Cybersecurity Incident Response Team Lead

This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one-year probationary period.

The official title of this position is IT Cybersecurity Specialist (INFOSEC) GS-2210-13/14.

Qualifications:

Do NOT copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications for this position. Your resume must describe your work and experience, in your own words.

To be considered minimally qualified for this position, you must demonstrate that you have the required competencies and experience for the respective grade level in which you are applying:

BASIC REQUIREMENT:

REQUIRED COMPETENCIES: Experience must be Information Technology (IT)-related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.

You must have IT-related experience demonstrating each of the 9 competencies listed below:

1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Minimum Proficiency Level: 4
2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Minimum Proficiency Level: 4
3. Decision Making - Makes sound, well-informed, and objective decisions; perceives the impact and implications of decisions; commits to action, even in uncertain situations, to accomplish organizational goals; causes change. Minimum Proficiency Level: 4
4. Information Management - Identifies a need for and knows where or how to gather information; organizes and maintains information or information management systems. Minimum Proficiency Level: 4
5. Interpersonal Skills - Shows understanding, friendliness, courtesy, tact, empathy, concern, and politeness to others; develops and maintains effective relationships with others; may include effectively dealing with individuals who are difficult, hostile, or distressed; relates well to people from varied backgrounds and different situations. Minimum Proficiency Level: 4
6. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Minimum Proficiency Level: 4
7. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Minimum Proficiency Level: 4
8. Teamwork - Encourages and facilitates cooperation, pride, trust, and group identity; fosters commitment and team spirit; works with others to achieve goals. Minimum Proficiency Level: 4
9. Technical Competence - Uses knowledge that is acquired through formal training or on-the-job experience to perform one's job; works with, understands, and evaluates technical information related to the job; advises others on technical issues. Minimum Proficiency Level: 4

AND

MINIMUM QUALIFICTIONS:

SPECIALIZED EXPERIENCE: In addition to meeting the qualification requirement listed above, you must have at least one year of specialized experience at the next lower GS-grade level (or equivalent). Specialized experience is experience that has equipped you with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT.

GS-13
You qualify at the GS-13 grade level if you have at least one (1) year of specialized experience at the GS-12 grade level (or equivalent) performing the following duties:

1. Planning and implementing cyber operations related to areas that may need support;
2. Managing cyber incidents and cyber incident responses of organization significance;
3. Utilizing cyber intrusion detection technologies (i.e. intrusion detection systems (IDS)/ Intrusion Prevention Systems (IPS) tools and applications to identify intrusions); AND
4. Analyzing Information Technology and Operational Technology cybersecurity data to include Full Packet Capture.

GS-14
You qualify at the GS-14 grade level if you have at least one (1) year of specialized experience at the GS-13 grade level (or equivalent) performing the following duties:

1. Evaluating and developing action plans for cybersecurity operations to determine areas that need support;
2. Analyzing cyber threats and vulnerabilities;
3. Managing Network security applications, devices and software such as, encryption, firewalls, demilitarized zones, etc.; AND
4. Managing and analyzing various Information Technology, Operational Technology cybersecurity data to include Full Packet Capture.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

All qualification requirements must be met by the closing date of this announcement.

Responsibilities:

The Cybersecurity Division (CSD) leads cybersecurity efforts for CISA as the Nation's flagship civilian cyber defense organization. CSD collaborates with partners across the government and private sector to enhance the Nation's cybersecurity by sharing information, providing cybersecurity services and technical assistance, as well as through education and awareness.

At full performance level, typical work assignments include, but are not limited to:

• Serving as an incident response lead, proactive/persistent hunt lead, project/technical lead, and formal section leadership for Hunt Branch.
• Leading teams to respond to critical network intrusions in the Federal Government, SLTT, and the nation's Critical Infrastructure and Key Resources (CI/KR).
• Initiating and implementing/supporting complex Information Technology (IT) and Operational Technology (OT) security projects and initiatives in support of CISA's operational mission. The
• Developing and providing briefings for senior government officials, including congressional members and staff, as well as senior management at private sector organizations on incidents of national importance.
• Overseeing and coordinating analysis and development of capabilities as it relates to network analysis and network device integrity for incident response and proactive threat hunting.
• Providing leadership and program management for large scale contracts and procurements, identifying technical roadmaps for the use of new and emergent technology to maximize hunt capabilities through network, endpoint, ICS/OT, and cloud-based analysis.
• Maintaining expertise with IT and OT security policy development and implementation.
• Representing the agency at conferences, meetings, and interagency working groups in order to discuss new technologies that may be presented at an advanced technical level, for the purpose of leading in the implementation of technologies deemed useful to the program.

Salary : $121,785