Independent job-search site. Not affiliated with the U.S. government. Applications happen on the official USAJOBS.gov. Learn more
Home/Jobs/Senior Critical Infrastructure Cyber Defense Threat Hunter
Announcement #875547100

Senior Critical Infrastructure Cyber Defense Threat Hunter

Federal transitionOpen to the publicTelework eligible

What you'd do

This announcement is issued under the Direct Hire Authority (DHA) to recruit for positions for which there is a critical hiring need. Selectee(s) will receive a career or career-conditional appointment in the competitive service and may be required to serve a one year probationary period. The official title of this position is Information Technology Cybersecurity Specialist (INFOSEC) GS-2210-13/14.

Major duties

This position is located in the Cybersecurity Division (CSD), which leads CISA's cybersecurity efforts as the nation's flagship civilian cyber defense organization. CSD collaborates with partners across the government and private sector to enhance the nation's cybersecurity posture. Typical work assignments at the full performance level include, but are not limited to: Leading the development and execution of sophisticated threat hunting strategies across both IT Enterprise and Operational Technology (OT) environments. Proactively identifying, investigating, and analyzing anomalous activity, indicators of compromise (IOCs), and emerging threats. Correlating and synthesizing data from disparate enterprise and OT sources to uncover complex attack patterns and adversary behaviors. Writing, testing, and deploying custom network signatures to detect specific threats and attack techniques relevant to critical infrastructure. Maintaining a high level of precision in threat analysis, detection, and documentation to ensure accuracy and reliability in all findings. Staying current with emerging threats, vulnerabilities, and attack techniques relevant to critical infrastructure. Researching and evaluating new threat hunting tools, methodologies, and frameworks, contributing to ongoing improvement of threat hunting playbooks and procedures. Responding quickly and effectively to evolving threat landscapes, new technologies, and unexpected incidents, adjusting strategies as needed.

What you need to qualify

Do NOT copy and paste the duties, specialized experience, or occupational assessment questionnaire from this announcement into your resume as that will not be considered a demonstration of your qualifications for this position. Your resume must describe your work and experience, in your own words. To be considered minimally qualified for this position, you must demonstrate that you have the required proficiency level of competencies and experience for the respective grade level in which you are applying: REQUIRED COMPETENCIES: Experience must be Information Technology (IT)-related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. You must have IT-related experience demonstrating each of the required competencies listed below and must meet or exceed the minimum proficiency level established for each by grade level. For more information, see Competency-Based Qualification Standard for the Information Technology Management Series, 2210. You qualify at the GS-13 and GS-14 grade level, if you have: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Decision Making - Makes sound, well-informed, and objective decisions; perceives the impact and implications of decisions; commits to action, even in uncertain situations, to accomplish organizational goals; causes change. Information Management - Identifies a need for and knows where or how to gather information; organizes and maintains information or information management systems. Interpersonal Skills - Shows understanding, friendliness, courtesy, tact, empathy, concern, and politeness to others; develops and maintains effective relationships with others; may include effectively dealing with individuals who are difficult, hostile, or distressed; relates well to people from varied backgrounds and different situations. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Teamwork - Encourages and facilitates cooperation, pride, trust, and group identity; fosters commitment and team spirit; works with others to achieve goals. Technical Competence - Uses knowledge that is acquired through formal training or on-the-job experience to perform one's job; works with, understands, and evaluates technical information related to the job; advises others on technical issues. AND SPECIALIZED EXPERIENCE: In addition to meeting the qualification requirement listed above, you must have at least one year of specialized experience at the next lower GS-grade level (or equivalent). Specialized experience is experience that has equipped you with the particular competencies/knowledge, skills, and abilities to successfully perform the duties of the position and is typically in or related to the work of the position to be filled. Such experience is typically gained in the IT field or through the performance of work where the primary concern is IT. You qualify at the GS-13 grade level, if you have: EXPERIENCE: At least one (1) year of specialized experience at the GS-12 grade level (or equivalent) performing all the following duties: Implementing/supporting complex IT security projects and initiatives in support of the organization; Briefing senior government and private sector management regarding the threat landscape and produce concise threat intelligence data; Reviewing reports, case documents, contracts, or other action documents to assure that they reflect the policies of the organization; AND Performing incident triage by recommending scope, urgency, and potential impact, and collaborating with other reporting agencies/system owners. You qualify at the GS-14 grade level, if you have: EXPERIENCE: At least one (1) year of specialized experience at the GS-13 grade level (or equivalent) performing all the following duties: Interfacing directly with the leadership during cyber-incidents of national significance; Explaining team goals and objectives to assigned team members and assisting team members in organizing to accomplish work; Providing briefs to senior government officials, including congressional members, and private sector organizations on incidents of national importance; AND Coordinating analysis and development of capabilities as it relates to network analysis and network device integrity for incident response. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community, student, social). Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience. All qualification requirements must be met by the closing date of this announcement.

Before you apply

Federal applications are different: your resume should be 3–5 pages and mirror the language of this announcement. Read our federal resume guide first — it's the #1 reason qualified people get screened out.

Don't miss the next one.

Get an email the moment a similar federal job opens — postings can close in as little as 5 days.

Free forever. One click to unsubscribe.