Clarification from the agency

UNITED STATES CITIZENS MAY APPLY (no prior federal experience is required). This position will be filled through the Office of Personnel Management's delegated Direct Hire Authority (DHA). Veteran's Preference does not apply to this announcement.

Videos

The primary purpose of the position is to assess the impact of forecasted changes in technology and business requirements on the agency’s long-range Information Technology (IT) cybersecurity plans and recommend appropriate changes to goals and strategies. The work involves developing, implementing, and ensuring compliance with IT cybersecurity plans and policies; serving as the incident response coordinator for cyber security operations, analyzing cyber events occurring in the agency’s network environment; monitoring network activity; analyzing evidence of suspicious behavior; implementing and managing cyber defense tools; conducting assessments of threats and vulnerabilities; testing and implementing new technologies; and determining deviations from acceptable network configurations and policies assessing the level of risk, and recommending appropriate mitigation countermeasures to top-level management.

The Cybersecurity Specialist (Cyber Operations & Incident Responder) serves as a recognized authority in leading and establishing the framework for CPSC Cybersecurity Information Security IT programs. Assesses and anticipates the effects of new emerging technology and develops policies to prevent cybersecurity violations and govern activities. Develops and maintains strategic plans to define current and future cybersecurity requirements and establish metrics to measure and evaluate systems performance. Represents the agency on interagency committees and participates in high- level collaboration, coordination, decision-making meetings, and conferences regarding classified and unclassified cybersecurity programs and projects. Briefs senior agency management on the status of committee activities and decisions made.

The duties of this position include:

• Monitoring agency network activities and cyber incident response activities. Analyzing evidence of suspicious behavior to identify and report events that occur or may occur within the network to protect the information, systems, and networks from threats. Advising top- level management on immediate and long-term measures that must be taken in accordance with the level of risk involved, including exploring new concepts and technologies.
• Analyzing cyber events and the network environment to find trends, patterns, or anomaly correlations that indicate more serious attacks or future threats. Developing new policies, procedures, standards, methods, techniques, and solutions to highly complex technical issues; evaluating the impact of technological change; and recommending proactive measures to contain identified incidents.
• Reviewing data collected from various cyber defense tools (e.g., Intrusion Detection System (IDS) alerts, firewalls, network traffic logs) to analyze events within the operating environment and identify and mitigate threats and deter future security attacks. Responds to security alerts indicating possible cyber events.
• Performing real-time cyber defense incident handling (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation) tasks to support the agency’s Cyber Security Incident Response Team (CSIRT).
• Performing malware and system forensic analysis. Capturing and analyzing network traffic associated with malicious activities using network monitoring tools. Correlating incident data and develops cyber defense reports for top-level management review.
• Evaluating and recommending the acquisition of IT security tools. Installing and configuring new hardware, software, and peripheral equipment to support IT security tools in accordance with agency standards.

Conditions of employment

• U.S. Citizenship Required.
• A background investigation is required.

Must be a U.S. Citizen.

This is a Public Trust Position. Employment in this position requires a background investigation. If you are selected and cannot meet the criteria requirement for the pre-employment waiver and/or a favorable suitability determination within a reasonable period of time due to disclosed or undisclosed background issues, the employment offer may be withdrawn.

If you are a male born after December 31, 1959 you must certify that you have registered with the Selective Service System, or are exempt from having to do so under the Selective Service Law. Please see http://www.sss.gov for more information.

Selectees will be required to complete a "Declaration of Federal Employment", (OF-306), prior to appointment and the appropriate background investigation forms to determine suitability for Federal employment.  False statements or responses on these forms can jeopardize your employment opportunity and subject you to disciplinary action, including removal from Federal service.

The selectee will be required to complete a Personal Identity Verification (PIV) process that requires two forms of identification from the I-9 Form. We will compare information provided on the I-9 Form to records available from the U.S. Department of Homeland Security.  The system confirms employee’s identity and eligibility to work in the United States. Learn more about E-Verify, including your rights and responsibilities.

As a condition of employment for accepting this position, if converted, you will be required to serve a 1-year probationary period (depending on your status) during which we will evaluate your fitness and whether your continued employment advances the public interest. In determining if your employment advances the public interest, we may consider:

• your performance and conduct;
• the needs and interests of the CPSC;
• whether your continued employment would advance organizational goals of the CPSC or the Government; and
• whether your continued employment would advance the efficiency of the Federal service.

Upon completion of your probationary period your employment will be terminated unless you receive certification, in writing, that your continued employment advances the public interest.

Qualifications

All applicants must have 52 weeks of specialized experience equivalent to at least the next lower grade level in the Federal Service. Specialized experience is experience that has equipped the candidate with the particular knowledge, skills, and abilities to perform successfully the duties of the position.

Qualifying specialized experience must demonstrate the following: 

1) Experience applying cyber security and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data; 2) experience in Azure Cloud security; 3) experience in incident response and handling methodologies; 4) knowledge of NIST Special Publications (e.g., SP 800-53, SP 800-37, etc.); 5) experience in vulnerability identification, scanning, management and remediation; and 6) ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

Evidence of the above specialized experience must be supported by detailed documentation of duties performed in positions held.  Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position. Therefore, we encourage you to be clear and specific when describing your experience. We will not make assumptions regarding your experience or based on job titles alone.  If your resume does not support your questionnaire answers, we will not allow credit for your response(s).

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

Applicants must meet the qualifications for this position by the closing date of this announcement.

In addition to the above specialized experience, applicants must also meet the IT-Related proficiency level for all four of the competencies listed below:

1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Evidence of the above specialized experience and IT-related proficiency must be supported by detailed documentation of duties performed in positions held.  Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position. Therefore, we encourage you to be clear and specific when describing your experience.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

After the vacancy closes, we will review your application package to determine if you meet the minimum qualifications for the position. If you meet the minimum qualifications, your resume and supporting documentation will then be reviewed.  Your resume must contain sufficiently detailed information upon which to make a qualification determination. Please ensure that your resume contains specific information such as position titles, beginning and ending dates of employment for each position, average number of hours worked per week, salary, duties performed for each position, and if the position is/was in the Federal government, you should provide the position series and grade level/pay band. The best-qualified candidates will be identified for referral to the hiring manager and may be invited to an interview. Qualified candidates will be considered in accordance with the Office of Personnel Management Direct Hire Guidelines.

RESUME: All applicants are required to submit a resume limited to two (2) pages (i.e., 1 page that is double-sided or 2 pages that are one-sided each) showing all relevant experience.

CTAP/ICTAP candidates will be eligible for selection priority if it is determined that they have exceeded the minimum qualifications for the position by attaining at least a "well qualified" rating (Rating of at least 85 out of 100).

Veterans' Preference does not apply to the direct hire recruitment procedures. Selections made under this notice will be processed as new appointments to the civil service. You may not be considered for the position if any part of the application is incomplete. Your application may not receive appropriate consideration without the required supporting documentation.