• Help

    Duties

    Summary

    Make a Career Connection! We are looking for individuals who would like to come to work for a small, independent regulatory agency dedicated to saving lives. We work very hard to protect the public from the unreasonable risk of injury and death from consumer products. Every U. S. Consumer Product Safety Commission (CPSC) employee is proud to be a part of a team that works together to assure that the products you use every day are safe. Consider a position at the CPSC as your career choice.

    Join the team! This is an opportunity to join a group of IT professionals taking CPSC's information systems to another level. We're looking for a bright, creative, hard-working individual equally as passionate about protecting CPSC information systems against unauthorized disclosure. The work is demanding and exciting. Consider a position at the CPSC as your career choice.

    Learn more about this agency

    Responsibilities

    This position is located within the Office of Information and Technology Services and reports to the Information Systems Security Officer (ISSO). The incumbent serves as a technical professional and IT security analyst with responsibility for supporting the agency’s cybersecurity program.

    The incumbent will work independently to:

    1. Support the documentation, validation, and accreditation processes necessary to assure that agency information technology systems meet the agency’s information security/information assurance (IS/IA) requirements (e.g., FISMA, US-CERT, DHS, etc.).
    2. Coordinate security assessments and audits; complete certification and accreditation packages for major information technology systems.
    3. Monitor network activity and analyze evidence of suspicious behavior to identify and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
    4. Review data collected from a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs) to analyze events that occur within the operating environment for the purposes of mitigating threats. The incumbent responds to security alerts indicating possible cyber events.
    5. Conduct assessments of threats and vulnerabilities, determine deviations from acceptable configurations, enterprise or local policy, asses the level of risk, and develop and/or recommend appropriate mitigation countermeasures in operational and nonoperational situations.
    6. Review and asses system changes for security implications and impact to existing operations.
    7. Provide technical recommendations and guidance for corrective actions resulting from security audits and vulnerability assessments.
    8. Conduct routine vulnerability and configuration compliance scanning.
    9. Recommend, evaluate, install, configure, and maintain cybersecurity tools (both hardware and software).
    10. Perform real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks as part of agency Cyber Incident Response Team (CSIRT).
    11. Track security control implementation status and support plan of action & milestones reporting for major agency systems.

    Travel Required

    Not required

    Supervisory status

    No

    Promotion Potential

    13

    Who May Apply

    This job is open to…

    UNITED STATES CITIZENS MAY APPLY (no prior federal experience is required).

    Questions? This job is open to 1 group.

This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/501656600. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.