IT CYBERSECURITY SPECIALIST (INFOSEC) with Security Clearance - Now Hiring

Location FEW vacancies in the following location: Arlington * Remote job No * Telework eligible Yes-as determined by the agency policy. * Travel Required Occasional travel - You may be expected to travel for this position. * Relocation expenses reimbursed No * Appointment type Permanent - * Work schedule Full-time - * Service Competitive * Promotion potential 14 * Job family (Series) 2210 Information Technology Management * Supervisory status No * Security clearance * Drug test Yes * Position sensitivity and risk Special-Sensitive (SS)/High Risk * Trust determination process Suitability/Fitness * Announcement number CSD-DHA-11869040-23-LE * Control number 710498500 Duties Joining CISA means being part of the team focused on securing the Nation's physical and cyber infrastructure against threats to public health and safety, economy, and national security. Within CISA, Cybersecurity Division. Visit www.cisa.gov to learn more about CISA and how you can be part of the team to Defend Today; Secure Tomorrow. In this position, you will serve as an Engagement Lead within a 24x7x365 cyber incident response team that is responsible for performing the following tasks: * Oversees and coordinates response to cyber incidents of national significance * Performs analysis that involves advising customers on strategies to protect and secure sensitive information and systems * Performs incident triage by recommending scope, urgency, and potential impact, and collaborating with other reporting agencies/system owners. Perform command and control functions in response to incidents. Using security monitoring tools to capture real-time traffic spawned by any running malicious code. Collects, analyzes, and correlates events and alerts from multiple enterprise systems (e.g., IDS, security event logs, and operating system event logs, etc.) to investigate and/or research cyber security incidents. * Communicates information relevant to cyber defense for reporting and awareness. Correlates incident data to identify exploited vulnerabilities and makes recommendations that enable expeditious remediation. Provides technical summaries of findings in accordance with established reporting procedures. * Performs modeling, detection, and hunting for indications of threat actor activity in managed services, such as IaaS, PaaS, and SaaS architectures and maintains expertise on standard and cloud security architectures, technology landscapes, and the incident response nexus for hosted environments. Seeks and develops solutions for effective modernization of threat hunting techniques using cloud technologies, and harmonizes techniques and technology with cloud technologies in adjacent divisions to maximize cost savings and efficiencies to CISA. * Maintains proficiency in forensic investigation of threat actor activity as it relates to endpoint and host forensic technologies. Leaders will be considered subject matter experts in investigating memory, disk, and Endpoint Detection and Response (EDR) platforms to discover intrusion artifacts on live systems as well as historic artifacts. * Maintains rich expertise in developing tradecraft to identify attackers living off the land, obscuring artifacts with anti-forensics techniques, and the challenges around the use of modern encryption and distributed data platforms. * Hunt leaders will maintain proficiency in the general structures and methodologies found in the 16 critical infrastructure sectors. * Represents the agency at conferences, meetings, and interagency working groups in order to discuss new technologies that may be presented at an advanced technical level, for the purpose of assisting in the implementation of technologies deemed useful to the program. * Other Duties as Assigned Requirements Conditions of Employment * You must be a U.S. citizen to apply for this position. * You must successfully pass a background investigation. * Selective Service registration required. * You must be able to obtain and hold a TS/SCI security clearance. * New employees must serve a one year probationary period. * You must submit to a drug test and receive a negative test result prior to appointment to this position. After appointment, you may be subject to periodic random drug testing. * Relocation expenses are not authorized. Other recruitment incentives may be authorized. * This position has been designated excluded from bargaining unit representation under the national security provision of 5 U.S.C. § 7112(B)(6). * All employees are required to participate in Direct Deposit/ Electronic Funds Transfer for salary payments. * Applying to this announcement certifies that you give permission for DHS to share your application with others in DHS for similar positions. * This position may be designated as essential personnel. Essential personnel must be able to serve during continuity of operation events without regard to declarations of liberal leave or government closures due to weather, protests, and acts of terrorism or lack of funding. Failure to report for or remain in this position may result in disciplinary or adverse action in accordance with applicable laws, rules, and regulations (5 U.S.C. § 7501-7533 and 5 CFR Part 752, as applicable). * Any offers of employment made pursuant to this announcement will be consistent with all applicable authorities, including Presidential Memoranda, Executive Orders, interpretive U.S. Office of Management and Budget (OMB) and U.S. Office of Personnel Management (OPM) guidance, and Office of Management and Budget plans and policies concerning hiring. These authorities are subject to change. * More than one selection may be made from this announcement. * Appointments are subject to the availability of funds. Qualifications You qualify for the GS-13 and GS-14 grade levels if you possess information technology related experience demonstrating each of the four required competencies: * Attention to Detail: Is thorough when performing work and conscientious about attending to detail. * Customer Service: Works with clients and customers to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. * Oral Communication: Expresses information to individuals or groups effectively, taking into account the audience and nature of the information; makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. * Problem Solving: identifies problems; determines accuracy and relevance of information; uses sound judgement to generate and evaluate alternatives, and to make recommendations. GS-13: In addition to the above requirement you must have at least one year of specialized experience at the GS-12 grade level performing the following duties: * Planning and implementing cyber operations related to areas that may need support; * Managing cyber incidents and cyber incident responses of organization significance; * Utilizing cyber intrusion detection technologies (i.e. intrusion detection systems (IDS)/ Intrusion Prevention Systems (IPS) tools and applications to identify intrusions; * Managing and analyzing Information Technology, Operational Technology cybersecurity data to include Full Packet Capture; and * Excellent communication skills written and oral. GS-14: In addition to the above requirement you must have at least one year of specialized experience at the GS-13 grade level performing the following duties: * Evaluating cyber operations to determine areas that need support; * Developing crisis action plans for cybersecurity operations; * Analyzing cyber threats and vulnerabilities; * Managing Network security applications, devices and software such as, encryption, firewalls, demilitarized zones, etc. * Manageing and analyzing various Information Technology, Operational Technology cybersecurity data to include Full Packet Capture; and * Excellent communication skills written and oral National Service Experience (i.e., volunteer experience): Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office. Qualifications Must Be Met The qualification requirements listed above must be met by the closing date of this announcement. Education Education is not considered at the announced GS level. Additional information Due to COVID-19, the component is currently in an expanded telework posture. Therefore, if selected, you may be expected to temporarily telework, even if your home is located outside the local commuting area. DHS offers competitive salaries and an attractive benefits package, including: health, dental, vision, life, and long-term care insurance; retirement plan; Thrift Savings Plan [similar to a 401(k)]; Flexible Spending Account; Employee Assistance Program; personal leave days; and paid federal holidays. Other benefits may include: flexible work schedules; telework; tuition reimbursement; transportation subsidies; uniform allowance; health and wellness programs; and fitness centers. DHS is committed to employee development and offers a varie