You will serve as a Senior Security Operations Center (SOC) Analyst in the MARFORCYBER Joint Mission Operations Center (JMOC) and is responsible for leading activities related to 24/7/365 device monitoring, event correlation and analysis, incident response support, security configuration monitoring, and mitigation decisions.
*SEE ADDITIONAL INFORMATION SECTION FOR CONTINUATION OF SUMMARY
Summary
You will serve as a Senior Security Operations Center (SOC) Analyst in the MARFORCYBER Joint Mission Operations Center (JMOC) and is responsible for leading activities related to 24/7/365 device monitoring, event correlation and analysis, incident response support, security configuration monitoring, and mitigation decisions.
*SEE ADDITIONAL INFORMATION SECTION FOR CONTINUATION OF SUMMARY
Must be determined suitable for federal employment.
Must participate in the direct deposit pay program.
New employees to the Department of the Navy will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights and responsibilities, visit e-verify.gov
Within the Department of Defense (DoD), the appointment of retired military members within 180 days immediately following retirement date to a civilian position is subject to the provisions of 5 United States Code 3326.
Males born after 12-31-59 must be registered for Selective Service.
Per the preliminary nationwide injunction on E.O. 14043, COVID-19 vaccinations will not be implemented or enforced. For more information on vaccine status and workplace safety protocol requirements see Additional Information below.
You are required to possess and maintain a TOP SECRET/SCI security clearance prior to entrance on duty. Failure to possess and maintain the required level of clearance may result in the withdrawal of a job offer or removal.
The incumbent must obtain and maintain NSA badging for NIPR/SIPR/NSANet accounts.
Successful completion of a pre-employment drug test (including marijuana) is required. A tentative offer of employment will be rescinded if you fail to report to the drug test appointment or fail the test. You will be subject to random testing.
This position may require travel from normal duty station to CONUS and OCONUS and may include remote or isolated sites. You must be able to travel on military and commercial aircraft for extended periods of time.
You will be required to complete training, obtain, and maintain a government credit card for travel and travel-related purchases.
This position is designated as a Mission Essential (ME) position.
A Counterintelligence Polygraph is required, and a non-disclosure agreement must be signed.
This position requires shift work, weekend, holiday work, overtime, and irregular hours
Qualifications
QUALIFYING ITEMS:
Serves as a Senior Security Operations Center (SOC) Analyst in the MARFORCYBER Joint Mission Operations Center (JMOC) and is responsible for leading activities related to 24/7/365 device monitoring, event correlation and analysis, incident response support, security configuration monitoring, and mitigation decisions.
Desired experience is a minimum of five (5) years of professional experience in incident detection and response, malware analysis, or cyber forensics.
Some experience may be substituted for a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, Cyberspace Operations, or related field.
The candidates must have extensive experience analyzing and synthesizing information with other relevant data sources, providing guidance and mentorship to others in cyber threat analysis and operations, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analysis with counterintelligence and law enforcement investigations.
5 (+) years in an SOC Analyst or Incident Responder/Handler role
Full understanding of Tier 1 responsibilities/duties and how the duties feed into Tier 2.
The ability to take lead on incident research when appropriate and be able to mentor junior analysts
Advanced knowledge of TCP/IP protocols
Knowledge of Windows, Linux operating systems
Knowledge of Intrusion Detection Systems (IDS) and SIEM technologies; Splunk or ArcSight experience
Deep packet and log analysis
Some Forensic and Malware Analysis preferred
Cyber Threat and Intelligence gathering and analysis
Bachelor's degree or equivalent experience
Knowledge and experience with scripting and programming are also highly preferred
Desirable certifications include, but are not limited to:
GCIH, GCIA, GCFE, GREM, GCFA, GSEC
Security +
CEH, CISSP, CCNA (Security) or equivalent Certifications.
CySA+
This position is within the Work Category PROFESSIONAL at Work Level FULL PERFORMANCE, Series and Grade GG-2210-13.
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.
Performs other duties as assigned.
*POSITION DUTIES/RESPONSIBILITIES:
Shift Work (rotating) in a high OPTEMPO SOC
Monitor, protect, and defend the enterprise against malicious network traffic, ongoing and emerging threats
Utilize state of the art technologies such as host analysis, Endpoint Detection & Response tools, log analysis (Splunk) and network forensics (full packet capture solution) to perform hunt and investigative activity to examine endpoint and network-based data
Conduct analysis, host and network, forensics, log analysis, and triage in support of incident response
Recognize attacker and APT activity, tactics, and procedures as indicators of compromise (IOCs) that can be used to improve monitoring, analysis and incident response
Develop and build security content, scripts, tools, or methods to enhance the incident investigation processes
Lead Response activities and mentor junior staff
Work with key stakeholders to implement remediation plans in response to incidents
Effectively investigative and identify root cause findings then communicate findings to stakeholders including technical staff, and leadership
Author Standard Operating Procedures (SOPs) and training documentation when needed
Generates end-of-shift reports for documentation and knowledge transfer to subsequent analysts on duty
Education
Additional information
This is a public notice flyer to notify interested applicants of anticipated vacancies. Applications will not be accepted through this flyer. Interested applicants must follow the directions in the "How to Apply" section of this flyer to be considered. There may or may not be actual vacancies filled from this flyer. Notice of Result letters will not be sent to applicants who respond to this flyer.
COVID VACCINATION INFORMATION: To comply with the recent preliminary nationwide injunction on Executive Order 14043, Requiring Coronavirus Disease 2019 Vaccination for Federal Employees, the Department of the Navy is not taking any action to implement or enforce the COVID-19 vaccination requirement. New hires will need to provide their vaccination status as well as comply with workplace safety protocols related to masking, physical distancing, testing, travel, and quarantine.
This position is covered by the Department of Defense Priority Placement Program.
This position is a DoD Cyber Excepted Service (CES) personnel system position in the Excepted Service under 10 U.S.C. 1599f.
This position is in the excepted service and does not confer competitive status.
Several vacancies may be filled.
Certain incentives (such as Recruitment, Relocation or Student Loan Repayment) may be authorized to eligible selectees.
A relocation incentive is generally a single payment intended to offset some of the relocation costs experienced by the selectee. A relocation incentive may be authorized.
This position is not telework eligible.
A tentative offer of employment will be rescinded if the selectee fails to meet the pre-employment requirements, including failure to report to any of the scheduled appointments.
The Cyber Interagency Transfer Authority (CITA) permits movement of CES employees appointed under Section 1599f of Title 10 U.S.C. and excepted service employees appointed under Schedule A, Section 213.3106(b)(11) of Title 5 CFR, into cyber workforce positions in the competitive service and movement of competitive service employees into DoD Cyber Workforce positions within the Military Departments and Defense Agencies.
*CONTINUATION OF SUMMARY:
The ideal candidate possesses the following: Desired experience is a minimum of five (5) years of professional experience in incident detection and response, malware analysis, or cyber forensics. Some experience may be substituted for a bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, Cyberspace Operations, or related field. The candidates must have extensive experience analyzing and synthesizing information with other relevant data sources, providing guidance and mentorship to others in cyber threat analysis and operations, evaluating, interpreting, and integrating all sources of information, and fusing computer network attack analysis with counterintelligence and law enforcement investigations.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How you will be evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
In order to qualify for this position, your resume must provide sufficient experience and/or education, knowledge, skills, and abilities to perform the duties of the specific position for which you are being considered. Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position. Therefore, we encourage you to be clear and specific when describing your experience.
As vacancies occur, the Human Resources Office will review your resume to ensure you meet the hiring eligibility and qualification requirements listed in this flyer. You will be rated based on the information provided in your resume, along with your supporting documentation.
If selected, you may be required to provide additional supporting documentation.
If after reviewing your resume and supporting documentation, a determination is made that you inflated your qualifications and/or experience, you may be found ineligible/not qualified.
Please follow all instructions carefully. Errors or omissions may affect your rating or consideration for employment.
All qualification requirements must be met before being considered for any vacancies.
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
A complete resume is required. Your resume must show relevant experience, job title, duties and accomplishments. Your resume must show complete information for each job entry to support minimum qualifications. The following information should be provided in your resume, but it is acceptable to provide elsewhere in your application package: employer's name, starting and end dates (Mo/Yr), hours per week, and pay plan, series and grade level (e.g. GS-0201-09) for relevant federal experience.TIP: A good way to ensure you include all essential information is to use the Resume Builder in USAJOBS to create your resume.
Are you claiming membership in any professional organizations, or possession of a license, certificate or credentials? Check the Conditions of Employment section above to see if any are required. If you claim membership, license, certification, or credentials, you must submit a copy of said document in your application package.
Are you using education as a substitute for some or all of the experience requirement? Is there a basic education requirement for this position? Check the Education section above to see what is allowed and what is required. Any claims you make in your resume or assessment questionnaire regarding education or degrees MUST be supported by submitting with your application official or unofficial transcripts or a list of courses, grades earned, completion dates, and quarter and semester hours earned issued from your school. While unofficial transcripts are acceptable for initial application, an official transcript will ultimately be required if you are selected for the position. You may submit a copy your degree(s) if specific coursework does not have to be verified.
Are you a veteran claiming 5-point veterans' preference or claiming sole survivorship preference? You must submit a copy of your latest DD-214 Certificate of Release or Discharge from Active Duty (any copy that shows all dates of service, as well as character of service [Honorable, General, etc.] is acceptable) OR a VA letter that shows dates of service or service connected disability AND character of service. If you have more than one DD-214 for multiple periods of active duty service, submit a copy for each period of service. If you were issued a DD-215 to amend aforementioned information on the DD-214 you must submit that too. If you are not sure of your preference eligibility, visit the Department of Labor's website: Veterans' Preference Advisor
Are you a disabled veteran or claiming 10-point veterans' preference?
If you are eligible to claim 10 point veterans preference you must submit a DD-214 Certificate of Release or Discharge from Active Duty as described above for 5-point preference.
You must also provide the applicable supporting documentation of your disability (e.g. disability letter from the VA) as described on Standard Form-15 (SF-15). http://www.opm.gov/forms/pdf_fill/SF15.pdf.
Are you an active duty service member? Active Duty Service Members are required to submit a statement of service printed on command letterhead and signed by the command. The statement of service must provide the branch of service, rate/rank, all dates of service, the expected date of discharge and anticipated character of service (Honorable, General, etc.).
DoD Components with CES positions apply Veterans' Preference to preference eligible candidates as defined by Section 2108 of Title 5 U.S.C., in accordance with the procedures provided in DoD Instruction 1400.25, Volume 3005, "CES Employment and Placement." If you are a veteran claiming veterans' preference, as defined by Section 2108 of Title 5 U.S.C., you must submit documents verifying your eligibility with your application package. Examples of these documents include: a DD-214 (Member-4 copy); a Statement of Service (if you are currently active duty) from your unit which states the date you entered on active duty, the date you are separating, character of service, and the campaign medals you have received. Veterans with a service-connected disability rating must submit an official written document from the Department of Veterans Affairs certifying your compensable service-connected disability rating with overall percentage clearly shown.
Documents submitted as part of the application package, to include supplemental documents, may be shared beyond the Human Resources Office. Some supplemental documents contain personal information such as SSN and DOB and some documents such as military orders and marriage certificates may contain personal information for someone other than you. You may sanitize these documents to remove said personal information before you submit your application. You must provide an un-sanitized version of the documents if you are selected.
Interested Applicants must submit resumes/application packages to:
1. Email your resume to
MARFORCYBER_CIV_JOBS@NSA.gov
, including the job series in the email subject line (example "GG-2210-1_Soc Tier III Analyst").
2. Resume must be submitted by 11:59 pm Eastern on the closing date.
Facsimile applications will not be considered.
All resumes/applications must be received no later than the close date of this flyer.
It is the applicant's responsibility to verify that all information in their resume and documents, are received, legible, and accurate. HR will not modify answers/documents submitted by an applicant.
Failure to submit a complete application package will result in an ineligible rating and loss of consideration.
The United States Government does not discriminate in employment based on race, color, religion, sex, national origin, political affiliation, sexual orientation, marital status, status as a parent, genetic information, disability, age, membership or non-membership in an employee organization, or on the basis of personal favoritism.
U S MARINE FORCES CYBERSPACE COMMAND
9800 Savage Road
Fort Meade, MD 20755-5810
US
Next steps
Qualified applicants will be referred to the hiring manager. The selecting official may choose to conduct interviews.
Our evaluation will be based on the information you provide. You should expect that we will verify performance, suitability, and security information and take that information into account in making employment offers.
NOTE: Due to COVID19, if you have any questions or need assistance, please email the DON Employment Information Center at DONEIC@us.navy.mil
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
A complete resume is required. Your resume must show relevant experience, job title, duties and accomplishments. Your resume must show complete information for each job entry to support minimum qualifications. The following information should be provided in your resume, but it is acceptable to provide elsewhere in your application package: employer's name, starting and end dates (Mo/Yr), hours per week, and pay plan, series and grade level (e.g. GS-0201-09) for relevant federal experience.TIP: A good way to ensure you include all essential information is to use the Resume Builder in USAJOBS to create your resume.
Are you claiming membership in any professional organizations, or possession of a license, certificate or credentials? Check the Conditions of Employment section above to see if any are required. If you claim membership, license, certification, or credentials, you must submit a copy of said document in your application package.
Are you using education as a substitute for some or all of the experience requirement? Is there a basic education requirement for this position? Check the Education section above to see what is allowed and what is required. Any claims you make in your resume or assessment questionnaire regarding education or degrees MUST be supported by submitting with your application official or unofficial transcripts or a list of courses, grades earned, completion dates, and quarter and semester hours earned issued from your school. While unofficial transcripts are acceptable for initial application, an official transcript will ultimately be required if you are selected for the position. You may submit a copy your degree(s) if specific coursework does not have to be verified.
Are you a veteran claiming 5-point veterans' preference or claiming sole survivorship preference? You must submit a copy of your latest DD-214 Certificate of Release or Discharge from Active Duty (any copy that shows all dates of service, as well as character of service [Honorable, General, etc.] is acceptable) OR a VA letter that shows dates of service or service connected disability AND character of service. If you have more than one DD-214 for multiple periods of active duty service, submit a copy for each period of service. If you were issued a DD-215 to amend aforementioned information on the DD-214 you must submit that too. If you are not sure of your preference eligibility, visit the Department of Labor's website: Veterans' Preference Advisor
Are you a disabled veteran or claiming 10-point veterans' preference?
If you are eligible to claim 10 point veterans preference you must submit a DD-214 Certificate of Release or Discharge from Active Duty as described above for 5-point preference.
You must also provide the applicable supporting documentation of your disability (e.g. disability letter from the VA) as described on Standard Form-15 (SF-15). http://www.opm.gov/forms/pdf_fill/SF15.pdf.
Are you an active duty service member? Active Duty Service Members are required to submit a statement of service printed on command letterhead and signed by the command. The statement of service must provide the branch of service, rate/rank, all dates of service, the expected date of discharge and anticipated character of service (Honorable, General, etc.).
DoD Components with CES positions apply Veterans' Preference to preference eligible candidates as defined by Section 2108 of Title 5 U.S.C., in accordance with the procedures provided in DoD Instruction 1400.25, Volume 3005, "CES Employment and Placement." If you are a veteran claiming veterans' preference, as defined by Section 2108 of Title 5 U.S.C., you must submit documents verifying your eligibility with your application package. Examples of these documents include: a DD-214 (Member-4 copy); a Statement of Service (if you are currently active duty) from your unit which states the date you entered on active duty, the date you are separating, character of service, and the campaign medals you have received. Veterans with a service-connected disability rating must submit an official written document from the Department of Veterans Affairs certifying your compensable service-connected disability rating with overall percentage clearly shown.
Documents submitted as part of the application package, to include supplemental documents, may be shared beyond the Human Resources Office. Some supplemental documents contain personal information such as SSN and DOB and some documents such as military orders and marriage certificates may contain personal information for someone other than you. You may sanitize these documents to remove said personal information before you submit your application. You must provide an un-sanitized version of the documents if you are selected.
Interested Applicants must submit resumes/application packages to:
1. Email your resume to
MARFORCYBER_CIV_JOBS@NSA.gov
, including the job series in the email subject line (example "GG-2210-1_Soc Tier III Analyst").
2. Resume must be submitted by 11:59 pm Eastern on the closing date.
Facsimile applications will not be considered.
All resumes/applications must be received no later than the close date of this flyer.
It is the applicant's responsibility to verify that all information in their resume and documents, are received, legible, and accurate. HR will not modify answers/documents submitted by an applicant.
Failure to submit a complete application package will result in an ineligible rating and loss of consideration.
The United States Government does not discriminate in employment based on race, color, religion, sex, national origin, political affiliation, sexual orientation, marital status, status as a parent, genetic information, disability, age, membership or non-membership in an employee organization, or on the basis of personal favoritism.
U S MARINE FORCES CYBERSPACE COMMAND
9800 Savage Road
Fort Meade, MD 20755-5810
US
Next steps
Qualified applicants will be referred to the hiring manager. The selecting official may choose to conduct interviews.
Our evaluation will be based on the information you provide. You should expect that we will verify performance, suitability, and security information and take that information into account in making employment offers.
NOTE: Due to COVID19, if you have any questions or need assistance, please email the DON Employment Information Center at DONEIC@us.navy.mil
Fair and transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
