This position is located in the Monitoring Incident Response (MIR) Division, Office of Cyber Monitoring and Operations (CMO), Cyber and Technology Security Directorate (CTS), Bureau of Diplomatic Security. You will plan and direct the Department's Blue Team program.  The Blue Team oversees and conducts cybersecurity posture assessments of Department systems, analyzes specific threats and vulnerabilities to assess Department impact.   

Duties

Plans, organizes, and manages the Department’s Blue Team program including authorizing assessment activity, providing operational guidance, and managing resource requirements. Oversees identification of critical vulnerabilities using a variety of toolsets, including enterprise vulnerability scanning, analysis of log data, and the use of ad hoc scanning capabilities deployed in a cloud environment. Provides authoritative advice and guidance to CTS management in resolving monitoring and protective deficiencies identified during Blue Team cyber posture and vulnerability assessments. Liaises, manages, and maintains relationships with security and operational personnel within Diplomatic Technology (formerly Information Resources Management (IRM)), and other bureaus.

Requirements

• U.S. Citizenship is required.
• Incumbent will be subject to random drug testing.
• Must be able to obtain and maintain a Top Secret security clearance.

Qualifications

Applicants must meet all the required qualification requirements described below by the closing date of this announcement.  NOTE: Applicants must meet time-in-grade and time after competitive appointment requirements, by the closing date of this announcement. Time-In-Grade Requirements: Federal applicants must have served 52 weeks at the next lower grade to satisfy time-in-grade restrictions, per 5CFR 300, Subpart F. Applicants applying for the GS-14 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND specialized experience listed below: Attention to Detail - Incumbent demonstrates a high level of attention to detail by applying personal knowledge and ability to provide expert technical analysis and consultation focused on reviewing and evaluating information systems in order to ensure the effectiveness of security controls against potential cyber threats and vulnerabilities.  Customer Service - Incumbent demonstrates a high level of ability to serve customers by establishing and maintaining industry partnerships and providing expert guidance on complex and controversial cybersecurity issues which have long term impact on IT infrastructure security.  Oral Communication - Incumbent demonstrates a high level of skill in communicating in order to provide expert advice and guidance, exchange information, brief senior officials, plan and coordinate activities, recommend new methods, approaches, and resolve problems. Problem Solving - Incumbent clearly demonstrates the ability to solve and prioritize problems by determining the most appropriate principles to apply and resolving a wide range of technical issues related to cybersecurity with limited supervisory involvement; AND Have at least 1 full year of specialized experience equivalent to the GS-13 level in the Federal service which provided you with the particular knowledge, skills and abilities to perform the duties of the position. Qualifying specialized experience must demonstrate the following: Experience performing network security reviews, identifying gaps in security architecture, and making recommendations for risk mitigation strategies; Experience utilizing cyber defense tools (e.g., intrusion detection system alerts, firewalls, network traffic logs) in order to provide continual monitoring and analysis of system activity to identify malicious activity; and  Experience identifying common attackers and methods, analyzing trends, and utilizing gathered data to create threat analysis reports for internal and external use.  NOTE: In order to qualify for this position, your experience MUST be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. There is no substitute of education for specialized experience for the GS-14 position.

Education

Education requirements do not apply to this vacancy announcement.

Contacts

• Address U.S. Department of State 1801 N. Lynn St SA-20 9th fl Attn: DS/EX/HRM Rosslyn, Virginia 22091 United States
• Name: J. Perry
• Phone: 202-705-2943
• Email: [email protected]