This is a public notice flyer to notify interested applicants of anticipated vacancies. Applications will not be accepted through this flyer. Interested applicants must follow the directions in the "How to Apply" section of this flyer to be considered. There may or may not be actual vacancies filled from this flyer. Notice of Result letters will not be sent to applicants who respond to this flyer.

Duties

You will conduct cyber threat hunting to detect, assess, report and help resolve cyber threats and identifies U.S. government and organizational intelligence requirements to focus collection and analytical activities. You will search for threats and actual/potential intrusions using the full range of cyber threat hunting tools and techniques. You will utilize techniques, such as, Security Information and Event Management (SIEM) tools, Managed Detection and Response (MDR) systems, encryption software, access control/monitoring and penetration testing. You will identify, monitor, and assess potential threats through network data such as NetFlow, email headers, PCAP analysis, network logs and Transport Layer Security (TLS) Certificate Pivoting. You will conduct in-depth investigations of any anomalies and irregularities to find the root cause of an incident and takes swift action including adversary tracking and incident reporting and response. You will collect relevant intelligence and network data and conduct cyber analysis to inform the decision-making process. You will create reports that highlight key findings for NCIS, DON, the U.S. Intelligence Community and other 'friendly' cyber threat hunters. You will recommend and implement effective responses to defeat the threat and reduce vulnerability; this includes development of improvements in threat identification and in-depth analysis/reporting. You will implement cooperative work with other Cybersecurity or Information Security (INFOSEC), plus CI and LE, personnel in NCIS and DON. You will write Intelligence Information Reports (IIRs). You will prepare documentation to support system operations: Originates documentation reflecting unique system characteristics, as well as security, local policy and operating considerations. You will brief Division officials on key cyber defense issues, including the threat landscape or critical NCIS systemic vulnerabilities and recommended or implemented cybersecurity responses, as assigned. You will adhere to Department of Defense (DoD), DON, NCIS, National Institute of Standards and Technology (NIST), Cybersecurity and Infrastructure Security Agency (CISA) and other relevant cybersecurity frameworks and protocols. You will keep abreast of new information technologies applicable to cyber defense of NCIS systems and improves one's own knowledge and skills in cybersecurity with emphasis on cyber defense to reach the expert level. You will use a computer, a wide range of cyber defense tools and techniques to perform cyber defense work as well as administrative work (communicate, word process, record, calculate, prepare presentations, etc.).

Requirements

• Must be a US Citizen.
• Must be determined suitable for federal employment.
• Must participate in the direct deposit pay program.
• New employees to the Department of the Navy will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit e-verify.gov
• Within the Department of Defense (DoD), the appointment of retired military members within 180 days immediately following retirement date to a civilian position is subject to the provisions of 5 United States Code 3326.
• Males born after 12-31-59 must be registered for Selective Service.
• Successful completion of a pre-employment drug test (including marijuana) is required. A tentative offer of employment will be rescinded if you fail to report to the drug test appointment or fail the test. You will be subject to random testing.
• You will be required to obtain and maintain an interim and/or final Top Secret (SCI) security clearance prior to entrance on duty. Failure to obtain and maintain the required level of clearance may result in the withdrawal of a job offer or removal.
• This position may require travel from normal duty station to CONUS and OCONUS and may include remote or isolated sites. You must be able to travel on military and commercial aircraft for extended periods of time.
• The incumbent is required to obtain and maintain qualifications in DoDM 8140.03 Cyber Workforce Qualification and Department of Navy policies.
• The incumbent must obtain the required credentials within 12 months of appointment and maintain those credentials as described in DoDM 8140.03 for role of Cyber Defense Analyst (code 511) and a proficiency level of Intermediate. DoDM 8140.03.
• The incumbent must participate in a continuous professional development program as described in DoDM 8140.03.
• An annual 20 hour minimum of Cyber Workforce related continuous learning must be documented in a current individual development plan signed by both the employee and supervisor.

Qualifications

GS-11: Your resume must also demonstrate at least one year of specialized experience at or equivalent to the GS-09 grade level or pay band in the Federal service or equivalent experience in the private or public sector. Specialized experience must demonstrate the following: Experience with digital media evidence preservation and seizure, computer forensics examinations evidence. Experience with internet-enabled threat environments, open-source tools, and current implementation of threat technologies in order to devise collection strategies and proactive counterintelligence activities to pursue access and exploitation of targets of interest. Experience conducting open-source research using periphery sources to identify, enumerate, and target persons of interest related to network exploitation, to include through social networking sites, blogs, Internet, mapping tools, etc. GS-12: Your resume must also demonstrate at least one year of specialized experience at or equivalent to the GS-11 grade level or pay band in the Federal service or equivalent experience in the private or public sector. Specialized experience must demonstrate the following: Experience with digital media evidence preservation and seizure, computer forensics examinations evidence. Experience with internet-enabled threat environments, open-source tools, and current implementation of threat technologies in order to devise collection strategies and proactive counterintelligence activities to pursue access and exploitation of targets of interest. Experience conducting open-source research using periphery sources to identify, enumerate, and target persons of interest related to network exploitation, to include through social networking sites, blogs, Internet, mapping tools, etc. ***Cyber Defense Analyst will be assigned to the Cyber Operations Field Office (CBFO) and will be responsible for monitoring network activity to identify, report on and help resolve threats posed by foreign cyber actors against the Department of the Navy/NCIS networks infrastructure, personnel and technology with emphasis on threats to law enforcement (LE) and counterintelligence (CI) processes and procedures. Additional qualification information can be found from the following Office of Personnel Management website:Information Technology (IT) Management Series 2210 (Alternative A) Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

Education

GS-11: Applicants that do not meet the specialized experience may qualify with education or a combination of experience and education as listed below. Such education must demonstrate the knowledge, skills, and abilities necessary to do the work:

Ph.D. or equivalent doctoral degree

or

3 full years of progressively higher level graduate education leading to a Ph.D. or equivalent doctoral degree

Contacts

• Address NCIS 27130 Telegraph Road Quantico, VA 22134 US
• Name: Suzanne Mahaffey
• Phone: 571-305-9664
• Email: [email protected]