The duties of this position include, but are not limited to:

• Developing processes and open source tools for proactively detecting malicious activity in government systems, and works closely with government engineering and infrastructure teams to integrate and provide policy oversight and direction of security operations.
• Serving on interagency groups tasked with providing direct technical assistance and support to Federal information security components of delivery, consulting, acquisition, and product services.
• Collaborating closely with stakeholders and partners on engineering teams responsible for creating and institutionalizing best practices in developing secure software.
• Providing advice and guidance regarding penetration testing across the government and assess vulnerabilities of software and infrastructure, and that of partners and collaborators through penetration testing (“red teaming”) policies, procedures and initiatives.
• Providing authoritative advice and assistance to Federal agencies and private industry entities in reviewing and implementing security operations and incident response remediation processes for security events within the federal government as a whole.
• Work in partnership with teams at 18F and/or other agencies to improve their security posture and detection/response capabilities.
• Collaborate with 18F’s Infrastructure and Engineering teams to develop operational security best practices.
• Perform security reviews of application designs, source code and deployments as required, covering all types of applications (web application, web services, mobile applications, thick client applications, SaaS)
• “Scrub in” with product teams to provide security expertise on sensitive or risky projects.
• Drafting, reviewing and validating security documentation such as system security plans, risk assessments, disaster recovery plans, business continuity plans, and/or user security guides to ensure that guides are adequate for implementation and use.

Conditions of employment

• U.S. Citizenship or National
• 1 year probationary period may be required
• Direct Deposit of salary check to financial organization
• Males born after 12/31/1959 must have registered with the Selective Service

If selected, you must meet the following conditions:

• Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C or Non-Career SES employee in the Executive Branch, you must disclose this information to the HR Office. Failure to disclose this information could result in disciplinary action including removal from Federal Service.
• Complete a "Declaration of Federal Employment" (OF-306) to determine suitability for Federal employment.
• Positions may be designated as Public Trust Positions and have varying position sensitivity requirements. Appointment may be subject to background investigations and favorable adjudication prior to entering on duty.
• Non-GSA employees must complete the Department of Homeland Security (DHS) Form I-9 to determine identity and employment (work status) eligibility. GSA will verify the information through the DHS e-Verify automated system. Any identified discrepancies must be resolved as a condition of continued employment.
• Complete an OGE Form 450, Confidential Financial Disclosure Report, and obtain approval that no conflict or an appearance of conflict exists between your financial interest and this position.
• You may be required to participate in the Region's Continuity of Operations Plan (COOP), representing the Service and/or GSA as a whole. This may involve participating in COOP meetings and planning activities; performing mission-critical work at a designated location other than the traditional GSA office site (which may be outside of the commuting area); and ensuring that GSA's needs are still being met in the event of an emergency, disaster or otherwise unforeseen circumstance disrupting traditional office operations.

Qualifications

Applicants applying for the GS-15 grade level must meet the following requirements:

Have IT-related experience demonstrating EACH of the four competencies AND specialized experience listed below:

IT SPECIALIST COMPETENCY REQUIREMENTS:

• Attention to Detail - This skill is generally demonstrated by assignments where the applicant keeps abreast of latest technology, information, research, etc., to maintain knowledge in field of expertise (for example, reads trade journals, participates in professional/technical associations, maintains credentials).
• Customer Service - This skill is generally demonstrated by assignments where the applicant promotes or develops and maintains good working relationships with key individuals or groups.
• Oral and Written Communication - This skill is generally demonstrated by assignments where the applicant serves on panels, committees, or task forces as a representative for the organization on technical or professional issues.
• Problem Solving - This skill is generally demonstrated by assignments where the applicant monitors current trends or events (for example, technological, economic, political, social, educational, or employment trends or events) and applies the information as appropriate.

SPECIALIZED EXPERIENCE REQUIREMENTS:

In addition to the competencies listed above, applicants must demonstrate one year of experience equivalent to the GS-14 level in the Federal service. Specialized experience is defined as experience overseeing, managing or leading complex, enterprise-class information technology, infrastructure and/or network security programs, projects and teams in one or more of the following areas:

• Application Engineering: Performing security assessments on software applications that reflect the state of modern information security and developing open source software tools as necessary to support such efforts.
• Software/Systems/Infrastructure Penetration Testing: Performing assessment of software and infrastructure vulnerabilities through penetration testing (“red teaming”). Performing physical and network security assessments to test their resilience to social engineering and phishing.
• Information Systems Security Operations and Incident Response: Performing IT security incident response and remediation processes for information system/infrastructure security events. Developing processes and open source tools to proactively detect malicious activity in systems and integrating such into security operations.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Applications will be evaluated against the basic qualifications. Qualified candidates will be considered in accordance with the Office of Personnel Management's Direct Hire Guidelines. Veterans' Preference does not apply to the direct hire recruitment procedures. Selections made under this notice will be processed as new appointments to the civil service. Current civil service employees would, therefore, be given new appointments. You may not be considered for the position if any part of the application is incomplete or missing the required supporting documentation. Falsifying your background, education, and/or experience is cause for not hiring you or dismissing you if hired.

If you are an Interagency Career Transition Assistance Plan eligible or a GSA Career Transition Assistance eligible, you must be considered well qualified to receive priority. ICTAP/CTAP. Well qualified is defined as possession of the majority of competencies required for the position, and will be determined based upon a review of your resume against the competencies required for the position being filled.
To preview questions please click here.