IT Cybersecurity Specialist (INFOSEC)

Summary

See below for important information regarding this job.

Additional vacancies may be filled from this announcement.

Duties

Help

• Support the Director of Cybersecurity and Chief Information Security Officer (CISO) within the Defense Contract Management Agency (DCMA), Information Technology Directorate (IT).
• Serve as the Offensive Cyber Operations (OCO) Analyst.
• Functions as the DoD Cyber workforce Vulnerability Assessment Analyst (VAA).
• Conduct full-scope penetration tests against a variety of targets, including network infrastructure, operating systems, applications, and cloud environments within the DCMA network boundary to identify exploitable vulnerabilities.
• Identify and analyze common web application vulnerabilities from the Open Worldwide Application Security Project (OWASP) such as SQL injection, Cross-Site Scripting (XSS), Broken Authentication, and insecure deserialization.
• Conduct and/or oversee internal and external penetration tests and vulnerability assessments, ensuring comprehensive coverage across DCMA's systems and applications.
• Conduct research into new attack techniques, vulnerabilities, and exploitation methods.

Requirements

Help

Conditions of employment

• Security Requirements: Non-Critical Sensitive with Secret Access
• Appointment is subject to the completion of a favorable suitability or fitness determination, where reciprocity cannot be applied; unfavorably adjudicated background checks will be grounds for removal.
• Selective Service Requirement: Males born after 12-31-59 must be registered or exempt from Selective Service.
• Position is subject to Drug test

Qualifications

To qualify for an IT Cybersecurity Specialist (INFOSEC), your resume and supporting documentation must support:

Specialized Experience: One year of specialized experience that equipped you with the competencies to successfully perform the duties of the position and is directly in, or related to, this position. To qualify for the NH-03 level, specialized experience must be at the NH-02 or GS-11 grade level or equivalent under other pay systems in the Federal service, military or private sector. Applicants must meet eligibility requirements including time-after-competitive appointment, minimum qualifications, and any other regulatory requirements by the cut-off/closing date of the announcement.

Creditable specialized experience includes:

• Expert knowledge of penetration testing methodologies, tools, and techniques across various domains (e.g., network, web application, cloud, mobile).
• Strong understanding of web application security vulnerabilities and common attack vectors (e.g., OWASP Top 10).
• Proficiency with various penetration platforms and testing tools such as Kali, Cobalt Strike, Sliver, Metasploit, Burp Suite, Acunetix, etc.
• In-depth knowledge of operating systems (Windows, Linux), network protocols (TCP/IP), and common security architectures.
• Experience with scripting languages (e.g., Python, PowerShell, Bash) for automating tasks and developing custom tools.

For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below.

1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Education

Substitution of education may not be used in lieu of specialized experience for this grade level.

Additional information

• This position does not meet criteria for appointment of Reemployed Annuitants. The DoD criteria for hiring Reemployed Annuitants can be found at: DoDI 1400.25-V300.
• Tour of Duty: Flexible
• FLSA: Exempt
• Bargaining Unit: No
• If selected for an interview, you may be required to provide your last three performance appraisals to the panel.
• Selectee may be required to serve a trial/probationary period.
• Must qualify as a DoD Cyber workforce Vulnerability Assessment Analyst (VAA) within 9 months of employment.

Expand Hide additional information

Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.

Benefits

Help

A career with the U.S. government provides employees with a comprehensive benefits package. As a federal employee, you and your family will have access to a range of benefits that are designed to make your federal career very rewarding. Opens in a new windowLearn more about federal benefits.

Review our benefits

Eligibility for benefits depends on the type of position you hold and whether your position is full-time, part-time or intermittent. Contact the hiring agency for more information on the specific benefits offered.