Clarification from the agency

All U.S. Citizens

As an IT Specialist (Cyber), you will perform the following duties:

• Performs assigned duties as the organization Information Response Analyst responsible for creating, interpreting, and implementing cybersecurity guidance and executing higher federal guidance IAW federal and Department of Commerce policies.
• Manages the technical compliance aspects of cybersecurity operations chiefs Defensive cyber operations including intrusion detection, new incident tracking, documentation, analytical investigation, problem closure, and future security threat countermeasures.
• Evaluates and recommends new tools, processes, and techniques to improve vulnerability analysis methodology and to support interaction with other stakeholders.
• Conducts detailed analysis of security requirements for new systems or modification to existing systems.
• Documents evidence obtained during the investigation, malware characteristics where applicable, and any identified weaknesses or misconfigurations and utilizes this information for the purposes of proposing corrective actions through the enterprise change management process.
• Performs system forensics of operating systems, file systems, volatile data (page files, memory, mobile devices ), data recovery, media analysis, evidence preservation, and operating system specific information.
• Assists and provides direction to the enterprise service desk, desktop technicians, managers, general users/customers, and other stakeholders for incident response.
• Monitors, oversees, and mentors NTIA contract incident handlers to ensure
  compliance with standard operating procedures, existing DOC and NTIA policies, and reporting requirements in
  addition to identifying the root cause of the intrusion and monitoring for signs of an advanced adversarial intrusion.
• Analyzes Information Assurance
  Vulnerability Alerts (IAVA) to determine the applicability of the alert on Information Technology (IT) assets and assures the required security features, procedures, patches, and updates are implemented to meet all suspense dates and to mitigate the vulnerability.
• Identifies vulnerabilities, their implications for the security of the network, and possible corrective actions/defenses.
• Leads or participates in in-progress reviews (IPRs), integrated product teams (IPTs), technical working groups, TWGs), and meetings to resolve specific problems.
• Prepares and conducts briefings for higher-level technical and non-technical personnel.
• Prepares reports documenting the risks to systems.
• Develops security documentation as required by Federal, DoC, and NTIA information security /information assurance programs.

Conditions of employment

• You must be a U.S. citizen to apply for this position.
• You must successfully pass a background investigation. This may include a credit check, a review of financial issues, as well as certain criminal offenses and illegal use of possession of drugs.
• You must be able to obtain and maintain a Top Secret clearance.
• A probationary period may be required.
• Selective Service: Males born after 12/31/59 must be registered or exempt from Selective Service (see https://www.sss.gov/).
• If you receive a conditional offer of employment for this position, you will be required to complete an Optional Form 306, Declaration for Federal Employment, and to sign and certify the accuracy of all information in your application.
• All Federal employees are required to have Federal salary payments made by direct deposit to a financial institution of their choosing.
• Drug Test Required: YES
• License required: NO
• Pre-employment physical required: NO
• Bargaining Unit Position: NO
• Confidential Financial Disclosure Report (OGE form 450): NO
• Permanent Change of Duty Station (PCS) Expense: WILL NOT be paid

Qualifications

Qualification requirements in the vacancy announcements are based on the U.S. Office of Personnel Management (OPM) Qualification Standards Handbook, which contains federal qualification standards. This handbook is available on the Office of Personnel Management's website located at: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/

Applicants must possess one year of specialized experience equivalent in difficulty and responsibility to the next lower grade level in the Federal Service. Specialized experience is experience that has equipped the applicant with the particular competencies/knowledge, skills and abilities to successfully perform the duties of the position. This experience need not have been in the federal government.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations e.g., professional; philanthropic, religious; spiritual; community, student, social). Volunteer work helps build critical competencies; knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

BASIC REQUIREMENT:

Applicants will be rated in accordance with the Information Technology (IT) Management Series 2210 (Alternative A) Individual Occupational Requirements.

For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below:

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

AND

SPECIALIZED EXPERIENCE: : To qualify for the GS-12: Applicants must also possess one full year (52 weeks) of specialized experience equivalent to the GS-11 in the Federal service. Specialized experience MUST include the following:

- Providing senior-level knowledge of advanced principles and best practices for cybersecurity incident response.
- Implementing methodologies to determine root cause, source, and recommendation for mitigation of incident.
- Using network traffic analysis, packet-level analysis, and malware analysis tools to conduct analysis of cybersecurity incidents.
- Implementing and managing strict security controls for systems, network infrastructure, and perimeter networks as well as leading investigation
for incidents or events that impact the security posture of the network.
- Conducting investigations of events, Indications of Compromise (IOCs), and hashes to measure the risk to the agency.
- Determining the root cause and course of action for containment and or eradicating risk to the Agency.
- Performing system administration duties for Windows and Linux systems in support of vulnerability management and digital forensics systems.

Specialized Experience: To qualify for the GS-13: Applicants must also possess one full year (52 weeks) of specialized experience equivalent to the GS-12 in the Federal service. Specialized experience MUST include the following:

- Providing technical advice, counsel, and instruction on cyber security issues- to include the Tactics, Techniques, and Procedures (TTP) best
utilized by the MITRE ATT&CK Framework;
- Initiating, directing, and participating in the full life cycle of cyber security incident handling according to NIST SP-800-61 and network
penetration testing of geographically dispersed and operationally diverse agency facilities;
- Participating in the arrogation of log collection and analysis for system security events associated with the agency cyber security programs;
- Maintaining continued technical liaison with the appropriate staff elements throughout the agency;
- Exchanging and reporting relevant cybersecurity events and vulnerabilities information with CISA and other agencies as required;
- Preparing various cybersecurity reports, briefings, summaries, and progress reports; and
- Recommending methodologies that improve Information System security violations, systemic incidents, or breakdowns.
- Performing vulnerability scanning, analysis, and remediation of Information Assurance Vulnerability Alerts (IA V As).
- Experience reviewing proposed system requirements, design and architecture documents to identify potential security issues in agency cloud
and on-­prem environments, information systems, and applications.
- Knowledge of security principles and best practices (Federal information security policies, practices, and legal requirements including FISMA,
RMF, NIST, and FedRAMP).

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

We will review your resume, optional cover letter and supporting documentation to determine if you meet the minimum qualifications for the position. If you meet the minimum qualifications stated in the vacancy announcement, we will compare your resume, optional cover letter and supporting documentation to your responses on the scored occupational questionnaire (True/False, Yes/No, Multiple Choice questions) and place you in one of the three pre-defined categories. The categories are "gold", "silver" and "bronze". However, your resume or optional cover letter must support your responses to the scored occupational questionnaire, or your score may be lowered. Candidates placed in the "gold" category will be identified for referral to the hiring manager and may be invited for an interview.

How you will be evaluated for preference eligibility: Within each category, those entitled to veterans' preference will be listed at the top of the pre-defined category for which they are placed. Preference eligible with a service-connected disability of 10% or more will be listed at the top of the highest quality category (gold) depending on the position and grade level of the job. For more information on Category Rating, please go to Category Rating.

The scored occupational questionnaire will evaluate you on the following competencies; please do not provide a separate written response:

• Technical Competence
• Information Resources Strategy and Planning
• Computer Network Defense
• Oral Communication
• Writing

• Classified or government sensitive information
• Social Security Number (SSN)
• Photos of yourself
• Personal information, such as age, gender, religious affiliation, etc.