This position is in the Office of Information and Technology, Office of Information Security. The incumbent serves as a senior Cyber Incident Management IT Specialist responsible for ensuring the confidentially, integrity, and availability of systems, networks, and data through the detection and mitigation of cybersecurity threats.

Duties

This is a non-bargaining unit position. Please read this public notice in its entirety before submitting your application. The initial application review cut-off for this job announcement is 50 applications. The first 50 applications received will be considered first. Applications received after the initial cut-off number (50 applications) may not receive consideration unless otherwise requested by management. If management requests additional certificates, applicants will continue to be reviewed in groups of 50 in the order they applied. NOTE: This is a TERM appointment (Not-To-Exceed 2 years). Term appointments are non-status, nonpermanent appointments of limited duration (more than 1 year but not more than 4 years). Term appointments may be extended without further competition (up to the 4-year maximum). The appointment to a Term position does not confer eligibility for promotion or reassignment to other positions or the ability to be non-competitively converted to permanent employment. This position is primarily aligned to the following NICE Cybersecurity Workforce Framework work roles: 531 - Cyber Defense Incident Responder For more information about these work roles, where they fit within the larger Cyber Workforce, and how they can support your unique career journey, please visit the Cyber Career Pathways tool on the National Initiative for Cybersecurity Careers and Studies website: https://niccs.us-cert.gov/workforce-development/cyber-career-pathways Work Schedule: Monday - Friday, 8:00am - 4:30pm Compressed/Flexible Schedule: Available Telework: Yes - as determined by the agency policy. Duty Location Status: This position can be filled in any of the following locations: Washington, DC., Austin, TX, Hines (Chicago), IL, Martinsburg, WV. PLEASE APPLY TO THE LOCATION(S) THAT YOU ARE ABLE AND WILLING TO REPORT TO. THIS IS NOT A REMOTE POSITION. Position Description Title/PD#: IT Specialist (INFOSEC)/ PD17053A Relocation/Recruitment Incentives: Not Authorized Financial Disclosure Report: Not Required Physical Demands: The work is sedentary. Typically, the employee sits comfortably to do the work. However, there may be some walking, standing, bending, carrying of light items such as papers, books, small parts, or laptop. Major Duties: Serves as a senior Cyber Security Watch Officer for the VA Cybersecurity Operations Center(VA CSOC), providing technical advice, guidance, and assistance on cyber security events/incidents; and understands, analyzes, and identifies effective responses to reported incidents. Identifies and analyzes threats, provides mitigation strategies, and documents and present the impact of resulting attacks via Executive Summaries, After Action Reports, and Metric Reports to improve and enhance the VA security posture to management and senior leadership. Responds to potential cyber security events/incidents by analyzing the impact, scope, and trends, and provides containment recommendations; validates appropriate response actions were adhered to and the cyber incident has been properly handled/closed out. Serves as the principal staff advisor and technical subject matter expert on all issues relating to the vulnerabilities and threats to VA enterprise and coordinates appropriate mitigation strategies information systems and network devices. Oversees the monitoring of the Security Information and Event Management solution, other security tools, situational awareness reports, and open-source intelligence to identify anomalous activity, malicious artifacts, indicators of compromise and take corrective actions.

Requirements

• You must be a U.S. citizen to apply for this job.
• Selectees are subject to a background/suitability investigation.
• Designated and/or random drug testing may be required
• Selectees may be required to serve a probationary period.
• Selective Service Registration is required for males born after 12/31/1959.
• A complete application package, i.e., Resume, Transcripts, etc., as required by the job announcement.
• Selected applicants will be required to complete an online onboarding process.
• Participation in the Seasonal Influenza Prevention Program for VHA Health Care Personnel (HCP) is a requirement for all Department of Veterans Affairs HCP.
• All applicants tentatively selected for VA employment in a testing designated position are subject to urinalysis to screen for illegal drug use prior to appointment. Applicants who refuse to be tested will be denied employment with VA.
• Must be proficient in written and spoken English.
• Pre-employment physical evaluation may be required.

Qualifications

To qualify for this position, applicants must meet all requirements by the closing date of this announcement, 02/26/2024. Selective Placement Factor: This position includes a skill, knowledge, ability or other worker characteristic basic to -and essential for- satisfactory performance of the job. Selective Placement Factors are a prerequisite to appointment and represent minimum requirements for a position. Applicants who do not meet it are ineligible for further consideration. Evidence of the Selective Placement Factor must be reflected in your resume. The Selective Placement Factor for this position is: Experience with Cyber Incident Response (detecting, triaging, and responding to cybersecurity events/incidents) and providing recommendations to the overall security of the organization's infrastructure. AND Experience - Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below. The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. AND Specialized Experience: You must have one year of specialized experience equivalent to at least the next lower grade GS-12, in the normal line of progression for the occupation in the organization. Specialized experience is experience that has equipped the applicant with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT. Specialized experience is defined as identifying cyber security threats and vulnerabilities; performing cyber defense trend analysis and reporting; assisting in development and interpretation of security policies, procedures, and guidelines; analyzing and evaluating secured networks and recommending/evaluating procedures and products to improve the overall security of these networks; and reviewing computer technology developments applicable to system and network management, network security, and operations and maintenance.. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religions; spiritual; community; student; social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. Per Office of Personnel Management General Schedule Qualification Policies, federal employees are assumed to have gained experience by performing duties and responsibilities appropriate for their official series and grade level as described in their position description. Experience that would not normally be part of the employee's position is creditable when documented by satisfactory evidence (e.g., a memorandum from the manager, human resources director, or official documentation such as SF-52, SF-50 documenting an official detail/assignments, or other comparable documentation). The documentation must indicate whether the employee performed the duties full time or, if part-time, the percentage of times the employee performed the additional duties. To receive credit for experience in your resume that is not within the official series and grade level of your position, you must provide official documentation of such experience as indicated above. Note: A full year of work is considered to be 35-40 hours of work per week. Part-time experience will be credited on the basis of time actually spent in appropriate activities. Applicants wishing to receive credit for such experience must indicate clearly the nature of their duties and responsibilities in each position and the number of hours a week spent in such employment. For more information on these qualification standards, please visit OPM's web site at http://www.opm.gov/qualifications/standards/indexes/alph-ndx.asp.

Education

There is no education substitute or requirement for the GS-13 level.

Contacts

• Address DAS Information and Technology - 103 810 Vermont Avenue NW Washington, DC 20420 US
• Name: VHA National Recruitment Center
• Phone: (844)456-5208
• Email: [email protected]