Clarification from the agency

Internal Permanent Air Force Employees currently serving in the Information Technology Management Career Field ONLY

1. In a Career Broadening capacity, provides technical guidance and activities to the J631. Develops and maintains working relationships with professional peers authorized to represent the Command's external program partners (e.g., DISA, NSA, Services, Gov't Agencies). Makes appropriate use of these working relationships to further the creation of cross- organizational Cyber Defense functional capabilities and processes, which the Command may draw upon on short notice, as needed to access highly-specialized SME resources and facilitate collaborative action to counter emergent threats to the GIG. Represents the J6 and Command as an actively participating member of cross organizational (i.e., DoD enterprise, inter-agency) working groups and meetings (some face-to-face and some accomplished via VTCs) to foster support for the Command's proposed cyber operations strategies and priorities among professional peers who are influencers in their "parent" organizations, and make appropriate offers of guidance and support, as such authority is delegated. Proposes efforts to identify/evaluate new J631 Defensive Cyber Operations methods and tools for suitability to support strategic analyses and dissemination of analysis data. Enhances the Cyber Defense's organization's efficiency and quality of production by identifying new products, including existing commercial or Government (i.e., COTS/GOTS) products that may serve as a baseline for development of unique capabilities, and business processes to apply to the mission.

2. Serves as a Career Broadener, leads and personally contributes expertise to preliminary analyses of issues concerning the J63 operations and to conduct direct defensive cyber operations across the command. Advises the J6 as to what team and other specialized SME resources should be leveraged to provide in-depth assessment of issues identified as requiring high priority. Provides expertise of DoD C4 cyber program objectives and priorities to make recommendations/determinations of action in cases where the situation is not clear-cut, and forwards these for consideration by the J6. Advises and advocates for additional cyberspace capabilities in support of USSTRATCOM objectives and operations. Provides broad-based functional expertise and comprehensive of JCC requirements to identify the need for and promote internal coordination among USSTRATCOM functional areas to ensure that operational requirements are exposed, documented, and promulgated (in collaboration with J3) for development and
delivery.

3. In a Career Broadening capacity, serves as a lead technical oversight of command proactive defensive cyber operations. Drives the development of long- and short-term plans and policies for the Network Threat Response, Vulnerability Management, and Cyber Threat Analysis teams IAW all relevant policies and guidance. Leads the technical development, review, and/or coordination of Defensive Cyber Operations packages for the Headquarters
and Component Commands. Provides authoritative interpretations and prepares/briefs recommended actions to CDRUSSTRATCOM. Will coordinate with 16th AF, Cyber Operations Integrated Planning Element (COIPE) and J3 Joint Cyber Center to synthesizes the work efforts of Cyber Defense sections to develop in-depth understanding of the cyber threats, vulnerabilities, as well as potential impacts and consequences to USSTRATCOM in order to provide effective and proactive risk mitigations. Leads Tier-1 Globally Integrated Exercises for the J63. Develops Joint training objectives and attends exercise inject planning meetings. Additionally, leads technical teams through incident response, analysis, and reporting across each phase of the cyber incident management lifecycle ensuring response efforts against cyberspace intrusions are sufficient to mitigate immediate and emergent threats.

4. As a Career Broadener, serves as a technical and subject matter expert and principal advisor. Serves as a principal staff advisor on a wide-range of cyber threat and vulnerability topics affecting USSTRATCOM and/or the DoD. Establishes, develops, and maintains effective working relationships with SES and general/flag officer (GO/FO)-level officials in USSTRATCOM, Joint Staff, USCYBERCOM, JFHQ-DODIN, NITTF, other DoD agencies (DIA, DISA, etc.), NSA, National Guard, supported Component Commands, international coalition partners, non-government organizations, local installation points of contact, and cyber industry professionals. Meets with key customers, coordinating officials, and senior leadership to communicate technical and mission implications of cyberspace issues to non-technical personnel; and prepares and presents information and decision briefings to senior
management officials on complex and controversial issues regarding cyber. Leads the review, evaluation, and recommendation of cyber capabilities, tools, methodologies, and techniques for conducting defensive cyber operations at USSTRATCOM.

Conditions of employment

• U.S. Citizenship is required
• Employee must obtain and maintain a TOP SECRET/SPECIAL COMPARTMENTED INFORMATION (TS/SCI) security clearance as a condition of employment.
• If authorized, PCS will be paid IAW JTR and AF Regulations. If receiving an authorized PCS, you may be subject to completing/signing a CONUS agreement. More information on PCS requirements, may be found at: https://afciviliancareers.com/regulatory/
• PCS cost will be paid IAW Career Broadening Policy under this agreement.
• Career Broadening positions are managed by AFPC/DPCZ and are centrally funded.
• Positions are established specifically to provide developmental experience designed to broaden the skills and/or enhance the leadership perspective of a high-potential, mid-level manager.
• Career Broadening also provides training and developmental opportunities at various organizational levels.
• These assignments offer the qualified candidate a unique assignment in that the candidates brings certain experience to the assignment while gaining new experiences in a different work environment
• TEMPORARY PROMOTION: If the position is filled as a temporary promotion, upon completion of the career broadening assignment, the temporary promotion may lead to permanent promotion without further competition
• This position has been designated by the Air Force as a Testing Designated Position (TDP) under the Air Force Civilian Drug Testing Program.
• Travel by regularly scheduled commercial or military conveyances IAW Joint Travel Regulations may be required in performance of TDY
• Overtime and/or emergency overtime may be required
• Disclosure of Political Appointments
• Recall to duty may be a requirement of this position.
• Mobility is a condition of employment. Employee must sign AF-wide mobility agreement.
• IA Certification is a condition of employment and must be achieved within 6-months of assignment. A waiver of this 6-month requirement may be granted. Failure to receive the proper IA certification may result in removal.

Qualifications

In order to qualify, you must meet the specialized experience requirements described in the Office of Personnel Management (OPM) Qualification Standards for General Schedule Professional and Scientific Positions,

SPECIALIZED EXPERIENCE: Applicants must have at least one (1) year of specialized experience that equipped the applicant with the knowledge, skills, and abilities (KSAs) to successfully perform the duties of the position, and that is typically in or related to the position to be filled. To be creditable, the specialized experience must have been at the GS-13 (or higher) level or equivalent under other pay systems in the federal service.

FEDERAL TIME-IN-GRADE (TIG) REQUIREMENT FOR GENERAL SCHEDULE (GS) POSITIONS: Applicants must have served at least 52 weeks at the GS-13 or higher grade (or equivalent in an alternate pay system) within the Federal Civil Service to be considered for referral. TIG applies if you are in a current GS position or held a GS position within the previous 52 weeks.

KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas:

1. Knowledge of a full range of IT and cybersecurity principles, concepts, and methods as well as risk management processes (e.g., methods for assessing and mitigating risk), specific operational impacts of cybersecurity lapses and their application to the organization's core mission processes, and emerging technologies that have potential for exploitation by adversaries sufficient to provide expert technical advice to management on a wide range of complex IT issues, to manage the evaluation of risks and vulnerabilities, to oversee the development of mitigating improvements, and to manage the dissemination of IT security tools and procedures.

2. Knowledge of computer networking concepts and protocols (e.g., TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services); network security methodologies and architecture concepts including topology, components, and principles (e.g., application of defense-in-depth); and related computer disciplines such as systems, communication lines, intrusion detection systems, firewalls, and routers as they relate to computer network defense (CND) operations and environments.

3. Knowledge of cyber threats, vulnerabilities, and attack methodologies and stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks); threat types and capabilities; different classes of attacks (e.g., passive, active, insider, close-in, distribution); and system and application threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return oriented
attacks, and malicious code).

4. Knowledge of complex cyber forensics, cyber threat, and intrusion detection concepts, disciplines, methodologies, and techniques for detecting host and network-based intrusions via intrusion detection technologies sufficient to oversee the development of countermeasures to classified and unclassified computer network and system attacks.

5. Knowledge of advanced incident management, analysis, and response concepts and procedures; incident categories, incident responses, and timelines for responses; incident response and handling methodologies; and computer security incident response processes including countermeasure mitigation strategies, malware analysis, network traffic analysis, and network system analysis/forensics.

6. Knowledge of vulnerability management processes and procedures; vulnerability categories, responses, and timelines for response; as well as computer network defense and vulnerability assessment tools (commercial and open source) and their capabilities, network traffic analysis tools, identification and authentication technologies, Security Information and Event Management (SIEM) tools, firewalls, malicious code identification tools, intrusion detection/prevention tools, proxies, email security filters, and vulnerability scanning tools among other technologies designed to protect systems and networks.

7. Skill in conducting technical and non-technical risk and vulnerability assessments, in administering and utilizing vulnerability scanning tools to protect systems and networks; in using network analysis tools to identify vulnerabilities; and in recognizing and categorizing types of vulnerabilities and associated attacks.

8. Ability to communicate effectively, clearly, interpret, implement, and apply Federal cybersecurity and cyber defense laws, policies, regulations, procedures, standards, and compliance measures to command information systems and to the development of policy, plans, and strategies in support of cyber activities and the DoD Information Network (DODIN) security posture.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

Your application package (resume, supporting documents, and responses to the questionnaire) will be used to determine your eligibility, qualifications, and quality ranking for this position. Please follow all instructions carefully. Errors or omissions may affect your rating or consideration for employment.

Your responses to the questionnaire may be compared to the documents you submit. The documents you submit must support your responses to the online questionnaire. If your application contradicts or does not support your questionnaire responses, you will receive a rating of "not qualified" or "insufficient information" and you will not receive further consideration for this job.

Applicants who disqualify themselves will not be evaluated further.

APPRAISALS/AWARDS: Hiring Managers use objective methods and consider previous performance appraisals and awards in the selection process. Current Federal Civilian employees should list any relevant performance related rating and/or awards in your resume.