Cybersecurity Senior Specialist #5346

Required Work Experience

• Five to seven years of progressively responsible experience within a Certified Information Systems Security  Professional (CISSP)-type environment. 

Skills and Abilities

• Determining how a cybersecurity system should work.
• Preserving evidence integrity according to relevant standards.
• Using incident handling methodologies.
• Troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
• Assessing security controls based on cybersecurity principles and tenets.
• Conducting investigations and developing comprehensive reports.
• Evaluating the adequacy of security designs.
• Tuning sensors.
• Using protocol analyzers.
• Collecting data from a variety of cyber defense resources.
• Securing network communications.
• Recognizing and categorizing types of vulnerabilities and associated attacks.
• Protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
• Sourcing data used in intelligence, assessment and/or planning products.
• Applying cybersecurity and privacy principles to organizational requirements.
• Designing incident response for cloud service models.
• Applying techniques for detecting host and network-based intrusions.
• Interpreting network tool information.

Desired Qualifications 

• Knowledge of cybersecurity and privacy principles.
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of authentication, authorization, and access control methods.
• Knowledge of vulnerability information dissemination sources.                                                                 
• Knowledge of incident categories, incident responses, and timelines for responses.
• Knowledge of intrusion detection methodologies and techniques.
• Knowledge of network attacks.
• Knowledge of insider threat investigations, reporting, investigative tools, and laws/regulations.
• Knowledge of adversary tactics, techniques, and procedures.
• Knowledge of collection management processes, capabilities, and limitations.
• Knowledge of types of cyber-attacks and attack stages.
• Knowledge of applicable laws and statutes.
• Knowledge of encryption methodologies.
• Knowledge of signature implementation impact for viruses, malware, and attacks.
• Knowledge of cloud service models.
• Knowledge of malware analysis concepts and methodologies.
• Knowledge of packet-level analysis using appropriate tools.
• Knowledge of penetration testing principles, tools, and techniques.
• Knowledge of intrusion detection and prevention system tools and applications.

As part of our hiring process, we may conduct a skills assessment to better understand an applicant’s proficiency in key areas relevant to the role. 

Working Conditions

• Sedentary.
• To meet the needs of the US Senate, the person in this position will be required to work extended hours, outside normal business hours, which includes but may not be limited to holidays and weekends, as necessary
• To meet the needs of the US Senate, the person in this position will be required to be on call, or report on-site on a rotation, as needed by SAA.

Security Clearance

• This position requires that the applicant obtain and maintain a Secret U.S. Government security clearance.
• Applicants must be U.S. citizens in order for the SAA to submit your application for a security clearance.

Continuous Learning & Development

We believe in nurturing talent. With access to advanced training modules, workshops, and seminars, your growth journey is our top priority.