Senior Cybersecurity Engineer
- Serve as IT cybersecurity SME over Laboratory Division information technology, operational technology, and Software-as-a-Service (SaaS) assets.
- Consult on, identify, and support the implementation of technical solutions for Executive Order 14028 requirements and Security Assessment and Authorization (SAA) required security controls.
- Conduct vulnerability assessments and penetration testing to identify and mitigate potential cyber threats.
- Monitor network traffic and systems for any suspicious activity and respond to security incidents in a timely manner.
- Develop and implement security policies and procedures to ensure compliance with industry standards and regulations.
- Perform risk assessments and make recommendations for improving security posture.
- Stay up to date on the latest cybersecurity trends and technologies to continuously improve our security measures.
- Provide training and guidance to other team members on cybersecurity best practices.
- Collaborate with cross-functional teams to implement security solutions and ensure the integrity of systems and data.
- Participate in incident response and disaster recovery planning and testing.
- Prepare and present reports on security incidents, risks, and compliance to management and clients.
- Advise Unit Leadership as well as stakeholder units and programs within the LD about cybersecurity-related IT purchases related to or included with scientific equipment or in support of division security monitoring.
- Ensure that the LD is in compliance with OCIO requirements (e.g., Authority to Operate) and other IT Security mandates, such as Executive Order 14028 cybersecurity logging/sharing requirements.
- Communicate technical IT concepts to both technical and non-technical audiences.
- Oversee day-to-day work of contract IT staff implementing cybersecurity solutions to ensure contract deliverables are met.
- Communicate clearly and thoroughly with LD System Owners, Technical Points of Contact, Program Managers, customers, and management in various technical areas to include infrastructure.
Requirements
Conditions of Employment
- Must be a U.S. citizen.
- Must be able to obtain a Top Secret clearance.
- As a condition of employment, DNA samples are required from all FBI personnel who interact with evidence or federal DNA database samples in Laboratory Division (LD) space or whose work requires them to enter LD examination areas where evidence or DNA database samples are processed or examined as part of the quality control process to detect sample/evidence contamination, in accordance with the Genetic Information Nondiscrimination Act of 2008 (GINA), 75 Federal Register (FR) 68932; 29 C.F.R. 1635.8(b)(6).
- The individual that fills this position will potentially be exposed to situations or information that depicts violent acts, lewd images, or involves isolated working conditions.
Qualifications
GS-14: Applicant must possess at least one (1) year of specialized experience equivalent to the GS-13 grade level. SE is defined as follows:
- Possesses the breadth of experience and knowledge, and recognition in the cybersecurity community, to lead efforts on assigned programs and work independently with minimal oversight from the Government lead.
- Extensive experience in operational cybersecurity accreditation and certification of embedded systems accredited at Secret level and below.
- Extensive understanding of the NIST Risk Management Framework (RMF) to include current experience in obtaining system accreditation using the NIST RMF.
- Extensive experience preparing recommended IA approval and supporting documents; understands systems engineering processes; and possesses extensive experience in Network Security Architecture.
- Extensive understanding of the DoD standards guiding the development of cybersecurity policy, requirements, integration, engineering, and certification and accreditation
- Strong communication and interpersonal skills
- Experience providing advice and guidance to management and technical personnel on critical cybersecurity technical matters relating to information and operational technology.
- Experience translating conceptual designs and complex mission requirements to implement new solutions or development projects.
- Knowledge of current data network and infrastructure technologies, topologies, security standards, and hardware and software solutions.
- Knowledge of the theory and techniques of project management as applied to IT systems.
Education
Education cannot be substituted for SE at the GS 14 grade level.
Additional information
The salary listed for this position represents the base salary. Applicants are encouraged to visit OPM.gov to find the specific locality pay adjustments that apply to their area. It's important for applicants to familiarize themselves with these adjustments as they can significantly affect the total compensation package offered for this position. For more detailed information regarding locality pay rates, please refer to the
Selected applicants may be eligible for up to 20% recruitment incentive. You will be required to sign a 2-year service agreement upon receipt of the recruitment incentive.
Memorandum for Record: Work performed outside assigned duties (that would not normally be documented on an SF-50, i. e., back-up duties), has to be documented in detail by an immediate supervisor in order to receive full credit for amount of time worked in that position. If no documentation is furnished no credit will be given for time worked in that position. The following notations must be specified in the documentation (Memorandum for Record):
- Percent of time worked in the particular position (cannot conflict with main duties)
- The month/year work began
- Frequency worked (i.e., daily, monthly, etc.)
- Specific duties performed
Key Words: Cybersecurity, Vulnerability Assessments, Security Monitoring, Incident Response, Security Assessment and Authorization, Monitor IT network traffic, Monitor IT systems, Penetration Testing, Intrusion Detection, Cybersecurity training, Risk Assessments, Security Posture, Security Solutions, NIST Risk Management Framework, Security Controls, Cybersecurity accreditation, Cybersecurity policy, Executive Order 14028
- Benefits
Conditions of Employment
- Must be a U.S. citizen.
- Must be able to obtain a Top Secret clearance.
- As a condition of employment, DNA samples are required from all FBI personnel who interact with evidence or federal DNA database samples in Laboratory Division (LD) space or whose work requires them to enter LD examination areas where evidence or DNA database samples are processed or examined as part of the quality control process to detect sample/evidence contamination, in accordance with the Genetic Information Nondiscrimination Act of 2008 (GINA), 75 Federal Register (FR) 68932; 29 C.F.R. 1635.8(b)(6).
- The individual that fills this position will potentially be exposed to situations or information that depicts violent acts, lewd images, or involves isolated working conditions.
Qualifications
GS-14: Applicant must possess at least one (1) year of specialized experience equivalent to the GS-13 grade level. SE is defined as follows:
- Possesses the breadth of experience and knowledge, and recognition in the cybersecurity community, to lead efforts on assigned programs and work independently with minimal oversight from the Government lead.
- Extensive experience in operational cybersecurity accreditation and certification of embedded systems accredited at Secret level and below.
- Extensive understanding of the NIST Risk Management Framework (RMF) to include current experience in obtaining system accreditation using the NIST RMF.
- Extensive experience preparing recommended IA approval and supporting documents; understands systems engineering processes; and possesses extensive experience in Network Security Architecture.
- Extensive understanding of the DoD standards guiding the development of cybersecurity policy, requirements, integration, engineering, and certification and accreditation
- Strong communication and interpersonal skills
- Experience providing advice and guidance to management and technical personnel on critical cybersecurity technical matters relating to information and operational technology.
- Experience translating conceptual designs and complex mission requirements to implement new solutions or development projects.
- Knowledge of current data network and infrastructure technologies, topologies, security standards, and hardware and software solutions.
- Knowledge of the theory and techniques of project management as applied to IT systems.
Education
Education cannot be substituted for SE at the GS 14 grade level.
Additional information
The salary listed for this position represents the base salary. Applicants are encouraged to visit OPM.gov to find the specific locality pay adjustments that apply to their area. It's important for applicants to familiarize themselves with these adjustments as they can significantly affect the total compensation package offered for this position. For more detailed information regarding locality pay rates, please refer to the
Selected applicants may be eligible for up to 20% recruitment incentive. You will be required to sign a 2-year service agreement upon receipt of the recruitment incentive.
Memorandum for Record: Work performed outside assigned duties (that would not normally be documented on an SF-50, i. e., back-up duties), has to be documented in detail by an immediate supervisor in order to receive full credit for amount of time worked in that position. If no documentation is furnished no credit will be given for time worked in that position. The following notations must be specified in the documentation (Memorandum for Record):
- Percent of time worked in the particular position (cannot conflict with main duties)
- The month/year work began
- Frequency worked (i.e., daily, monthly, etc.)
- Specific duties performed
Key Words: Cybersecurity, Vulnerability Assessments, Security Monitoring, Incident Response, Security Assessment and Authorization, Monitor IT network traffic, Monitor IT systems, Penetration Testing, Intrusion Detection, Cybersecurity training, Risk Assessments, Security Posture, Security Solutions, NIST Risk Management Framework, Security Controls, Cybersecurity accreditation, Cybersecurity policy, Executive Order 14028