IT Cybersecurity Specialist Job at Office of Justice Programs in Washington

Summary This position is located in the U.S. Department of Justice (DOJ), Office of Justice Programs (OJP), Office of the Chief Information Officer (OCIO), IT Security Division (ITSD). This position develops strategic plans that advance OJP's cybersecurity posture and then delivers hands-on technical support in that same area. Responsibilities Execute cybersecurity operations for agency, including continuous monitoring, threat intelligence, incident response and vulnerability management. Establish and enforce standard operating procedures to ensure swift identification, containment, and mitigation of security incidents. Coordinate response efforts with internal and external teams, ensuring all actions comply with federal and DOJ regulations and with minimal operational impact. Provide expert analysis and recommendations to senior leadership on enhancing resilience against evolving cybersecurity threats. Continuously monitor agency IT environment for suspicious activity and potential security incidents using security information and event management (SIEM) tools and endpoint protection. Document incident response activities, create incident reports and conduct post-incident reviews to improve response processes. Collaborate with IT and application teams to patch, configure and otherwise address vulnerabilities. Gather and analyze cybersecurity threat intelligence from various sources to inform defense strategies and response plans. Interpret FISMA, NIST 800-53, CISA BODs, Executive Directives (EDs) and DOJ cybersecurity policies to develop compliance strategies. Develop, implement and monitor policies and procedures to ensure agency adherence to cybersecurity standards. Create and maintain compliance reports, tracking the remediation of findings and providing regular updates to leadership. Collaborate with program offices to implement security practices, providing guidance to ensure compliance. Work closely with internal and external stakeholders to promote a culture of security awareness and collaboration. Ensure high-quality customer service in delivering cybersecurity guidance and technical assistance to program offices by facilitating cybersecurity training and awareness programs to promote security-conscious behaviors and strengthen agency security culture. Develop and deliver cybersecurity training and awareness sessions for staff, promoting secure practices across the organization. Develop long-term cybersecurity goals and objectives, working with the Division Director to define a roadmap for achieving these goals. Ensure policies are documented, communicated and implemented across agency, conducting regular reviews to assess their effectiveness. Requirements Conditions of Employment Qualifications Basic Entry Requirements: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. Individuals must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance. Specialized Experience: Applicants must have one (1) year of specialized experience equivalent to at least the GS-14 level. Specialized experience is experience which is in or related to the line of work of the position to be filled and which has equipped the applicant with the specific knowledge, skills, and abilities to successfully perform the duties of the position. Examples of specialized experience include: Managing operations and running a combined on-prem/cloud SOC, ensuring the effective monitoring, detection, and response to security incidents. Aligning and fulfilling broad security governance requirements in coordination with agency/organization counterparts. Developing and implementing SOC strategies and best practices, aligning them with industry standards regulations, frameworks, and customer experience requirements. Building and communicating Zero Trust security modernization strategies and overseeing threat intelligence gathering and analysis, staying updated on emerging threats and trends to enhance the organization's defensive capabilities. Overseeing cybersecurity incident response in one or more hybrid cloud environments, with duties that include all five portions of the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover). Providing guidance on how to architect/design, leverage, and operate, various operational platforms, including Identity, Credential, Access Management (ICAM), Security Information and Event Management, and Security Orchestration, Automation & Response (SIEM/SOAR), and Privileged Access Management solutions as well as be a catalyst to accelerate capabilities for an integrated Zero Trust future. Managing and optimizing security technologies, including SIEM, IDS/IPS, endpoint security solutions, and other SOC tools, to maximize their effectiveness. Additional information on the qualification requirements is outlined in the OPM Qualification Standards Handbook of General Schedule Positions and is available at OPM's website: https://www.opm.gov/qualifications/standards/indexes/num-ndx.asp All qualification requirements must be met by the closing date of this announcement. Education There is no education requirement for this position. Additional Information This position may be eligible for telework per agency policy. OJP offers opportunities for flexible work schedules. Recruitment incentives may be authorized. This vacancy announcement may be used to fill additional vacancies. Please do not indicate current or former position salary in your application or resume. As the federal agency whose mission is to ensure the fair and impartial administration of justice for all Americans, the Department of Justice is committed to fostering a diverse and inclusive work environment. To build and retain a workforce that reflects the diverse experiences and perspectives of the American people, we welcome applicants from the many communities, identities, races, ethnicities, backgrounds, abilities, religions, and cultures of the United States who share our commitment to public service. This position has a duty station of Washington, D.C. The selectee will be required to physically report to the OJP office building at least four (4) days per bi-weekly pay period and may incorporate leave and official travel plans into this reporting requirement. The office director or supervisor may request the selectee's presence in the office more frequently, as determined by the needs of the office. The selectee will be responsible for covering all commuting-related travel expenses. OJP employees are eligible for one transportation benefit - parking or the Department of Justice (DOJ) transit subsidy.