted.

Contacts

• Address Cybersecurity and Infrastructure Security Agency 1616 N. Fort Myer Dr. CISA-FMD Stop 0380 Arlington, VA 20598-0380 US
• Name: CISA OCHCO Outreach & Employee Experience
• Email: [email protected]