Summary

Serves as the Cybersecurity Lead for the U.S. Tax Court, responsible for designing, implementing, and maintaining enterprise cybersecurity solutions and managing the Court's information security and risk management program. Provides expert security engineering support across on-premises and cloud environments, ensures compliance with federal cybersecurity requirements, and is on the front line protecting the Court's information services.

This job is open to

The public

U.S. Citizens, Nationals or those who owe allegiance to the U.S.

Federal employees - Competitive service

Current federal employees whose agencies follow the U.S. Office of Personnel Management's hiring rules and pay scales.

Federal employees - Excepted service

Current federal employees whose agencies have their own hiring rules, pay scales and evaluation criteria.

Veterans

Veterans of the U.S. Armed Forces or a spouse, widow, widower or parent of a veteran, who may be eligible for derived preference

Duties

Serves as the Cybersecurity Lead for the U.S. Tax Court, acting as the technical authority for cybersecurity engineering, threat detection, and information security operations across on-premises and cloud environments.

Leads the design, implementation, and continuous improvement of security monitoring and detection capabilities. Develops, maintains, and executes log analysis and correlation strategies using Security Information and Event Management (SIEM) tools, including the creation, tuning, and automation of Splunk searches, alerts, dashboards, and scripted queries to identify indicators of compromise, anomalous behavior, and policy violations.

Leads phishing detection and response activities. Designs and manages technical and procedural controls to prevent, detect, analyze, and respond to phishing and socially engineered attacks. Performs forensic analysis of suspicious emails, headers, URLs, and attachments; coordinates containment and remediation actions; and collaborates with IT and business stakeholders to reduce phishing risk through controls, monitoring, and user awareness.

Directs malware detection, containment, and remediation efforts. Oversees endpoint, server, and cloud-based protection technologies; analyzes alerts and telemetry related to malicious code, ransomware, and unauthorized software; investigates root cause; and leads coordinated response actions to eradicate threats and restore systems securely.

Performs continuous security monitoring in accordance with the National Institute of Science and Technology (NIST) Risk Management Framework (RMF) requirements. Analyzes vulnerability scan results, system logs, and security control metrics to assess risk posture and identify trends. Develops metrics and reports to communicate security status, risks, and recommended corrective actions to leadership.

Conducts security investigations and incident responses for confirmed or suspected cybersecurity events. Leads technical analysis, determines scope and impact, preserves evidence, documents findings, and recommends remediation and preventive measures. Coordinates incident response activities with internal teams and, as necessary, external partners and vendors.

Provides security engineering expertise throughout the system life cycle. Reviews system architectures, cloud configurations, application designs, and proposed changes to ensure security controls are integrated, and risks are addressed prior to deployment. Assesses the security impact of system changes through change and configuration management processes.

Develops, reviews, and maintains cybersecurity documentation, including System Security Plans (SSPs), risk assessments, incident response documentation, and continuous monitoring artifacts. Ensures documentation accurately reflects system configurations and implemented security controls.

Implements and enforces identity and access management, network security, endpoint security, and data protection controls. Ensures least-privilege access, secure authentication, and protection of sensitive Court information.

Provides advanced Tier 2/3 technical support for cybersecurity-related incidents and problems. Analyzes complex issues, determines root causes, and implements corrective actions in coordination with IT operations teams.

Develops cybersecurity policies, standards, and procedures. Provides technical guidance and training to IT staff and users on phishing awareness, malware prevention, security monitoring, and incident response responsibilities.

Supports IT governance, acquisition, and vendor oversight by defining cybersecurity requirements, evaluating proposed solutions, and ensuring security considerations are integrated into Court IT initiatives.

Supports Information Program Specialist with sourcing, procurement, and vendor management activities, as necessary.
Writes, reviews, and/or maintains technical documentation for assigned technology or product environments (i.e., cybersecurity).

Requirements

Conditions of employment

Applicants must be United States Citizens or Nationals.
All Court employees are required to adhere to the Code of Conduct for U.S. Tax Court Employees.
Employees of the U.S. Tax Court are considered "at-will" employees, and, as such, may be terminated with or without cause.
Those who are required must abide by Selective Service registration requirements.
Selection of this position is contingent upon favorable suitability determination and security background checks, including a credit check, a Federal income tax check and a criminal check. A candidate selected for this position must be current on his or her federal income tax obligations before employment with the U.S. Tax Court and must remain current at all times while employed by the U.S. Tax Court. Continued employment post appointment is subject to satisfactory completion of the background investigation and credit check and favorable adjudication. A background reinvestigation or supplemental investigation may be required at a later time during employment.
All applicant information is subject to verification.
The Federal Financial Reform Act requires direct deposit of federal wages for Court employees.

Qualifications

Minimum Required
GS-13

Bachelor's or Master's degree in computer science, cybersecurity or related field
8+ years of experience in cybersecurity, especially in a security engineering roles related to networks, mobile devices, or application development
6+ years of experience working with AWS, Microsoft 365, Azure, or other comparable cloud platforms
4+ years experience performing Configuration as Code (CaC) and Infrastructure as Code (IaC) using modern software and source code practices (e.g., DevOps, CI/CD) with languages such as Terraform, .NET, Go, Java, Javascript, Objective-C, PHP, Powershell, Ruby, Cisco IOS
Maintain a CompTIA Security+ certification as well as two certifications from the preferred certification list or other identified by supervisor/hiring manager

GS-14

Meet requirements for GS-13
12+ years of experience in cybersecurity, especially in a security engineering roles related to networks, mobile devices, or application development

Preferred

Certified Information Systems Security Professional (CISSP)
4+ years experience performing Configuration as Code (CaC) and Infrastructure as Code (IaC) using modern software and source code practices (e.g., DevOps, CI/CD) with languages such as Terraform, .NET, Go, Java, Javascript, Objective-C, PHP, Powershell, Ruby, Cisco IOS
Amazon Web Service (AWS) Certified Security - Specialty
Azure Security Engineer Associate

Agile technique certification, i.e., Scrum, SAFe, or LeSS

Education

A Bachelor's or Master's degree from an accredited college or university is required.

Additional information

This is an "At-Will" position.

The United States Tax Court is an Equal Opportunity Employer.

Position should allow for maximum telework for those in the local commuting area. Must be onsite in DC Courthouse as required.

The work can be physically challenging requiring lifting and moving heavy equipment, walking, standing for prolonged periods, climbing ladders, crawling under desks and in tight spaces. There may be limited requirements for travel to attend training and support configuration of equipment at field courtrooms.

The work area is adequately lighted, heated, and ventilated. The work environment involves everyday risks or discomforts that require normal safety precautions. Some employees may occasionally be exposed to uncomfortable conditions in such places as research and production facilities.

Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.

A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.

In addition to the standard benefits offerings, the court has free parking in its underground garage. There's also a public transportation subsidy for public transportation users.

Review our benefits

Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.

How you will be evaluated

You will be evaluated for this job based on how well you meet the qualifications above.

How You Will Be Evaluated: If you meet the minimum qualifications for this position, the Court will then evaluate your application package to assess the quality, depth, and complexity of your accomplishments, experience, and education as they relate to the requirements listed in this vacancy announcement.

Required Documents

HOW TO APPLY: Applicants may apply by submitting the following:

A letter of interest/cover letter;
A resume highlighting relevant knowledge and experience;
Transcripts showing your bachelor's degree and any advanced degrees from an accredited college or university;
If you have federal government experience, your most recent Notification of Personnel Action, SF-50; and
A supplemental written statement, not to exceed two pages, which provides a brief description of how your experience relates to the duties outlined in this vacancy announcement.

These application materials are due by 11:59 PM (ET) on the closing date of this vacancy announcement.

NOTE: AN INCOMPLETE APPLICATION WILL NOT BE CONSIDERED.

The United States Tax Court is an equal opportunity employer.

How to Apply

All applicants must apply through usajobs.gov.

Application documents must be received by 11:59 p.m. (ET) on the closing date of this announcement.

To begin your online application, click the Apply Online button and follow the prompts to register or sign into USAJOBS, take the online questionnaire, and submit the required documents. See Required Documents section for more details.

Questions regarding this announcement may be directed to the Office of Human Resources at (202) 521-4700 or by email at humanresources@ustaxcourt.gov.

The Court does not accept hard-copy application packages. The Court reserves the right to modify the conditions of this job announcement or to withdraw the announcement, with or without prior written or other notice.

Agency contact information

US Tax Court

Phone: 202-521-4700
Email: humanresources@ustaxcourt.gov

Address: Office of Information Systems
400 Second Street, NW
Washington, DC 20217
US

Next steps

The Human Resources Office will conduct an evaluation of your qualifications by reviewing your application package. Please be as complete and thorough as possible. At this point you may be contacted for an interview. If you do not meet the key requirements, and/or basic qualifications or you fail to submit all required application materials, your application will not be considered.

IT Cybersecurity Specialist Job in Washington, DC