See below for important information regarding this job. Position will be filled at any of the locations listed below. Site specific salary information as follows: Battle Creek, MI: $124,531- $161,889 Columbus, OH: $129,946- $168,929 Dayton, OH: $129,169 - $167,919 Fort Belvoir, VA: $142,488- $185,234 New Cumberland, PA: $142,488- $185,234 Ogden, UT: $124,531- $161,889 Philadelphia, PA: $137,222- $178,388 Richmond, VA: $130,084- $169,108
To qualify for a Lead IT Specialist (INFOSEC), your resume and supporting documentation must include: Specialized Experience: One year of specialized experience that equipped you with the particular competencies to successfully perform the duties of the position, and is directly in or related to this position. To qualify at the GS-14 level, applicants must possess one year of specialized experience equivalent to the GS-13 level or equivalent under other pay systems in the Federal service, military or private sector. Applicants must meet eligibility requirements including time-in-grade (General Schedule (GS) positions only), time-after-competitive appointment, minimum qualifications, and any other regulatory requirements by the cut-off/closing date of the announcement. Creditable specialized experience includes: Design, test, and refine tactics, techniques, and procedures for defensive cyber operations in the cloud. Provide technical input and cyber detection content to multiple teams to include CERT, Cybersecurity Operations, and external cyber components to include integration of third-party tools focused on cloud cyber incident response, forensics, data analysis. Identify and propose process improvements and enhancements: such as artificial intelligence, emerging regulations, potential incident response tools and software, create and deliver training to various levels of personnel, through virtual labs, live/in-person sessions, and through technical guidance and real-world content, and develop and conduct incident response exercises focused on cloud operations Monitors performance of cybersecurity systems supporting incident handling in the cloud, raising issues and recommending solutions Leads the development of in-depth incident response plans for cloud environments that include threat hunting / advanced analysis using KQL or similar cloud tools, virtual machine forensics, snapshot analysis in multiple clouds, and automation of response strategies using SOAR, Sentinel or similar capabilities. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional, philanthropic, religious, spiritual, community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Works in the Information Operations Directorate (J-6), Cybersecurity (J61), Cybersecurity Operations (J614), Cyber Emergency Response Team (CERT) Division (J614A), Incident Response Branch (J614AA).
Ensures cyber defenders have visibility of pertinent activity within cloud environments to protect against attempted cyber intrusions by nation state adversaries.
Leads, directs, and coordinates all aspects of defensive cyber operations in DLA cloud environments to include Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) implementations.
Serves as the technical expert for cybersecurity of cloud operations spearheading DLA cloud security working groups and projects to improve DLA's cyber resiliency in the cloud.
Serves as the technical expert for incident response in the cloud and oversees the logging requirements across all cloud environments.