About this role
Job SummaryClick on "Learn more about this agency" button below to view Eligibilities being considered and other IMPORTANT information. The primary purpose of this position is to conduct a wide variety of complex digital forensic examinations to include but not limited to peripheral equipment and other automation/data storage devices, mobile and other electronic devices which connect to the internet; as well as various other forms of digital evidence.
QualificationsCONTINUE OF CONDITIONS OF EMPLOYMENT: Cyberspace Qualification is a condition of employment. This position includes Cyberspace work as a paramount. Per DoDM 8140.03, para 4.2.a.(2)., requires foundational qualification requirements within 9 months of assignment to a cyberspace work role Per DoDM 8140.03, para 4.2.a.(2)., requires foundational qualification requirements within 9 months of assignment to a cyberspace work role and resident qualification requirements within 12 months of assignment to a cyberspace work role. A waiver of these requirements may be granted per DoDM 8140.03. Failure to achieve and maintain the proper Cyberspace Qualification may result in removal from this position. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ LEARN MORE ABOUT THIS AGENCY The mission of the United States Air Force is: To fly, fight, and win ... Airpower anytime, anywhere. To achieve that mission, the Air Force has a vision of Global Vigilance, Global Reach and Global Power. That vision orbits around three core competencies: Developing Airmen, Technology-to-Warfighting and Integrating Operations. Core competencies and distinctive capabilities are based on a shared commitment to three core values -- integrity first, service before self, and excellence in all we do. Click here to view the AF Civilian Employment Eligibility Guide: 30 Percent or More Disabled Veterans AF DCIPS Interchange AF Internal Employee DoD Transfer (Excluding Air Force) Former Federal Employees (Reinstatement) Interagency Career Transition Assistance Plan Land Management Employee National Service (Peace Corps and VISTA) Non-AF DCIPS Interchange Non-Appropriated Fund Non-DoD Transfer Other (Interchange Agreements) Overseas - Excepted Service Family Member Overseas - Family Member Preference Overseas - Military Spouse Overseas Family Member Preference with Veteran Preference Overseas Military Spouse Preference with Veteran Preference People with Disabilities, Schedule A PPP DoD Retained Grade Preference Eligible Veterans Employment Opportunities Act QUALIFICATIONS: In order to qualify, you must meet the Experience requirements described in the Office of Personnel Management (OPM) Qualification Standards for General Schedule Positions, Information Technology (IT) Management Series, GS-2210 (Alternate A) https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/ SPECIALIZED EXPERIENCE: Applicants must have at least one (1) year of specialized experience at the next lower grade GS-13, or equivalent in other pay systems. Examples of specialized experience includes Application of advanced concepts, theories, principles, practices, methods, and techniques of computer science and engineering; Involvement with multiple IT specialties including but not limited to computer communications, computer networking, computer and network administration, computer and network configurations, computer and network security configurations, installation of computer systems and computer networks, and computer operating systems; Utilization of LINUX (or some version of UNIX), MS Windows, and Macintosh, and mobile devices; Serving as a computer forensic examiner, identifying the value of computer related evidence, development of proof of criminal activity if applicable, and preparing reports of examinations and findings for use in court proceedings and administrative hearings. FEDERAL TIME-IN-GRADE (TIG) REQUIREMENT FOR GENERAL SCHEDULE (GS) POSITIONS: Merit promotion applicants must meet applicable time-in-grade requirements to be considered eligible. One year at the GS-13 level is required to meet the time-in-grade requirements for the GS-14 level. TIG applies if you are in a current GS position or held a GS position within the previous 52 weeks. NOTE: Applicants applying as VEOA candidates who are current GS civil service employees or are prior GS civil service employees within the past 52 weeks must also meet time-in-grade requirements. KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas: Knowledge of a full range of IT cybersecurity principles, concepts, practices, products and services such as: systems software, database software, immediate access storage technology, digital forensic principles and methods for evaluating risk and vulnerability, implementing mitigating improvement, and disseminating IT security tools and procedures. Knowledge of a broad range of digital and multimedia forensic systems concepts, principles, operating modes, equipment, equipment configuration, and related software systems, processes and procedures to assess and advise on vulnerability to attack from a variety of sources (e.g., espionage, disruption of services, destructive programs/applications) and procedures and methods for protection of systems and applications. Knowledge of IT INFOSEC security requirements for certification and accreditation, network operations and protocols, systems testing and evaluation, and performance management methods sufficient to plan and conduct security accreditation reviews for installed systems or networks and assess and advise on new or revised security measures and countermeasures based on the results of accreditation reviews. Skill in applying digital forensics and the underlying principles to document all activity relating to the seizure, access, storage or transfer of digital and multimedia evidence. Ability to analyze complexities of existing technical capabilities, review/revise/develop policy, initiate plans for enhancements, and provide management sufficient technical information, through written documentation and oral briefings, to render informed judgements. Ability properly seizure and handling of digital evidence (from collection through to preservation and cyber analysis). Ability to communicate complex technical and programmatic information, often in the form of verbal and visualupdates, situation reports and briefings to executives, senior leaders and international partners. PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work. You must clearly identify the duties and responsibilities in each position held and the total number of hours per week. VOLUNTEER WORK EXPERIENCE: Refers to paid and unpaid experience, including volunteer work done through National Service Programs (i.e., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student and social). Volunteer work helps build critical competencies, knowledge and skills that can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Major DutiesServe as the DOD Cyber Crime Center Field Operation (DC3) Pacific senior digital forensics expert and consultant providing final technical authority on cyber investigations. Provides expert cybersecurity live network incident response capabilities, either on-scene or via remote consultation, to DoW and possibly international partners Independently performs substantive research of digital forensic methods and procedures for use with existing and newly acquired forensic tools. Conducts comprehensive expert analysis of network traffic and high-level malware analysis by utilizing and adapting a variety of software, hardware, and analytical techniques.