Summary
As an FBI cybersecurity Professional, your job is to ensure our law enforcement systems, as well as the entire cyberspace within which we work, are protected. This means applying your knowledge of computer technology, cybersecurity, and more to safeguard information across the FBI, as well as our domestic and international law enforcement partners.
This job is open to
Clarification from the agency
All U.S. Citizens.
Duties
- Monitor network traffic and security alerts for malicious activities and indicators of compromise (IOCs).
- Lead incident response efforts during security breaches, coordinating remediation activities and ensuring effective communication.
- Conduct digital forensic investigations to support incident resolution, compliance, and regulatory requirements.
- Perform cyber threat intelligence analysis, including threat hunting, and manage Threat Intelligence Platforms (TIPs).
- Identify, analyze, and mitigate security risks by integrating threat intelligence into defensive strategies.
- Collaborate with cross-functional teams to enhance ESOC processes, response capabilities, and security posture.
- Drive continuous improvement in ESOC operations through innovation and adoption of new detection technologies.
- Mentor and train junior IT specialists on cybersecurity practices, tools, and ESOC operational procedures.
- Prepare comprehensive reports and briefings for leadership on incident findings, risk assessments, and threat intelligence updates.
- Stay current with emerging cybersecurity trends, tactics, techniques, and procedures (TTPs) to enhance detection capabilities.
Requirements
Conditions of Employment
- Must be a U.S. citizen
- Must be able to obtain a Top Secret-SCI clearance
- Selectee will be required to complete form FD-887, Request for Access to Sensitive Compartmented Information (SCI)
Qualifications
GS-11: Applicant must possess at least one (1) year of SE equivalent to the GS-09 grade level. SE is defined as follows:
- Demonstrated experience monitoring and analyzing network traffic, logs, and security alerts for basic indicators of compromise (IOCs) and suspicious activities.
- Demonstrated experience supporting incident response efforts, under supervision, including documenting incidents, performing preliminary triage, and escalating as needed.
- Experience utilizing common cybersecurity tools (e.g., SIEMs, IDS/IPS) and basic scripting or query skills for analyzing security data.
GS-12: In addition to the above, applicant must possess at least one (1) year of SE equivalent to the GS-11 grade level. SE is defined as follows:
- Demonstrated experience detecting, analyzing, and responding to security threats, including the ability to independently lead initial incident response activities and recommend remediation strategies.
- Demonstrated experience conducting digital forensic investigations, such as log analysis, data extraction, malware analysis, and ensuring evidence integrity for legal and compliance purposes.
- Demonstrated experience collaborating with internal and external stakeholders to resolve security incidents, communicate risks, and implement mitigations.
- Experience integrating new tools or technologies into incident detection and response workflows.
GS-13: In addition to the above, applicant must possess at least one (1) year of SE equivalent to the GS-12 grade level. SE is defined as follows:
- Demonstrated experience leading high-severity cybersecurity investigations, including coordinating cross-departmental efforts and developing comprehensive incident containment, eradication, and recovery strategies.
- Demonstrated the ability to manage complex investigations, handle advanced malware analysis, perform network forensics, and ensure compliance with legal and regulatory frameworks.
- Demonstrated the ability to brief and advise executive leadership on high-level cybersecurity risks, emerging threats, incident trends, and the overall cybersecurity posture of the organization.
- Demonstrated experience managing threat intelligence platforms (TIPs) and leading threat intelligence operations, including collaborating with external intelligence-sharing communities and agencies.
Desired Skills
Desired skills are NOT mandatory and will NOT be utilized to minimally qualify applicants.
Desired Skills are:
- Understanding of cyber threat intelligence operations, including threat hunting, adversary profiling, and integrating intelligence into the organization's defensive posture.
- Exposure to cyber threat intelligence processes, including initial research, data enrichment, and contribution to Threat Intelligence Platforms (TIPs).
Education
All degrees must be from an accredited college or university. Education may be substituted for specialized experience as follows:
Degrees must be in one of the following fields: computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management OR a degree that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems or networks.
Education completed in foreign colleges or universities may be used to meet the above requirements provided you can show foreign education is comparable to that received in an accredited educational institution in the United States.
GS-11: Applicant must have a Ph.D. OR equivalent doctoral degree OR 3 full years of progressively higher level graduate education leading to such a degree OR LL.M., if related.
Education may NOT be substituted for specialized experience at the GS 12, 13, or 14 grade levels.
How You Will Be Evaluated
You will be evaluated for this job based on how well you meet the qualifications above.
Your application will be evaluated and rated under the FBI's Candidate Rating Procedures. Your resume and supporting documentation will be used to determine whether you meet the job qualifications listed in this announcement and will be compared to your responses to the online assessment questionnaire. High self-assessment in the vacancy questions that is not supported by information in your resume, and/or supporting documents may eliminate you from Most Competitive status.
Your application will then be placed in one of three categories: Most Competitive, Competitive, or Least Competitive. Names of candidates in the Most Competitive category will be sent to the hiring official for employment consideration. Veterans' preference will be applied.
All applicants will be rated on the following Competencies:
- Communication
- Customer Service
- Flexibility and Adaptability
- Information Management
- Problem Solving/Judgement
- Technology Awareness
Required Documents
To apply to this position, interested applicants must provide a complete application package by the closing date which includes:
- Your resume, specifically noting relevant work experience and associated start and end dates
- A complete assessment questionnaire
- Other supporting documents (if applicable):
- College transcripts, if qualifying based on education or if there is a positive education requirement
- Notification of Personnel Action, SF-50; not applicable to current FBI employees
- Memorandum for Record (MFR), Please see Additional Information
- Most recent Performance Appraisal; not applicable to current FBI employees
- Veterans: DD 214; Disabled Veterans: DD 214, SF-15, and VA letter dated 1991 or later
How to Apply
To apply for the Cybersecurity Specialist position, please click here.
The official title for this position is IT Specialist.
Next steps
Once your complete application is received we will conduct an evaluation of your qualifications and determine your ranking. The Most Competitive candidates will be referred to the hiring manager for further consideration and possible interview. You will be notified of your status throughout the process.
|