At the Securities and Exchange Commission (SEC), we are committed to diversity, equity, inclusion and accessibility (DEIA) and value a workforce that reflects the diverse experiences and perspectives of the communities we serve. As such, we welcome applications from qualified individuals of all backgrounds who share our commitment to public service.
Typical duties:
Creating new intrusion detection mechanisms that identify cybersecurity incidents, and automating common incident response activities using Splunk Search Processing Language (SPL) with a high degree of proficiency.
Leveraging data extraction and analysis tools, with a high degree of proficiency, to include but not limited to: Perl Compatible Regular Expressions (PCRE), GNU Coreutils, CyberChef, Python modules, Microsoft Excel/Splunk Pivot Tables, SPL, etc.
Proficiency with Python 3.x and/or PowerShell for automating multi-platform enterprise infrastructure tasks associated with cybersecurity analysis and incident response.
Forming sound analytical assessments by systematically applying the Lockheed Martin Cyber Kill Chain®, the "The Diamond Model of Intrusion Analysis", and MITRE ATT&CK framework against all available data during the course of analysis.
Conducting static and dynamic malware analysis, evaluating network packet captures (PCAP), and analyzing log of multi- platform/multi-cloud enterprise environments.
Evaluating, generating, and applying detections associated with cyber threat intelligence with a high degree of proficiency.
Coordinating a team of analysts during complex incident response activities.
Communicating effectively with colleagues and senior leadership from technical and non-technical backgrounds on the status of ongoing incident response efforts.
Application procedures are specific to this vacancy announcement. Please read all the instructions carefully. Failure to follow the instructions may result in you not being considered for this position.
Supplementary vacancies may be filled in addition to the number stated in this announcement.
This position has promotion potential to the SK-14.
PROBATIONARY PERIOD: This appointment may require completion of a one-year probationary period.
SECURITY CLEARANCE: Entrance on duty is contingent upon completion of a pre-employment security investigation. Favorable results on a Background Investigation may be a condition of employment or selection to another position.
PERMANENT CHANGE OF STATION (PCS): Moving/Relocation expenses are not authorized.
DIRECT DEPOSIT: All Federal employees are required to have Federal salary payments made by direct deposit to a financial institution of their choosing.
This position is in the collective bargaining unit.
This position is eligible to request telework in accordance with the SEC 's telework policy.
This announcement will close when we have received 150 applications which may be sooner than the closing date.
DRUG TESTING: This position is subjected to drug testing requirements.
Qualifications
All qualification requirements must be met by the closing date of this announcement.
Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
BASIC REQUIREMENT: Possess IT related experience demonstrating each of the four competencies: reviewing work to ensure it is in line with established standards or to identify deficiencies (Attention to Detail); collaborating with customers to identify their information technology needs or to resolve their hardware and software problems (Customer Service); explaining technical information orally to non- technical audiences (Oral Communication); and evaluating alternatives to recommend solutions to hardware or software problems (Problem Solving).
MINIMUM QUALIFICATION REQUIREMENT: In addition to meeting the basic requirement, applicants must also meet the minimum qualification requirement.
SK-14: Applicant must have at least one year of specialized experience equivalent to the GS/SK-13 level: 1) Performing historical and near real-time network traffic and log analysis; 2) performing static and dynamic analysis of suspect websites, documents, binaries, or other artifacts; AND 3) automating analytical tasks related to network defense and incident response.
Additional information
SEC COMPENSATION PROGRAM: The overall salary range listed above is provided for informational purposes as it represents the full range that is applicable to current employees in this occupation/grade; however, a selectee's initial pay is always set below the maximum rate of the range. Please click here for additional information.
IMPORTANT INFORMATION FOR SURPLUS OR DISPLACED FEDERAL EMPLOYEES: Career Transition Assistance Plan (CTAP) and Interagency Career Transition Assistance Plan (ICTAP) are available to individuals who have special priority selection rights under this plan. Individuals must be well-qualified for this position to receive consideration for special priority selection. CTAP or ICTAP eligibles will be considered well-qualified when receiving an adjudicated score of 80 or higher.
Reasonable Accommodation: If you are an applicant who needs a reasonable accommodation for disability to participate in the application process at the SEC, submit the form for Reasonable Accommodation for Participation in Job Application Process here. Please be sure to submit your request at least 5 business days in advance of the date you need the requested accommodation.
Equal Employment Opportunity (EEO) Information for SEC Job Applicants: Federal EEO laws protect all applicants from discrimination on the following bases: race, color, sex (not limited to conduct which is sexual in nature, includes pregnancy, gender identity, sexual orientation, transgender status), age (40 and over), religion, national origin, disability, genetic information, retaliation for participating in the EEO process or opposing discrimination. Applicants who believe they have been discriminated against on any EEO basis can seek recourse through the SEC's administrative complaints process. To be timely, an individual must enter the EEO process within 45 days from when they know (or should have known) of the alleged discrimination. Click here for additional information.
TTY/ASCII: Video Relay Service users are welcome to contact the appropriate SEC office or employee via the contact information listed above. If you do not otherwise have access to a Video Phone or Video Relay service, you may send us an email or use the Federal Video Relay Service via the internet. For more information about using the Federal Relay Service and to create a new account, please see: https://www.federalrelay.us/
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
How you will be evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
This position is being advertised through the Office of Personnel Management's (OPM) Delegated Direct-Hire Authority (5 U.S.C. Section 3304 and 5 CFR Part 337, Subpart B) and is open to All U.S. Citizens. Under this authority, competitive rating, ranking and veterans' preference procedures do not apply.
We will review your resume and supporting documentation to determine if you meet the minimum qualifications for the position. If you meet the minimum qualifications stated in the vacancy announcement, we will compare your resume and supporting documentation to your responses on the occupational questionnaire. Your resume must support your responses to the occupational questionnaire.
Your qualifications will be evaluated on the following competencies (knowledge, skills, abilities and other characteristics):
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
You must provide a complete Application Package, which includes:
Required: Your responses to the Occupational Questionnaire.
Required: Your complete and comprehensive resume that includes a complete history of your work experience and the applicable employment dates with months and years. To determine if you qualify for this position, OHR will review your work history that is relevant to the specific position for which you applied. If you are an external candidate selected for this position, OHR will review your complete work history to establish your starting salary. If you are a current SEC employee selected for this position, the standard percentage increases will be applied (i.e., 6% for non-supervisory and 10% for supervisory positions) if your selection results in a promotion. If your selection results in lateral movement (i.e. no change in grade) you will maintain your current salary.Note: Your resume must directly address the definition of specialized experience listed in the qualification section of this announcement and must NOT contain pictures. For external candidates: Information on how your resume will be used for pay setting purposes can be found here.
Required, if applicable: CTAP/ICTAP documentation (a copy of a separation notice or other proof of eligibility for priority selection; a copy of an SF-50, Notification of Personnel Action, showing current position, grade, promotion potential, and duty location; AND a copy of your most recent performance appraisal.)
If you are relying on your education to meet qualification requirements:
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
To apply for this position, you must complete the online application and submit the documentation specified in the Required Documents section below.
A complete application package must be submitted by 11:59 PM (EST) on the closing date of the announcement to receive consideration.
To begin, click Apply to access the online application. You will need to be logged into your USAJOBS account to apply. If you do not have a USAJOBS account, you will need to create one before beginning the application.
Follow the prompts to select your résumé and/or other supporting documents to be included with your application package. You will have the opportunity to upload additional documents to include in your application before it is submitted. Your uploaded documents may take several hours to clear the virus scan process.
After acknowledging you have reviewed your application package, complete the Include Personal Information section as you deem appropriate and click to continue with the application process.
You will be taken to the online application which you must complete in order to apply for the position. Complete the online application, verify the required documentation is included with your application package, and submit the application.
To verify the status of your application, log into your USAJOBS account (https://my.usajobs.gov/Account/Login), all of your applications will appear on the Welcome screen. The Application Status will appear along with the date your application was last updated. For information on what each Application Status means, visit: https://www.usajobs.gov/Help/how-to/application/status/.
If you are unable to apply online or need to fax a document you do not have in electronic form, view the following link for information regarding an Alternate Application.
Office of Information Technology
100 F Street NE
Washington, DC 20549
US
Next steps
You will be notified of your application status through USAJOBS at four points during the hiring process, as applicable. You can check the status of your application by accessing the USAJOBS website at http://usajobs.gov/ and clicking on "Track Your Online Application."
By submitting your application, you are certifying the accuracy of the information contained in your application. If you make a false statement in any part of your application, you may not be hired, you may be terminated after you begin work, or you may be fined or jailed. After making a tentative job offer, we will conduct a suitability/security background investigation. You will be required to submit official documentation before appointment. The agency will then verify the information provided on your application (i.e., degree, Veterans' Preference, certification of disability, etc.).
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
You must provide a complete Application Package, which includes:
Required: Your responses to the Occupational Questionnaire.
Required: Your complete and comprehensive resume that includes a complete history of your work experience and the applicable employment dates with months and years. To determine if you qualify for this position, OHR will review your work history that is relevant to the specific position for which you applied. If you are an external candidate selected for this position, OHR will review your complete work history to establish your starting salary. If you are a current SEC employee selected for this position, the standard percentage increases will be applied (i.e., 6% for non-supervisory and 10% for supervisory positions) if your selection results in a promotion. If your selection results in lateral movement (i.e. no change in grade) you will maintain your current salary.Note: Your resume must directly address the definition of specialized experience listed in the qualification section of this announcement and must NOT contain pictures. For external candidates: Information on how your resume will be used for pay setting purposes can be found here.
Required, if applicable: CTAP/ICTAP documentation (a copy of a separation notice or other proof of eligibility for priority selection; a copy of an SF-50, Notification of Personnel Action, showing current position, grade, promotion potential, and duty location; AND a copy of your most recent performance appraisal.)
If you are relying on your education to meet qualification requirements:
Failure to provide all of the required information as stated in this vacancy announcement may result in an ineligible rating or may affect the overall rating.
To apply for this position, you must complete the online application and submit the documentation specified in the Required Documents section below.
A complete application package must be submitted by 11:59 PM (EST) on the closing date of the announcement to receive consideration.
To begin, click Apply to access the online application. You will need to be logged into your USAJOBS account to apply. If you do not have a USAJOBS account, you will need to create one before beginning the application.
Follow the prompts to select your résumé and/or other supporting documents to be included with your application package. You will have the opportunity to upload additional documents to include in your application before it is submitted. Your uploaded documents may take several hours to clear the virus scan process.
After acknowledging you have reviewed your application package, complete the Include Personal Information section as you deem appropriate and click to continue with the application process.
You will be taken to the online application which you must complete in order to apply for the position. Complete the online application, verify the required documentation is included with your application package, and submit the application.
To verify the status of your application, log into your USAJOBS account (https://my.usajobs.gov/Account/Login), all of your applications will appear on the Welcome screen. The Application Status will appear along with the date your application was last updated. For information on what each Application Status means, visit: https://www.usajobs.gov/Help/how-to/application/status/.
If you are unable to apply online or need to fax a document you do not have in electronic form, view the following link for information regarding an Alternate Application.
Office of Information Technology
100 F Street NE
Washington, DC 20549
US
Next steps
You will be notified of your application status through USAJOBS at four points during the hiring process, as applicable. You can check the status of your application by accessing the USAJOBS website at http://usajobs.gov/ and clicking on "Track Your Online Application."
By submitting your application, you are certifying the accuracy of the information contained in your application. If you make a false statement in any part of your application, you may not be hired, you may be terminated after you begin work, or you may be fined or jailed. After making a tentative job offer, we will conduct a suitability/security background investigation. You will be required to submit official documentation before appointment. The agency will then verify the information provided on your application (i.e., degree, Veterans' Preference, certification of disability, etc.).
Fair and transparent
The Federal hiring process is set up to be fair and transparent. Please read the following guidance.
