Information regarding opportunities, how to submit your resume and your contact information is located on the Air Force Civilian Careers LinkedIn site. The Air Force Civilian Service (AFCS) is currently seeking a candidate for an Insider Threat Program Manager, DO-0343-II for the Joint Warfare Analysis Center, Dahlgren, VA

Duties

Responsible for the analysis, extraction, and sharing of insider threat indicators and indicators of compromise from multiple sources to include incident response analysis, providing assessments of known threats and vulnerabilities discovered, and identifying policy violations, among a variety of other duties related to these broad responsibilities. While adhering to all Department of Defense, Air Force and JWAC policies and directives pertaining to JWAC's Insider Threat Program, the selectee will leverage User Activity Monitoring (UAM) tools and various technical and non-technical data sources to detect anomalous activities and behaviors within the organization. Establishes behavioral baselines, leverages known malicious indicators, detects changes, and isolates suspicious activities to prevent collateral damage. Serves as the DOD Insider Threat Management and Analysis Center (DITMAC) Coordinator. Ensures all threshold level incidents are coordinated and submitted with DITMAC. Oversees the progression of activities for moving from the gathering of evidence to information analysis, theory development, and validation to form a reasonable ground to open an Insider Threat Inquiry. Assist in the development and implementation of standard operating procedures, policies, and criteria for program performance.

Requirements

• U.S. Citizenship Required
• Telework may be authorized
• Incumbent must have or be capable of obtaining and retaining a Top Secret/SCI security clearance
• Locations are not negotiable. The actual duty locations available may be located on the Air Force Civilian Service website
• This position has been designated by the Air Force as a Testing Designated Position (TDP) under the Air Force Civilian Drug Testing program. The incumbent is subject to random testing for drug use
• Position is subject to polygraph testing
• Must be determined suitable for federal employment
• Must participate in the direct deposit pay program
• New employees to the Department of the Air Force will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit e-verify.gov
• Within the Department of Defense (DoD), the appointment of retired military members within 180 days immediately following retirement date to a civilian position is subject to the provisions of 5 United States Code 3326
• Males born after 12-31-59 must be registered for Selective Service
• May be subject to 3-year probationary period pursuant to JWAC FRN, 85 Fed. Reg. 29419 (May 15, 2020).
• Department of Defense Counter-Insider Threat Professional certification conferral is required within 2 years of the established employee Entry on Duty date.

Qualifications

Only applicants who meet the area of consideration are eligible to apply for this job. To qualify for this position, you must meet the basic education and/or specialized experience requirements. Specialized Experience is defined as work in the private or public sector performing duties in or related to the work of the position being filled. For DO-II: Your resume must demonstrate at least one year of specialized experience at or equivalent to the DO-I/GS-11 grade level. Example: Specialized Experience is defined as experience working on Insider Threat inquiries/assessments supporting a wide variety of matters of sensitivity, scope, and complexity; evaluating and analyzing data, utilizing technical tools (e.g., user activity monitoring and/or behavior analytic tools); preparing reports and making recommendations. Knowledge, Skills, and Abilities (The following will be used to help rate and rank eligible candidates.): Knowledge of security operations, network monitoring or analysis, intrusion or anomaly detection analysis, threat hunting, threat attribution assessment. Knowledge of and experience with standard network logging formats, network management systems and network security monitoring systems, security information and event management, network packet analysis tools, and forensic analysis tools. Ability to utilize critical thinking and problem-solving methods and techniques to enhance the efficiency and effectiveness of the insider threat program. Skill in employing data analytic tools to collecting information from organization's network to identify potential insider threats. Ability to brief leadership and insider threat stakeholders on substantive/suspicious insider threat incidents, cases, and referrals, with an emphasis on identifying anomalies and trends to assist in developing courses of action to mitigate threats. Additional qualification information can be found from the following Office of Personnel Management web site: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/#url=List-by-Occupational-Series

Contacts

• Address Joint Warfare Analysis Center - JWAC 4048 Higley Road Dahlgren, VA 22448 US
• Name: Christina Riley
• Phone: 5406531584
• Email: [email protected]