2021 CISA Private Networking Event

CISA Private Networking Event

Exclusive, invite-only

Hiring location: Arlington, VA

CISA is charged with leading the Nation’s strategic and unified work to strengthen the security, resilience, and workforce of the cyber ecosystem to protect critical services and American way of life. Within the Cybersecurity Division (CSD), CISA’s cyber professionals work to assure the security, resilience and reliability of the nation’s cyber systems. They also lead the effort to protect the federal “.gov” domain of civilian government networks and to collaborate with the private sector-the “.com” domain to increase the security of critical networks. Most recently, CISA was designated as a Quality Services Management Office (QSMO) for cybersecurity services.

At CISA, you will be working at the forefront of the cybersecurity challenges facing our Nation and you will have access to the most cutting-edge technology, and the mission has never been more important. Join the team that is Defending Today, Securing Tomorrow!

<br /> <a href="https://dhicareerevents.wufoo.com/forms/z2wzcxo0bihges/"><br /> Fill out my Wufoo form!<br /> </a><br />

IT Specialist (INFOSEC) – Project Manager

The office of Capacity Building (CB), Acquisition and Budget Branch within the Cybersecurity Division works to provide best-in-class cybersecurity services and guidance to enhance the cybersecurity posture of CISA’s customers and is seeking highly qualified professionals to fill a range of positions focused on acquisition and budget. CB’s Acquisition and Budget Branch has a mission to lead and improve the subdivisions within CB and its customer agencies by providing full lifecycle acquisition and budget support. These positions serve as advisors and provide procurement and budget advice, guidance, and assistance to the organization. Acquisition staff develop innovative short- and long-term acquisition strategies and help build shared services programs to support the entire [dot]gov and SLTT entities. These acquisition subject matter experts lead pre and post award contract management; manage and execute tool procurements/maintenance; manage vendor relationships and industry communications; perform budget formulation, execution and cost activities; and other key acquisition products and services. Additionally, staff in this branch are responsible for planning, organizing, and carrying out major, substantive budgets for significant IT program components.

Arlington, VA
Telework eligible
Multiple Positions Available

Skill Community: Cross Functional / Lifecycle Management

Work Roles:

IT Project Manager: This role directly manages information technology projects.
IT Investment / Portfolio Manager: This role manages a portfolio of IT investments that align with the overall needs of mission and enterprise priorities.

Category: Oversee and Govern

Specialty: Program/Project Management and Acquisition

Successful candidates must be detail-oriented and able to quickly work to understand the many facets of Capacity Building, talk knowledgeably about acquisition and budget processes across Capacity Building subdivisions, take the initiative to support Contracting Officer’s Representatives (CORs) and/or serve as CORs in daily duties, own one or multiple projects, and develop quality documents.

Duties:

Provide government oversight, review, and approval of contract deliverables, and ensure contract payments are made in a timely and proper manner.
Monitor and manage contract operations and performance by ensuring contractors deliver high-quality solutions on time.
Provide procurement guidance to program directors.
Define and manage information technology (IT) and/or cybersecurity related programs and/or projects.
Lead, coordinate, communicate, integrate, and is accountable for the overall success of the program, ensuring alignment with agency or enterprise priorities.
Apply knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to manage acquisition programs.
Consult with customers to evaluate functional requirements and translate functional requirements into technical solutions.
Collaborate with stakeholders to establish the enterprise continuity of operations program, strategy, and mission assurance.
Develop and maintain cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.

Basic Qualifications:

All candidates applying for a cybersecurity position must possess demonstrated experience that speaks to the following four required competencies.

Attention to Detail
Customer Service
Oral Communication
Problem Solving

Required Knowledge/Experience:

Knowledge of various types of IT contracts, techniques for IT contracting or procurement, and contract negotiation and administration
Experience with IT acquisition project and program management
Experience with IT acquisition/budget projects which are large and complex

Preferred Skills and Additional Info:

Knowledge and handling of project and program management methodology and techniques
Knowledge of budgeting and resource allocation procedures
Experience reviewing proposed new systems, networks, and software designs for potential security risks.
Ability to support the customer engagement, requirements identification, design and/or implementation of proposed risk mitigation solutions in alignment with security protocols and technical standards.
Experience assessing IT system security tools, plans, techniques, and/or processes to reduce risks associated with IT system vulnerabilities.
Experience developing, coordinating, and implementing IT system security policy, mitigation guidance, technical analysis, and/or strategic plans to reduce system or network risk.
Experience engaging with internal and external partners to identify IT system deficiencies and security requirements.
Understanding of the wider objectives and organization strategic priorities
Ability to work positively with a range of individuals involved in the agency
Ability to find innovative ways to resolve problems

Preferred Certifications:

COR Level III
Cost Certification
Financial Management Certification

The Fine Print:

Location: Arlington, VA
Division: Cybersecurity Division (CSD), Capacity Building, Acquisition and Budget Branch
Official Title: IT Specialist (INFOSEC)
View the Official Job Announcement for Further Details: USAJOBS – Job Announcement

All selected candidates must be able to successfully pass a background investigation and drug test. US Citizenship is required. CISA is an Equal Opportunity Employer.

IT Specialist (INFOSEC) – Vulnerability Assessment

Skill Community: Cybersecurity

Cyber Work Role: Vulnerability Assessment Analyst

Category: Protect and Defend

Specialty: Capacity Building

This role performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Measures effectiveness of defense-in-depth architecture against known vulnerabilities.

Duties:

Provide Technical SME expertise to multiple program activities including the development of Shares Services Standards, Development of Technical guidance documents, Customer requested technical review and recommendations for improving cybersecurity posture.
Lead Technical teams in development of standards, guidance development, technical reviews, and cybersecurity capability evaluations for customer systems and enterprises.
Represent the organization when dealing with customer agencies.

Basic Qualifications:

All candidates applying for a cybersecurity position must possess demonstrated experience that speaks to the following four required competencies.

Attention to Detail
Customer Service
Oral Communication
Problem Solving

Preferred Skills and Additional Info:

Working knowledge and experience facilitating the Systems Engineering Life Cycle gates and documentation.
Working knowledge of the risk management framework (NIST 800-37 r2)
Working knowledge of implementing security categorization (FIPS Pub 199)
Working knowledge of requirements management
Hands on experience with IT security technologies / tools
Hands on experience with IT infrastructure (Layer 2/3 networking technologies, client/server, cloud)
Knowledge of project management methodologies and techniques

The Fine Print:

Location: Arlington, VA
Division: Cybersecurity Division, Capacity Building, Enterprise Implementation Branch
Official Title: IT Specialist (INFOSEC)
View the Official Job Announcement for Further Details: USAJOBS – Job Announcement

Chief, Threat Branch

Skill Community: Intel (Cyber)

Cyber Work Role: All Source Analyst

Category: Analyze

Specialty: All-Source Analysis

This role analyzes data/information from one or multiple sources to conduct preparation of the environment, respond to requests for information, and submit intelligence collection and production requirements in support of planning and operations.

Duties:

Lead, coordinate, communicate, integrate, and is accountable for the overall success of the program, ensuring alignment with agency or enterprise priorities.
Directly manage information technology projects.
Provides technical and administrative supervision to a staff of analysts.
Executes duties governing hardware, software, and information system acquisition programs and other program management policies.
Provides direct support for acquisitions that use information technology, applying IT related policies, and providers related guidance the total acquisition life cycle.
Uses defensive measures and information to collect from a variety of sources to identify, analyze, and report events that occur or might occur within the network.
Develops and maintains cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.

Basic Qualifications:

All candidates applying for a cybersecurity position must possess demonstrated experience that speaks to the following four required competencies.

Attention to Detail
Customer Service
Oral Communication
Problem Solving

Preferred Skills and Additional Info:

Experience identifying vulnerabilities or areas of weakness which pose a threat and developing security controls to detect or prevent exploitation
Working knowledge of TCP/IP, simple DNS, vulnerabilities, exploits and malware
Demonstrated understanding of IT Policy and Compliance frameworks i.e. FISMA, NIST
Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.

The Fine Print:

Location: Arlington, VA
Division: Cybersecurity Division, Threat Hunting, Threat Branch
Official Title: Supervisory IT Specialist (INFOSEC)
View full details via the official job announcement: USAJOBS – Job Announcement

Assessment Development Engineer

Skill Community: Cybersecurity

Cyber Work Role:Vulnerability Assessment Analyst

Category: Protect and Defend

Specialty: Vulnerability Assessment and Management

Duties:

Decomposing project requirements into quality metrics and test techniques to assess compliance
Analyzing the validity of technology trend data
Implementing the organization’s core business mission processes
Leveraging techniques for prioritizing vulnerabilities mitigation and disclosure

Basic Qualifications:

All candidates applying for a cybersecurity position must possess demonstrated experience that speaks to the following four required competencies.

Attention to Detail
Customer Service
Oral Communication
Problem Solving

Preferred Skills and Additional Info:

Expert knowledge of cybersecurity fundamentals and risk assessment methods
Expert knowledge of quality control and measurement techniques
Expert knowledge of data management
Ability to convey complex systems descriptions into simple terms
Ability to form effective teams and lead group discussions

The Fine Print:

Location: Arlington, VA
Division: Cybersecurity Division (CSD), Vulnerability Management, Methodology Branch
Official Title: IT Specialist (INFOSEC)
View the Official Job Announcement for Further Details: USAJOBS – Job Announcement

IT Specialist (INFOSEC) - Vulnerability Assessment Analyst

IT Specialist (INFOSEC) – Vulnerability Assessment Analyst

Skill Community: Cybersecurity

Cyber Work Role: Vulnerability Assessment Analyst

Category: Protect and Defend

Specialty: Vulnerability Assessment and Management

This position is primarily responsible for conducting threat emulation activities against an organization, in order to assess its detection and response capabilities. The Operator will work within a team to covertly gain access and take actions necessary to reach the assessment objectives. The intrusion process and recommended mitigations are documented within a final report, which is briefed to stakeholder leadership and cybersecurity operations teams.

Duties:

Conduct target research, analysis, and detailed reconnaissance.
Conduct and support red team assessments on enterprise network assets, obtaining undetected access.
Mimic threat behaviors and social engineering techniques in order to penetrate enterprise network assets and exploit targets.
Prepare reports that identify technical and procedural findings, and, provide recommended remediation strategies/solutions.
Remain abreast of the state of the practice and state of the art tactics, techniques, and procedures (TTPs).
Document lessons learned and techniques followed for future implementation and application.

Basic Qualifications:

All candidates applying for a cybersecurity position must possess demonstrated experience that speaks to the following four required competencies.

Attention to Detail
Customer Service
Oral Communication
Problem Solving

Required Knowledge/Experience:

Considerable experience with programming in Ruby, JAVA, and/or PowerShell, security operation development concepts, and using physical and network-based threat methodologies
Experience with: server operating systems, workstation operating systems, or networking (switchingand routing equipment)
Considerable experience performing systems administrator tasks and activities as well as utilizing hardware/software threat methodologies
Experience performing penetration testing and red team assessments

Preferred Education and Certifications:

4-year college degree or equivalent experience in computer science, software engineering, information/cybersecurity, or related field
Offensive Security Certified Professional (OSCP) Certification
Certified Red Team Operations Professional (CRTOP)
SANS Penetration Type Certifications

The Fine Print:

Location: Arlington, VA
Division: Cybersecurity Division (CSD), Vulnerability Management, Assessments Branch
Official Title:IT Specialist (INFOSEC)
View the Official Job Announcement for Further Details: USAJOBS – Job Announcement