About this role
Job SummaryThis vacancy is for an IT Specialist (INFOSEC) in the Office of the Secretary within the Department of Commerce. P
QualificationsQualification requirements in the vacancy announcements are based on the U.S. Office of Personnel Management (OPM) Qualification Standards Handbook, which contains federal qualification standards. This handbook is available on the Office of Personnel Management's website located at: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/#url=Occupational-Series Applicants must possess one year of specialized experience equivalent in difficulty and responsibility to the next lower grade level in the Federal Service. Specialized experience is experience that has equipped the applicant with the particular competencies/knowledge, skills and abilities to successfully perform the duties of the position. This experience need not have been in the federal government. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations e.g., professional; philanthropic, religious; spiritual; community, student, social). Volunteer work helps build critical competencies; knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. To qualify at the GS-14 level, you must meet the following requirements: Basic Requirement for the Information Technology Specialist, GS-2210 occupation series for the GS-14 (or equivalent) must have Information Technology (IT) related experience demonstrating each of the following competencies: Attention to Detail - Is thorough when performing work and conscientious about attending to detail; Customer Service - Works with clients and customers to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services; Oral Communication - Expresses information to individuals or groups effectively, taking into account the audience and nature of the information; makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately; and Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations .Your resume must clearly describe your relevant experience. AND SPECIALIZED EXPERIENCE: Specialized experience is experience that has equipped the applicant with the particular competencies/knowledge, skills and abilities to successfully perform the of the position. This experience need not have been in the federal government. You must possess one full year (52 weeks) of specialized experience equivalent to the GS-13 in the Federal service. Specialized experience is defined as: Independently lead and execute enterprise-level incident response (IR) activities, including triage, containment, eradication, recovery, and post-incident analysis. AND/OR Serving in a Security Operations Center SOC/ESOC, providing operational oversight while supporting alert triage, incident investigation, and response to ensure effective 24/7 operations. AND/OR Independently lead and conduct cyber threat hunting and advanced analytics, leveraging endpoint, network, cloud, and identity data to proactively identify malicious activity and undetected threats. AND/OR Independently produce, develop, and apply cyber threat intelligence (CTI) from multiple sources (classified, unclassified, open source, and vendor reporting). AND/OR Independently develop, implement, and tune detection use cases, indicators of compromise (IOCs), and behavioral analytics. AND/OR Independently lead and perform advanced cyber forensic analysis across endpoints, networks, and cloud environments. AND/OR Independently prepare and deliver operational and strategic briefings to senior leadership You must meet all qualification and eligibility requirements by the closing date of this announcement.
Major DutiesNOTE: Positions may be assigned to incident response leadership, cyber threat hunting, threat intelligence, or digital forensics functions within the also performing hands-on operational duties, including support for shift-based operations. Enterprise Security Operations Center (ESOC). Incumbents are expected to provide technical leadership while As an IT Specialist (INFOSEC), you will perform the following duties: Document cybersecurity events and incidents. Perform computer incident response investigations and evidentiary activities in defense of Department of Commerce (DOC) networks and information technology assets. Develop analytical documents and recommend courses of action to remediate or mitigate identified threats. Serve as a subject matter expert on cyber incident management and is responsible for leading the team that handles incident response investigations, evidentiary activities (handling, chain of custody and testimony) in defense of DOC networks and critical information technology infrastructure. Conduct vulnerability scanning to ascertain situational awareness of the threat level in order to derive network defense and hardening strategies and provide support, advice and direction to the Enterprise Security Operation Center Manager regarding ongoing and future Cyber-attack threat vectors. Analyze and evaluate organization networks and recommend procedures and/or products to improve the overall security of these networks. Monitor, identify, investigate, and document cybersecurity events and incidents; identify, document, and perform analysis of new and emerging threats; develop analytical documents and recommend courses of action to remediate or mitigate identified threats. Ensure the confidentiality, integrity, and availability of systems, networks, and data through the use of computer forensics to investigate computer incidents and to develop recommendations for the mitigation or remediation of such incidents. Provide support in the development of IT security policies, plans, and programs as it relates to risks to DOC systems and networks including but not limited to risks to cybersecurity incident response and management activities. Serve on interagency committees and working groups to provide support in the development of IT security policies, plans, and programs as it relates to risks to DOC systems and networks including but not limited to risks to cybersecurity incident response and management activities. Provide support, advice and direction to the Chief Information Security Officer (CISO) regarding program progress, development, strategy and ongoing and future cyber-attack threat vectors. Provide management briefings regarding incident investigations and respond to external and internal customer inquiries. Provide support, advice and direction to the regarding program progress, development, strategy and ongoing and future cyber-attack threat vectors. This Job Opportunity Announcement may be used to fill other IT Specialist (INFOSEC) GS-2210-14, FPL 14 positions within the Department of Commerce in the same geographical location or local commuting area with the same qualifications and specialized experience.RequirementsYou must be a U.S. citizen to apply for this position. This position requires a TOP SECRET/SCI CLEARANCE: Any required investigations and clearances must be completed before the selectee can be placed in the position. You must successfully pass a background investigation. This may include a credit check, a review of financial issues, as well as certain criminal offenses and illegal use of possession of drugs. A probationary period may be required. Selective Service: Males born after 12/31/59 must be registered or exempt from Selective Service (see https://www.sss.gov/). If you receive a conditional offer of employment for this position, you will be required to complete an Optional Form 306, Declaration for Federal Employment, and to sign and certify the accuracy of all information in your application. All Federal employees are required to have Federal salary payments made by direct deposit to a financial institution of their choosing. Bargaining Unit Position: NO Confidential Financial Disclosure Report (OGE form 450): YES Permanent Change of Duty Station (PCS) Expense: WILL NOT be paid License required: NO Drug Test Required: YES, This position is subject to pre-employment drug testing and random drug testing thereafter.