Washington, D.C.•WashingtonDistrict of ColumbiaUnited StatesNorth America•April 27, 2024
The position is in SEC's Office of Information Technology's Cybersecurity Analysis Branch. If selected, you will join a well-respected team that is responsible for providing assurance that SEC IT systems are protected against potential IT threats and vulnerabilities, and ensuring compliance with federal mandates and legislation, including the Federal Information Security Modernization Act (FISMA).
This position is located in Washington, DC.
Typical duties of this position include:
All qualification requirements must be met by the closing date of this announcement. Qualifying experience may be obtained in the private or public sector. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. BASIC REQUIREMENT: Applicants must possess IT related experience demonstrating each of the four competencies: reviewing work to ensure it is in line with established standards or to identify deficiencies (Attention to Detail); collaborating with stakeholders to make progress towards a common goal (Customer service); explaining technical information orally to non-technical audiences (Oral Communication); and evaluating alternatives to recommend solutions to hardware or software problems (Problem Solving). MINIMUM QUALIFICATION REQUIREMENT: In addition to meeting the basic requirement, applicants must also meet the minimum qualification requirement SK-14: Applicant must have at least one year of specialized experience equivalent to the GS/SK-13 level: 1) writing detailed analytical reports on information system compromises and/or data breaches in an enterprise environment; 2) providing junior analysts with guidance in implementation of appropriate incident handling procedures for the purpose of the capture and retention of relevant incident response artifacts; 3) communicating effectively with internal and external stakeholders, during an incident, in order to coordinate incident response and ensure a common operational view; 4) performing historical and near real-time network traffic and log analysis; 5) performing static and dynamic analysis of suspect websites, documents, binaries, or other artifacts; AND 6) automating analytical tasks related to network defense and incident response.