Description:
This position is located within the Department of Technology Services (DTS), Information Technology Security Office (ITSO). The candidates will be responsible for leading threat detection and incident coordination efforts within ITSO's 24/7 Security Operations Center and are empowered to task and direct all incident response activities in support of defensive cyber operations internal defense measures.Requirements:
Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions.Specialized Experience : Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience must demonstrate ALL areas defined below:
- Knowledge of networking protocols to include detailed understanding of Transmission Control Protocol / Internet Protocol (TCP/IP), and the Open Systems Interconnection (OSI) model.
- Experience with security infrastructure components, including firewalls, web application firewalls (WAFs), proxies, DNS, and routing protocols, with a deep understanding of their role in enterprise defense strategies.
- Knowledge of operating system internals and built-in security mechanisms, enabling effective identification and remediation of vulnerabilities across Windows, Linux, and macOS platforms.
- Knowledge of adversarial tactics, techniques, and procedures (TTPs), with the ability to analyze and respond to evolving cybersecurity threats through proactive defensive measures.
- Hands-on experience with endpoint detection and response (EDR) solutions such as CrowdStrike and Qualys, while leveraging them to identify, contain, and remediate security incidents.
- Certified Information Systems Security Professional (CISSP)
- GIAC Certified Incident Handler (GCIH)
- GIAC Security Operations Certified (GSOC)
- GIAC Cloud Incident Response (GCIR)
Jan 30, 2025;
from:
usajobs.gov