Senior Critical Infrastructure Cyber Defense Threat Hunter

Commander, Navy Installations Command

$100K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years of IT-related experience with demonstrated competencies in cybersecurity
  • Proven ability to analyze and synthesize complex data from multiple sources
  • Ability to create and implement threat hunting strategies in diverse IT environments
  • Expertise in incident response and management during significant cybersecurity events
  • Strong oral communication skills for presenting to senior government officials and stakeholders
  • Experience with writing and deploying custom network detection signatures
  • Competence in evaluating and adopting new cybersecurity tools and methodologies

Responsibilities

  • Lead the development of advanced threat hunting strategies
  • Identify and analyze anomalous activities and emerging cybersecurity threats
  • Correlate data from IT and OT environments to detect attack patterns
  • Write and deploy custom network signatures for critical infrastructure
  • Maintain accuracy in threat analysis and documentation
  • Research new tools and enhance threat hunting procedures
  • React quickly to evolving cybersecurity incidents and adjust plans accordingly

Benefits

  • Comprehensive federal benefits package for employees and families
  • Access to health insurance, retirement plans, and work-life balance programs
  • Eligibility for various training and development opportunities
  • Potential for career growth and promotional opportunities within the federal system
Full Job Description
Summary

This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one year probationary period.

The official title of this position is Information Technology Cybersecurity Specialist (INFOSEC) GS-2210-13/14.

Duties

Help

This position is located in the Cybersecurity Division (CSD), which leads CISA's cybersecurity efforts as the nation's flagship civilian cyber defense organization. CSD collaborates with partners across the government and private sector to enhance the nation's cybersecurity posture.

Typical work assignments at the full performance level include, but are not limited to:


  • Leading the development and execution of sophisticated threat hunting strategies across both IT Enterprise and Operational Technology (OT) environments.
  • Proactively identifying, investigating, and analyzing anomalous activity, indicators of compromise (IOCs), and emerging threats.
  • Correlating and synthesizing data from disparate enterprise and OT sources to uncover complex attack patterns and adversary behaviors.
  • Writing, testing, and deploying custom network signatures to detect specific threats and attack techniques relevant to critical infrastructure.
  • Maintaining a high level of precision in threat analysis, detection, and documentation to ensure accuracy and reliability in all findings.
  • Staying current with emerging threats, vulnerabilities, and attack techniques relevant to critical infrastructure.
  • Researching and evaluating new threat hunting tools, methodologies, and frameworks, contributing to ongoing improvement of threat hunting playbooks and procedures.
  • Responding quickly and effectively to evolving threat landscapes, new technologies, and unexpected incidents, adjusting strategies as needed.


Requirements

Help

Conditions of employment

  • You must be a U.S. citizen.
  • Selective Service - Males born after 12/31/59 must be registered or exempt from Selective Service, see http://www.sss.gov/
  • All Federal employees are required to participate in Direct Deposit/Electronic Funds Transfer for salary payments.
  • You must be able to obtain and maintain a security clearance suitable for Federal employment as determined by a background investigation. This may include a credit check, a review of financial issues, as well as certain criminal offenses and illegal use or possession of drugs.
  • One-year probationary period may be required.
  • This position may be designated as essential personnel. Essential personnel must be able to serve during continuity of operation events without regard to declarations of liberal leave or government closures due to weather, protests, and acts of terrorism or lack of funding. Failure to report for or remain in this position may result in disciplinary or adverse action in accordance with applicable laws, rules, and regulations (5 U.S.C. [redacted] and 5 CFR Part 752, as applicable).
  • This position has been identified as a drug testing designated position (TDP) for purposes of the CISA's Drug-Free Workplace Program. All applicants tentatively selected for this position will be required to submit to a drug test to screen for illicit/illegal drug use prior to receiving a final offer of employment. A final offer of employment is contingent upon a negative drug test result. After appointment, you may be subject to periodic random drug testing.


Qualifications

Do NOT copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications for this position. Your resume must describe your work and experience, in your own words.

To be considered minimally qualified for this position, you must demonstrate that you have the required proficiency level of competencies and experience for the respective grade level in which you are applying:

REQUIRED COMPETENCIES: Experience must be Information Technology (IT)-related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. You must have IT-related experience demonstrating each of the required competencies listed below and must meet or exceed the minimum proficiency level established for each by grade level. For more information, see Competency-Based Qualification Standard for the Information Technology Management Series, 2210.

You qualify at the GS-13 and GS-14 grade level, if you have:

  1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.
  2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.
  3. Decision Making - Makes sound, well-informed, and objective decisions; perceives the impact and implications of decisions; commits to action, even in uncertain situations, to accomplish organizational goals; causes change.
  4. Information Management - Identifies a need for and knows where or how to gather information; organizes and maintains information or information management systems.
  5. Interpersonal Skills - Shows understanding, friendliness, courtesy, tact, empathy, concern, and politeness to others; develops and maintains effective relationships with others; may include effectively dealing with individuals who are difficult, hostile, or distressed; relates well to people from varied backgrounds and different situations.
  6. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.
  7. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.
  8. Teamwork - Encourages and facilitates cooperation, pride, trust, and group identity; fosters commitment and team spirit; works with others to achieve goals.
  9. Technical Competence - Uses knowledge that is acquired through formal training or on-the-job experience to perform one's job; works with, understands, and evaluates technical information related to the job; advises others on technical issues.


AND

SPECIALIZED EXPERIENCE:
In addition to meeting the qualification requirement listed above, you must have at least one year of specialized experience at the next lower GS-grade level (or equivalent). Specialized experience is experience that has equipped you with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT.

You qualify at the GS-13 grade level, if you have:

EXPERIENCE: At least one (1) year of specialized experience at the GS-12 grade level (or equivalent) performing all the following duties:

  1. Implementing/supporting complex IT security projects and initiatives in support of the organization;
  2. Briefing senior government and private sector management regarding the threat landscape and produce concise threat intelligence data;
  3. Reviewing reports, case documents, contracts, or other action documents to assure that they reflect the policies of the organization; AND
  4. Performing incident triage by recommending scope, urgency, and potential impact, and collaborating with other reporting agencies/system owners.


You qualify at the GS-14 grade level, if you have:

EXPERIENCE: At least one (1) year of specialized experience at the GS-13 grade level (or equivalent) performing all the following duties:

  1. Interfacing directly with the leadership during cyber-incidents of national significance;
  2. Explaining team goals and objectives to assigned team members and assisting team members in organizing to accomplish work;
  3. Providing briefs to senior government officials, including congressional members, and private sector organizations on incidents of national importance; AND
  4. Coordinating analysis and development of capabilities as it relates to network analysis and network device integrity for incident response.


Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.

All qualification requirements must be met by the closing date of this announcement.

Education

No Educational Substitution: There is no substitution of education for experience at this grade level. You must meet the qualifications listed in the "Requirements" section of this announcement.

Additional information

  • Other incentives may be authorized.
  • If you receive a conditional offer of employment for this position, you will be required to complete an Optional Form 306, Declaration for Federal Employment, and to sign and certify the accuracy of all information in your application, prior to entry on duty. False statements on any part of the application may result in withdrawal of offer of employment, dismissal after beginning work, fine, or imprisonment.
  • Additional vacancies may be filled with this announcement.
  • A one-year probationary period may be required during which we will evaluate your fitness and whether your continued employment advances the public interest. We may consider your performance and conduct, the needs and interests of the agency, whether your continued employment would advance organizational goals of the agency or the Government, and whether your continued employment would advance the efficiency of the Federal service. Upon completion of your probationary period your employment will be terminated unless you receive certification, in writing, that your continued employment advances the public interest.
  • If selected below the full performance level, you may be noncompetitively promoted to the next higher grade level after meeting all regulatory requirements, and upon the recommendation of management. Promotion is neither implied nor guaranteed.


Reasonable Accommodation (RA) Requests: If you believe you have a disability (i.e., physical or mental), covered by the Rehabilitation Act of 1973 as amended that would interfere with completing the USA Hire Competency Based Assessments, you will be granted the opportunity to request a RA in your online application. Requests for RA for the USA Hire Competency Based Assessments and appropriate supporting documentation for RA must be received prior to starting the USA Hire Competency Based Assessments. Decisions on requests for RA are made on a case-by-case basis. If you meet the minimum qualifications of the position, after notification of the adjudication of your request, you will receive an email invitation to complete the USA Hire Competency Based Assessments, based on your adjudication decision. You must complete all assessments within 48 hours of receiving the URL to access the USA Hire Competency Based Assessments, if you received the link after the close of the announcement. To determine if you need a RA, please review the Procedures for Requesting a Reasonable Accommodation for Online Assessments.

Current or Former Political Appointees: The Office of Personnel Management (OPM) must authorize employment offers made to current or former political appointees. If you are currently, or have been within the last 5 years, a political Schedule A, Schedule C, Non-career SES or Presidential Appointee employee in the Executive Branch, you must disclose this information to the Human Resources Office.

Expand Hide additional information

Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.

Benefits

Help

A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.

Review our benefits

Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.

Similar Jobs

More Jobs at Commander, Navy Installations Command

More Information Technology Jobs

Find similar Senior Critical Infrastructure Cyber Defense Threat Hunter jobs: