This position is focused on vulnerability management and CPSC’s Continuous Diagnostic and Mitigation (CDM) program through DHS-CISA. The incumbent will also perform functions related to cybersecurity incident response, operational security, and threat intelligence.
The duties of this position include:
Continuously identifies and analyzes threats and vulnerabilities to the agency's information systems and recommends processes and procedures to help mitigate identified threats and vulnerabilities. Performs risk analysis, security testing, and certification in response to modifications or changes to computer systems or applications. Evaluates, assesses, or locally tests and approves all hardware, software, and firmware products that provide security features prior to use on the agency's production network. Executes computer security plans and enforces mandatory access control techniques.
Oversees the agency's incident response capability and IT security effectiveness. Utilizes current and future multi-level security products collectively to provide data integrity, confidentiality, authentication, non-repudiation, and access control of the LAN. Reports to EXIT management and the ISSO all incidents involving viruses, tampering, or unauthorized system entry. Ensures least access to privileged programs (i.e., operating system, system parameter and configuration files, and databases), utilities, and security-relevant programs/data files to authorized personnel. Implements methods to prevent unauthorized access to sensitive agency information. Evaluates unusual circumstances to recognize and define potential vulnerabilities and selects and oversees the installation of physical and technical security barriers to prevent others from improperly obtaining such information.
Reviews and assesses system changes for security implications and impact on existing operations. Provides technical recommendations and guidance for corrective actions resulting from security audits and vulnerability assessments. Conducts routine vulnerability and configuration compliance scanning.
Evaluates and recommends the acquisition of IT security tools. Installs and configures new hardware, software, and peripheral equipment to support IT security tools in accordance with agency standards.
Provides timely detection, identification, and alerts of possible attacks and intrusions, anomalous activities, and misuse activities and distinguishes these incidents and events from benign activities.
The incumbent will play an integral part in implementing security requirements, mandates, and best practices from authoritative entities such as OMB, DHS, and NIST.
Performs other duties as assigned.
- U.S. Citizenship Required.
- Background Investigation Required.
Must be a U.S. Citizen.
This is a Public Trust Position. Employment in this position requires a background investigation. If you are selected and cannot obtain a favorable security determination within a reasonable period of time due to disclosed or undisclosed background issues, the tentative employment offer may be withdrawn.
If you are a male born after December 31, 1959 you must certify that you have registered with the Selective Service System, or are exempt from having to do so under the Selective Service Law. Please see http://www.sss.gov for more information.
Selectees will be required to complete a "Declaration of Federal Employment", (OF-306), prior to appointment and the appropriate background investigation forms to determine suitability for Federal employment. False statements or responses on these forms can jeopardize your employment opportunity and subject you to disciplinary action, including removal from Federal service.
The selectee will be required to complete a Personal Identity Verification (PIV) process that requires two forms of identification from the I-9 Form. We will compare information provided on the I-9 Form to records available from the U.S. Department of Homeland Security. The system confirms employee’s identity and eligibility to work in the United States. Learn more about E-Verify, including your rights and responsibilities.
Depending on your status, this position may require serving a 1-year probationary period.
All applicants must have 52 weeks of specialized experience equivalent to at least the next lower grade level (GS-12) in the Federal Service. Specialized experience is experience that has equipped the candidate with the particular knowledge, skills, and abilities to perform successfully the duties of the position.
Qualifying specialized experience must demonstrate the following:
1) Experience reviewing proposed system requirements, design and architecture documents to identify potential security issues in agency cloud and on-prem environments, information systems, and applications. 2) experience evaluating, installing, configuring and managing security tools and services that are employed to protect or monitor agency information system environments; 3) experience performing system vulnerability and configuration compliance scanning using scanning tools like Qualys and Tenable; and 4) experience in planning, implementation and/or Operations & Maintenance (O&M) of DHS- CISA Continuous Diagnostic and Mitigation (CDM) tools.
In addition to the above specialized experience, applicants must also meet the IT-Related proficiency level for all four of the competencies listed below:
- Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
- Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
- Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
- Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
Evidence of the above specialized experience and IT-related proficiency must be supported by detailed documentation of duties performed in positions held. Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position. Therefore, we encourage you to be clear and specific when describing your experience.
Evidence of the above specialized experience must be supported by detailed documentation of duties performed in positions held. Your resume is the key means we have for evaluating your skills, knowledge, and abilities as they relate to this position. Therefore, we encourage you to be clear and specific when describing your experience. We will not make assumptions regarding your experience or based on job titles alone. If your resume does not support your questionnaire answers, we will not allow credit for your response(s).
Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.
Applicants must meet the qualifications for this position by the closing date of this announcement.
This position does not have a mandatory education requirement.
CPSC provides reasonable accommodations to applicants with disabilities on a case-by-case basis. If you need a reasonable accommodation for any part of the application or hiring process, please contact the Human Resources Specialist listed in this vacancy announcement.
Payment of relocation expenses is NOT authorized.
All the information you provide will be verified by a review of the work experience and/or education as shown on your application, by checking reference and through other means, such as the interview process. Any exaggeration of your experience, false statements, or attempts to conceal information may be grounds for not hiring you or for firing you after you begin work.
Additional selections may be made through this vacancy announcement.
A selectee receiving a first appointment to the Federal Government (Civil Service) is entitled only to the lowest step of the grade for which selected. The display of a salary range on this vacancy shall not be construed as granting an entitlement to a higher rate of pay.
As a condition of employment, the selectee must reside in the local commuting area of the duty station listed in this announcement. Telework schedules (within the local commuting area) are approved on a case-by-case basis. Employees will have an onsite requirement each week. Proof of residence may be required.
Benefits
A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.
CPSC offers a comprehensive benefits package that includes: paid vacation, sick leave, 11 paid holidays per year, life and health insurance, Long Term Care insurance, dental and vision insurance, flexible spending account program, and retirement savings and investment plan similar to 401(k) (Thrift Savings Plan).
CPSC also offers a broad array of work-life flexibilities and services to employees such as, flexible work schedules, teleworking, transit subsidies, fitness center, and employee assistance and wellness programs.
Review our benefits
Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.
You will be evaluated for this job based on how well you meet the qualifications above.
After the vacancy closes, we will review your application package to determine if you meet the minimum qualifications for the position. If you meet the minimum qualifications, your resume and supporting documentation will then be reviewed. Your resume must contain sufficiently detailed information upon which to make a qualification determination. Please ensure that your resume contains specific information such as position titles, beginning and ending dates of employment for each position, average number of hours worked per week, salary, duties performed for each position, and if the position is/was in the Federal government, you should provide the position series and grade level/pay band. The best-qualified candidates will be identified for referral to the hiring manager and may be invited to an interview. Qualified candidates will be considered in accordance with the Office of Personnel Management Direct Hire Guidelines.
CTAP/ICTAP candidates will be eligible for selection priority if it is determined that they have exceeded the minimum qualifications for the position by attaining at least a "well qualified" rating (Rating of at least 85 out of 100).
Veterans' Preference does not apply to the direct hire recruitment procedures. Selections made under this notice will be processed as new appointments to the civil service. You may not be considered for the position if any part of the application is incomplete. Your application may not receive appropriate consideration without the required supporting documentation.
You may preview questions for this vacancy.
Your package must be complete and submitted in the manner specified in this section. Packages that are submitted in any other manner without prior approval from the agency point of contact will not be considered.
A complete application includes: 1. Resume; 2. Vacancy question responses; and 3. Submission of any required documents. Please note that if you do not provide all required information, as specified in this announcement, you may not be considered for this position (or may not receive the special consideration for which you may be eligible).
CTAP/ICTAP eligibles must annotate your questionnaire to reflect that you are applying as a CTAP/ICTAP eligible and you must submit appropriate documentation (such as: a copy of the agency notice, your most recent performance rating, and your most recent SF-50 noting current position, grade level, and duty location).
Other documents identified in this announcement.
All supplemental documents must be submitted electronically before the closing date of this vacancy announcement. You have two choices for submitting your supplemental documents:
1. Download from your USAJOBS account; or
2. Upload your file(s)
Failure to submit required documents, based upon how you apply, may result in loss of consideration due to an incomplete application package. It is your responsibility to ensure all required documents have been submitted. Official documents are not required at the time of application, copies are sufficient. If selected, official documentation must be submitted prior to appointment.