This position is located within the AO Technology Office (AOTO) of the Department of Technology Services (DTS). The incumbent of this position will serve as the Federal Security Operations team member under AOTO Security Chief. AOTO boundary includes AO Local Area Network General Support Systems in Washington, DC, San Antonio, TX, and Charleston, SC, and the integrated IT environment.

Duties

The incumbent supports development of near and long-term security operations roadmaps, definitions of current and future security architectures, and assists in determining security requirements within the Judiciary guidelines and specifications that are based on AOTO requirements. The incumbent supports the development of a strong continuous monitoring program, to include Hardware Asset Management (HWAM), Software Asset Management (SWAM), Configuration Management and Vulnerability Management. The incumbent operationalizes supporting technologies to ensure that Judiciary Information Security Framework (JISF) requirements and IT Security Scorecard metrics are satisfied. The incumbent is the primary government Subject Matter Expert for Security Event Management and Incident Response at all AOTO-managed sites and for all national systems. Under the direction of the Security Operations Team Lead, the incumbent develops risk management metrics for decisionmakers. The incumbent reviews completed work of contractor personnel for effectiveness in meeting objectives, accuracy, Judiciary guidelines, and adherence to security best practices; oversees security components of AOTO-led projects; and communicates complex technical requirements to non-technical personnel. The incumbent will perform multiple and varying assignments under the direction and supervision of the Information Security Officer, AOTO. Additionally, this position will work closely with the Information Technology Security Office (ITSO) of the Department of Technology Services (DTS) to ensure the AOTO's compliance with the Judiciary Information Security Framework and both national and AO-specific security policies. Duties of the position include, but are not limited to: Supporting IT security operations initiatives to improve overall security posture and limit risk exposure for the AOTO. Operationalizing the enhancements to the continuous monitoring program that includes development of required processes and integration with existing security tools and technologies. Acting as the government Subject Matter Expert for Security Event Management and Incident Response. Identifying notable events, configuring alerting thresholds and SEIM dashboards that support Incident Response. Conducting periodic incident response plan testing through table-top exercises and simulations. Supporting the vulnerability management program at AOTO. Working with contractor teams to optimize the technology solutions that support security operations (i.e. Tenable Nessus, SecurityCenter, Forcepoint, Varonis, Trend Micro Apex One, etc.). Assisting in identifying risks and providing recommendations for determining appropriate mitigation techniques or strategies in support of risk acceptance decisions. Providing a supporting role in recognizing need for changes based on new security technologies or cyber related threats. Supporting mid and long-term plans that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT system vulnerabilities. Participating in the Change Control Board to provide security impact and vulnerability analysis for new and existing technologies at AOTO. Providing technical oversight and guidance to the security contractor team that develops and implements compensating controls, remediation plans, and Plans of Actions and Milestones (POA&Ms). Supporting the to secure design, implementation, maintenance, and modification of information technology systems that are critical to the operation and success of the Judiciary. This includes performing research to identify potential vulnerabilities in and threats to existing and proposed technologies and notifying the appropriate managers/personnel of the risk potential. Supporting the development, documentation and implementation of security operations processes and procedures that help manage the risk at an acceptable level.

Requirements

Qualifications

Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. Specialized Experience: Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience must demonstrate ALL areas defined below: Demonstrated ability to lead a Security Event Management and Incident Response for a large General Support System and smaller specialized systems. Demonstrated ability to identifying risks and providing recommendations for determining appropriate mitigation techniques or strategies in support of risk acceptance decisions. Demonstrated ability to provide technical oversight and guidance to contractor teams that develop and implement compensating controls, remediation plans, and Plans of Actions and Milestones (POA&Ms). Demonstrated ability to collaborate with project teams, stakeholders, advocating for security compliance requirements to technical solution providers, serving as technical lead subject matter expert for security operations in major projects. Desired, but not required: Industry recognized security certification is preferred (i.e., CISSP, CISA, Security+)

Education

This position does not require education to qualify.

Contacts

• Address Department of Technology Services One Columbus Circle, NE Washington, DC 20544 US
• Name: Kymberli Camber
• Phone: (210) 301-6303
• Email: [email protected]