Cybersecurity Skill Community


Cybersecurity Skill Community - #BecomeACISAzen

 

Within CISA’s Cyber Workforce, the Cybersecurity skill community must secure, defend, and preserve data, networks, net-centric capabilities, and other designated systems by ensuring appropriate security controls and measures are in place, and taking internal defense actions. This includes access to system controls, monitoring, administration, and integration of cybersecurity into all aspects of engineering and acquisition of cyber capabilities.

CISA is currently screening for the following Cybersecurity work role(s) during our virtual hiring event on January 13, 2021. To view all of CISA's current job openings, please visit USAJOBs. 

  • Cyber Defense Incident Responder: Investigates, analyzes, and responds to cyber incidents within the network environment or enclave.
     
  • Vulnerability Analyst: This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

 

AVAILABLE POSITIONS - Click through the job descriptions below to view more details of each opportunity.  

Cyber Defense Incident Responder | GS-2210-9/11/12/13 | Arlington, VA

Skill Community: Cybersecurity
Cyber Work Role: Cyber Defense Incident Responder
Category: Protect and Defend
Specialty: Incident Response

This role investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

Duties:

  • Detects and triage potential malicious activities
  • Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Looks to improve or create processes related to incident response and continuous monitoring

Preferred Skills and Additional Info:

  • Experience with log analysis, malware analysis, computer forensics
  • Experience with system administration or network administration
  • Experience with the NIST Cybersecurity Framework

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division, Threat Hunting
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary Range: GS-2210-9/11/12/13; $60,129 – $134,798
  • Promotion Potential: GS-13
  • Clearance Level: TS/SCI
  • One position available

Cyber Defense Incident Responder | GS-2210-09/11/12/13 | Arlington, VA

Skill Community: Cybersecurity
Cyber Work Role: Cyber Defense Incident Responder
Category: Protect and Defend
Specialty: Incident Response

This role investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

Duties:

  • Implements higher-level security requirements such as those resulting from laws, regulations, or Presidential directives.
  • Integrates security programs across disciplines.
  • Defines the scope and level of detail for security plans and policies;
  • Assesses new systems design methodologies to improve software quality.
  • Leads new security technologies implementation activities.
  • Institutes measures to ensure security technologies awareness and compliance.
  • Identifies need for changes based on new security technologies and/or threats.
  • Reviews and evaluates security incident response policies.

Preferred Skills and Additional Info:

  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Knowledge of cyber threats and vulnerabilities.
  • Knowledge of incident response and handling methodologies. Knowledge of cyber-attack stages (e.g.,
  • reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network
  • exploitation, covering tracks).
  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Ability to interpret the information collected by network tools (e.g. Ns lookup, Ping, and Traceroute).
  • Knowledge of computer networking concepts and protocols, and network security methodologies.
  • Ability to determine the validity of technology trend data. Ability to leverage best practices and lessons learned of
  • external organizations and academic institutions dealing with cyber issues.
  • Knowledge of the organization's core business/mission processes. Knowledge of emerging technologies that have
  • potential for exploitation.
  • Knowledge of system and application security threats and vulnerabilities.

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division, Threat Hunting
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary Range: GS-2210-9/11/12/13; $60,129 – $134,798
  • Promotion Potential: GS-13
  • Clearance Level: TS/SCI
  • One position available

Cyber Defense Incident Responder | GS-2210-13 | Arlington, VA

Skill Community: Cybersecurity
Cyber Work Role: Cyber Defense Incident Responder
Category: Protect and Defend
Specialty: Incident Response

This role investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

Duties:

  • Detects and triage potential malicious activities
  • Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Looks to improve or create processes related to incident response and continuous monitoring

Preferred Skills and Additional Info:

  • Experience with log analysis, malware analysis, computer forensics
  • Experience with system administration or network administration
  • Experience with the NIST Cybersecurity Framework

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division, Capability Delivery
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary Range: GS-2210-13; $103,690 – $134,798
  • Promotion Potential: GS-13
  • Clearance Level: TS/SCI
  • One position available

Vulnerability Assessment Analyst | GS-2210-13/14 | Arlington, VA

Skill Community: Cybersecurity
Cyber Work Role: Vulnerability Assessment Analyst
Category: Protect and Defend
Specialty: Capacity Building

This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Duties:

  • Provide Technical SME expertise to multiple program activities including the development of Shares Services Standards, Development of Technical guidance documents, Customer requested technical review and recommendations for improving cybersecurity posture.
  • Lead Technical teams in development of standards, guidance development, technical reviews, and cybersecurity capability evaluations for customer systems and enterprises.
  • Represent the organization when dealing with customer agencies.

Preferred Skills and Additional Info:

  • Working knowledge and experience facilitating the Systems Engineering Life Cycle gates and documentation.
  • Working knowledge of the risk management framework (NIST 800-37 r2)
  • Working knowledge of implementing security categorization (FIPS Pub 199)
  • Working knowledge of requirements management
  • Hands on experience with IT security technologies / tools
  • Hands on experience with IT infrastructure (Layer 2/3 networking technologies, client/server, cloud)
  • Knowledge of project management methodologies and techniques

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division (CSD), Capacity Building  
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary: GS-2210-13/14, $103,690 - $159,286
  • Promotion Potential: GS-14
  • Clearance Level: TSI/SCI
  • One position available

Assessment Development Engineer | GS-2210-13/14 | Arlington, VA

Skill Community: Cybersecurity
Cyber Work Role: Vulnerability Assessment Analyst
Category: Protect and Defend
Specialty: Vulnerability Assessment and Management

This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Duties:

  • Decomposing project requirements into quality metrics and test techniques to assess compliance
  • Analyzing the validity of technology trend data
  • Implementing the organization's core business mission processes
  • Leveraging techniques for prioritizing vulnerabilities mitigation and disclosure

Preferred Skills and Additional Info:

  • Expert knowledge of cybersecurity fundamentals and risk assessment methods
  • Expert knowledge of quality control and measurement techniques
  • Expert knowledge of data management
  • Ability to convey complex systems descriptions into simple terms
  • Ability to form effective teams and lead group discussions

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division (CSD), Vulnerability Management
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary: GS-2210-13/14, $103,690 - $159,286
  • Promotion Potential: GS-14
  • Clearance Level: TSI/SCI
  • One position available

Cyber Defense Incident Responder | GS-2210-13/14 | Arlington, VA

Skill Community: Cybersecurity
Cyber Work Role: Cyber Defense Incident Responder
Category: Protect and Defend
Specialty: Incident Response

This role investigates, analyzes, and responds to cyber incidents within the network environment or enclave.

Duties:

  • Detects and triage potential malicious activities
  • Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Looks to improve or create processes related to incident response and continuous monitoring

Preferred Skills and Additional Info:

  • Experience with log analysis, malware analysis, computer forensics
  • Experience with system administration or network administration
  • Experience with the NIST Cybersecurity Framework

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division, Threat Hunting
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary Range: GS-2210-13/14; $103,690 - $159,286
  • Promotion Potential: GS-14
  • Clearance Level: TS/SCI
  • One position available

Vulnerability Assessment Analyst | GS-2210-14 | Arlington, VA

 

Skill Community: Cybersecurity
Cyber Work Role: Vulnerability Assessment Analyst
Category: Protect and Defend
Specialty: Vulnerability Assessment and Management

This position is primarily responsible for conducting threat emulation activities against an organization, in order to assess its detection and response capabilities. The Operator will work within a team to covertly gain access and take actions necessary to reach the assessment objectives. The intrusion process and recommended mitigations are documented within a final report, which is briefed to stakeholder leadership and cybersecurity operations teams.

 

Duties:

  • Conduct target research, analysis, and detailed reconnaissance.
  • Conduct and support red team assessments on enterprise network assets, obtaining undetected access.
  • Mimic threat behaviors and social engineering techniques in order to penetrate enterprise network assets and exploit targets.
  • Prepare reports that identify technical and procedural findings, and, provide recommended remediation strategies/solutions.
  • Remain abreast of the state of the practice and state of the art tactics, techniques, and procedures (TTPs).
  • Document lessons learned and techniques followed for future implementation and application.

Preferred Skills and Additional Info:

  • Considerable experience with programming in Ruby, JAVA, and/or PowerShell, security operation development concepts, and using physical and network-based threat methodologies
  • Experience with: server operating systems, workstation operating systems, or networking (switching
  • and routing equipment)
  • Considerable experience performing systems administrator tasks and activities as well as utilizing hardware/software threat methodologies
  • Experience performing penetration testing and red team assessments
  • 4-year college degree or equivalent experience in computer science, software engineering, information/cybersecurity, or related field
  • Offensive Security Certified Professional (OSCP) Certification
  • Certified Red Team Operations Professional (CRTOP)
  • SANS Penetration Type Certifications

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division (CSD), Vulnerability Management
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary: GS-2210-14, $122,530 – $159,286
  • Promotion Potential: GS-14
  • Clearance Level: TS/SCI
  • One position available

Vulnerability Assessment Analyst | GS-2210-14 | Arlington, VA

Skill Community: Cybersecurity
Cyber Work Role: Vulnerability Assessment Analyst
Category: Protect and Defend
Specialty: Vulnerability Assessment and Management

This position is primarily responsible for conducting threat emulation activities against an organization, in order to assess its detection and response capabilities. The Operator will work within a team to covertly gain access and take actions necessary to reach the assessment objectives. The intrusion process and recommended mitigations are documented within a final report, which is briefed to stakeholder leadership and cybersecurity operations teams.

Duties:

  • Conduct systems security evaluations of IT/OT network and systems design reviews to ensure implementation of appropriate systems security policies.
  • Consult with customers to evaluate system security requirements; coordinate with systems architects and developers, as needed, to ensure adoption of defense-in-depth strategies to protect IT/OT systems and network infrastructures.
  • Ensure the application of IT/OT cybersecurity policies, principles, and practices in the delivery of all services; participate in assessing IT/OT security
  • Identify and specify systems security improvements associated with customer environments.
  • Ensure the confidentiality, integrity, and availability of systems, networks, and data through the planning, analysis, development, implementation, maintenance, and enhancement of information systems security programs, policies, procedures, and tools.
  • Communicate the value of IT/OT security to all levels of internal and external stakeholders. Collaborate with organizational managers to support organizational objectives; identify information technology (IT) security program implications of new technologies or technology upgrades.
  • Identify need for assessment changes based on new security technologies or threats; review systems, networks, and software designs for potential security risks
  • Formulate security program initiatives in response to critical IT security issues
  • Develop IT security systems remediations that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT/OT systems vulnerabilities.
  • Build relationships throughout the organization as a trusted partner for advancing assessment services

Preferred Skills and Additional Info:

  • One or more of the following professional certifications -CISSP, CISM, GCIP, GICSP, CSSA

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division (CSD), Vulnerability Management
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary: GS-2210-14, $122,530 – $159,286
  • Promotion Potential: GS-14
  • Clearance Level: TS/SCI
  • One position available

Red Team Assessment Lead | GS-2210-14 | Arlington, VA

Skill Community: Cybersecurity & Cross Functional
Cyber Work Role: Vulnerability Assessment Analyst
Category: Protect and Defend
Specialty: Vulnerability Assessment and Management

This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Duties:

  • Perform as the technical lead for the Red Team Assessments (RTA) team and be primarily responsible for the tactical planning and execution of an RTA or similar activity.
  • Coordinate the team operations and ensure the technical activities are executed and documented in an accurate and effective manner.
  • Simulate or emulate potential adversaries’ exploitation or attack capabilities against an enterprise, its personnel, and its information technology infrastructure.
  • Research targets as well as identify potential weaknesses and exploit them to enter an enterprise network and its systems.
  • Emulate a malicious threat actor, by using known and developed TTPs and tools, to discover additional weaknesses in the enterprise cyber security defense.
  • Document intrusion process within a briefing report to stakeholder leadership and blue teams, if applicable. 

Preferred Skills and Additional Info:

  • Experience analyzing an organization’s cyber defense policies and configurations.
  • Experience translating technical outcomes into impacts and risks for executive level stakeholders.
  • Experience implementing and analyzing networking (switching and routing equipment, endpoints).
  • Experience with operation systems such as Linux, Windows, IOS authentication, authorization, and trust operations.
  • Experience with programming in Ruby, JAVA, and/or PowerShell security operation development concepts.
  • Experience using programming concepts developing programs and tools using languages such as Python, C#, C, C++ and/or Bash. 

The Fine Print:

  • Location: Arlington, VA
  • Division: Cybersecurity Division (CSD), Vulnerability Management
  • Official Title: IT Specialist (INFOSEC)
  • Series/Grade/Salary: GS-2210-14, $122,530 – $159,286
  • Promotion Potential: GS-14
  • Clearance Level: TS/SCI
  • One position available

Was this document helpful?  Yes  |  Somewhat  |  No