DHS Cybersecurity Service (DHS-CS) uses a multi-phase assessment process to qualify applicants seeking employment through the DHS-CS. Given the ever-advancing nature of cybersecurity and the ongoing need for cybersecurity talent, DHS-CS uses "Talent Pools" to pull qualified applicants (i.e., individuals who have successfully completed the multi-phase assessment process for their capability and career track/level) for consideration for these jobs.

This announcement is being used to fill the Physical, Embedded, and Control Systems Security (PECSS) Talent Pool. By applying to this job announcement, you are opting to be part of the DHS-CS Talent Pool for ongoing consideration for employment for relevant open jobs and will remain eligible for consideration for up to one year from the date of completion.

• Supporting designs, protocols, and physical configurations of "purpose-built interconnected systems," such as industrial control systems (ICS), physical systems, and embedded systems - And define and/or implement comprehensive countermeasures to detect threats and support activities to maintain the cybersecurity posture of these systems.
• Researching technical and nontechnical risk and vulnerability assessments of Information and Operational Technology (IOT) environments and proactively identifying significant cybersecurity challenges to be addressed, such as ICS/Supervisory Control and Data Acquisition (SCADA)/Distributed Control Systems (DCS), local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications.
• Actively supporting the effectiveness of security controls.
• Engaging with other experts in cybersecurity risk assessment, automated information sharing, threat analysis, vulnerability management, and network defense to support customer efforts for ensuring holistic, integrated views of security threats to an organization, the Department, or the Nation's security posture.
  • Using Security Information and Event Management (SIEM) technologies to monitor alerts, triage activity, and analyze network traffic to provide ongoing analysis on potentially malicious activity.
  • Proactively analyzing network traffic for patterns using analytic tools and data science methodologies.
  • Supporting efforts to identify, develop, share or otherwise contextualize cyber indicators to maintain constant awareness of the status of the highly dynamic operating environment.
  • Collecting, processing, analyzing, and disseminating cyber warning assessments.
  • Presenting and explaining findings and recommending action based on cybersecurity threat analysis including insider threats, to determine their probability and consequences.
  • Supporting mitigation strategies by performing scanning and probing activities to augment assessment.

Conditions of employment

• You must be a U.S. Citizen or national.
• You must be 18 years of age.
• Must be registered for the Selective Service (if you are a male).
• Must be able to obtain and maintain a security clearance. Security clearance levels may vary.
• Must be able to submit to a drug test and receive a negative result.
• Must be able to comply with ethics and standards of conduct requirements, including completing any applicable financial disclosure.
• May be required to serve a 3 year probationary period.
• While many of these positions are considered telework eligible, some individuals must live within 2 hrs driving distance to a DHS SCIF in either Chandler, AZ; Stennis, MS; Idaho Falls, ID; Arlington, VA; Pensacola, FL; Springfield, VA or D.C.
• Remote work may be available for some positions.

Qualifications

This position is in the Developmental Track at the Associate Cybersecurity Specialist career level. At this level, individuals generally:

• Have 3+ years of cybersecurity work experience, and
• Can serve as a cybersecurity professional with some experience who applies still-burgeoning technical expertise to perform routine work with significant supervision and clear guidance.

• Understand designs, protocols, and physical configurations of purpose-built interconnected systems-such as industrial control systems, physical systems, and embedded systems-and can define and implement comprehensive countermeasures to detect threats and maintain the overall cybersecurity posture of these systems.

• Certified Information Systems Security Professional (CISSP)
• Global Industrial Cyber Security Professional (GICSP)
• ISA/IEC Cybersecurity Risk Assessment Specialist
• Security+

• Tools: Wireshark, Nmap, Tenable, Defender for IoT, Kali, Cobalt Strike, Splunk Technologies, network infrastructure, boundary protection devices, enterprise LAN/WAN, ICS/SCADA
• Industries: FCEB Enterprise, SLTT, ICS/OT environments of critical infrastructure sectors

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

All DHS Cybersecurity Service applicants participate in a multi-phase assessment process, which varies by career track. For the Developmental Career Track, applicants participate in a two-phase assessment process:

• You must successfully complete each phase to advance to the next phase.
• The total time commitment for the two phases is approximately 3 hours (many applicants require less time!)
• Before each phase, DHS will e-mail you instructions and information to help you prepare.
• Monitor your e-mail to ensure you have plenty of time to complete assessments prior to any deadlines or request an extension, if necessary

• Unproctored - Completed online within a prescribed period of time.
• Includes two assessments: (1) a work styles inventory that will take about 30 minutes to complete; (2) a work simulation that you will have up to 2 hours to complete.
• The two assessments take about 90 minutes (on average) to complete.
• Requires a computer with audio (speakers or headphones) and a reliable internet connection.
• No knowledge of DHS or cybersecurity is required for these assessments, which measure non-technical capabilities that are important for professional success in the DHS Cybersecurity Service. This includes how you communicate, analyze information, and collaborate with others:
• • The work styles inventory presents you with questions about your work-related interests and preferences.
  • The work simulation presents you with realistic, work-related scenarios and asks you to respond to them.

PHASE II: TECHNICAL CAPABILITY ASSESSMENT

• Proctored - must be scheduled in advance and completed at a designated assessment center and within a prescribed period of time
• There is a different assessment for each DHS Cybersecurity Service technical capability (visit Jobs to learn more about the technical capabilities).
• Most individuals only have a primary technical capability and complete only one Technical Capability Assessment, but in limited circumstances, you may complete a second Technical Capability Assessment.
• You will have up to 2.5 hours to complete each Technical Capability Assessment; each takes about 90 minutes (on average) to complete.
• Assessments present realistic, work-related cybersecurity scenarios and questions to assess technical skills.
• Cybersecurity knowledge is assessed, but no knowledge of DHS is required.