Summary This position is located in the Department of Technology Services, Information Technology Security Office (ITSO), Security Mission Integration. ITSO manages the Judiciary's IT security program, oversees the security operations of Judiciary IT assets and environments, proposes national IT security policies and develops guidelines for their implementation, and establishes and maintains collaborative relationships within the Judiciary and with third-party partners. Responsibilities The Information Technology Specialist (Security) functions as a Cybersecurity Data Analyst and is responsible for writing complex cybersecurity queries to aggregate, analyze, correlate, interpret, and visualize data at scale supporting a complete cybersecurity risk management profile. The incumbent implements processes and procedures which provide lifecycle data quality assurance and gap analysis for coverage across the cybersecurity framework. This position reports to the Security Data Analytics Branch Chief. The ideal candidate has strong technical cybersecurity expertise and a proven track record of extracting insights from high volume security data, including experience identifying, collecting, and reporting on key performance metrics at scale to enable data-driven decision making and improve the organization's cybersecurity posture. Duties include, but are not limited to: Writing complex queries of cybersecurity data within a SIEM to aggregate, analyze, correlate, interpret, and visualize data uncovering anomalies, trends, patterns, and precursors to potential incidents using the native query language of the SIEM. Conducting gap analyses to determine the coverage of existing cybersecurity data sources to cybersecurity frameworks. Applying advanced data analytics methodologies to gain insights into the Judiciary's cybersecurity risk posture and maturity. Preparing datasets for use in machine learning models. Analyzing complex data sources; identifying and resolving data quality, completeness, and accuracy issues; and providing valid and complete data. Monitoring and assessing cybersecurity data pipelines over time. Identifying, mapping, and establishing data sources relevant to cybersecurity key performance indicators and metrics which measure cybersecurity risk and maturity. Creating data visualizations and reports to communicate findings and insights to technical and non-technical audiences. Requirements Conditions of Employment CONDITIONS OF EMPLOYMENT All information is subject to verification. Applicants are advised that false answers or omissions of information on application materials or inability to meet the following conditions may be grounds for non-selection, withdrawal of an offer of employment, or dismissal after being employed. Selection for this position is contingent upon completion of OF-306, Declaration of Federal Employment during the pre-employment process and proof of U.S. citizenship for competitive status positions or conversion to a competitive status position with the AO. If non-citizens are considered for hire into a temporary or any other position with non-competitive status or when it is confirmed by the AO Human Resources Office there are no qualified U.S. citizens for a competitive status position (unless prohibited by a law or statue), non-citizens must provide proof of authorization to work in the U.S. and proof of entitlement to receive compensation. Additional information on the employment of non-citizens can be found at USAJOBS Help Center | Employment of non-citizens/. For a list of documents that may be used to provide proof of citizenship or authorization to work in the United States, please refer to Form I-9, Employment Eligibility Verification. All new AO employees will be required to complete an FBI fingerprint-based national criminal database and records check and pass a public trust suitability check. New employees to the AO will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights/responsibilities, visit https://www.e-verify.gov/. All new AO employees are required to identify a financial institution for direct deposit of pay before appointment. You will be required to serve a trial period if selected for a first-time appointment to the Federal government, transferring from another Federal agency, or serving as a first-time supervisor. Failure to successfully complete the trial period may result in termination of employment. If appointed to a temporary position, management may have the discretion of converting the position to permanent depending upon funding and staffing allocation. Qualifications Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. 1. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. 2. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. 3. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. 4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Specialized Experience: Applicants must have at least one year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience in ALL of the following: Writing complex queries using cybersecurity data at scale within a SIEM; transforming and interpreting this data; and using advanced quantitative analytical methodologies in the analysis of this data. Managing data quality, including identifying missing values, duplicates, and outliers; performing root cause analysis; validating data; documenting date lineage and definitions; and developing data standards. Developing key performance indicators and lifecycle metrics management providing a complete cybersecurity risk profile Aggregating, collecting, organizing, disseminating information with a high degree of attention to detail and accuracy. Developing visualizations communicating complex statistical analysis to both technical and non-technical audiences. ALL SKILLS YOU DISCUSS IN YOUR RESPONSE MUST BE IDENTIFIED WITHIN SPECIFIC WORK EXPERIENCE ON YOUR RESUME. Desired, but not required: Applicants with one or more of the following certifications or skills are highly desired: Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) Certified Information Systems Auditor (CISA) Certified Data Management Professional (CDMP) Fluent in SPL, Python or R data query languages Experience in cybersecurity incident response Performing data analysis of Governance, Risk and Compliance data Performing data analysis in the Cyber Supply Chain Risk Management and Privacy data domains ALL SKILLS YOU DISCUSS IN YOUR RESPONSE MUST BE IDENTIFIED WITHIN SPECIFIC WORK EXPERIENCE ON YOUR RESUME. This position does not require education to qualify, however, the ideal candidate for this position will have a bachelor's degree in a related field (e.g., information technology, cybersecurity, data science, computer science, mathematics, statistics) or two years (104 weeks) of specialized experience. Education This position does not require education to qualify. Additional Information The AO is an Equal Opportunity Employer.
