Organization

U.S. Army Cyber Command

Duty Location

FORT MEADE, ANNE ARUNDEL, MD

Major Duties

- Serve as Host Analyst on a U.S. Army Cyber Protection Team, Use knowledge of Operating Systems security monitoring to enable cyber security operations.
- Uses knowledge multiple operating systems to monitor physical and logical devices, such as host machines, servers, virtual machines and IDS/ IPS.
- Provide written and oral reports to leadership and stakeholders for recommendations on hardening and clearing best practices.
- Develop countermeasures, threat/vulnerability analysis of Army and partner systems.
- Hunt for adversary presence on assigned host infrastructure.

Qualifications/ Specialized Experience

Required to obtain Joint Qualification Record (JQR) in a Cyber Workforce Work role
To qualify, you must meet the experience and education requirements described below. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student; social). You will receive credit for all qualifying experience, including volunteer experience. Your resume must clearly describe your relevant experience; if qualifying based on education, your transcripts will be required as part of your application.
GG-07: Specialized experience would be demonstrated by assisting in performing surveys and evaluates network traffic to identify baselines, trends, anomalous traffic, and potential malicious cyberspace activities; assisting in incident response process and threat mitigation and development of mitigations and threat counter measures.
OR
Education: One full year of graduate level education from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, cybersecurity or technology management; or, graduate level education from an accredited or pre-accredited institution that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks.
OR
Superior Academic Achievement: Successful completion of all the requirements for a bachelor's degree (or will have completed no later than
May 2024) from an accredited or pre- accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, cybersecurity or technology management with Superior Academic Achievement; or, bachelor's degree from an accredited or pre-accredited institution that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation.
(1) Class Standing - You must be in the upper third of the graduating class in the college, university, or major subdivision, such as the College of Liberal Arts or the School of Business Administration, based on completed courses; OR (2) Grade-Point Average (G.P.A.) - You must have a grade-point average of either (a) 3.0 or higher out of a possible 4.0 ("B" or better) as recorded on your official transcript, or as computed based on 4 years of education, or as computed based on courses completed during the final 2 years of the curriculum; or (b) 3.5 or higher out of a possible 4.0 ("B+" or better) based on the average of the required courses completed in the major field or the required courses in the major field completed during the final 2 years of the curriculum.; OR (3) Honor Society Membership - You may be considered eligible based on membership in one of the approved national scholastic honor societies listed by the Association of College Honor Societies (https://www.achsnatl.org. NOTE: Grade point averages will be rounded to one decimal point. For example, 2.95 will round to 3.0, and 2.94 will round to 2.9. NOTE: If more than 10 percent of your undergraduate course work (credit hours) was taken on a pass/fail or similar basis, your S.A.A. claim must be based on class standing or membership in an honor society and you must provide evidence of your class standing or honor society membership with your application.
GG-09: Specialized experience would be demonstrated by updating security patches in compliance with Cybersecurity policy/ regulations; collecting information from customers to be used in the restoration of network services.
OR
Education: Master's or equivalent graduate degree or 2 full years of progressively higher level graduate education leading to such a degree from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management; or, two full years of graduate education from an accredited or pre-accredited institution that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks.
GG-11: Specialized experience would be demonstrated by detecting anomalies in host data; monitoring enterprise tools for potential intrusions; mitigating threats by keeping tools up to date with the latest approved system and security releases.
OR
Education: Ph.D. or equivalent doctoral degree or 3 full years of progressively higher level graduate education leading to such a degree from an accredited or pre-accredited institution in computer science, engineering, information science, information systems management, mathematics, operations research, statistics, or technology management; or, three full years of graduate education from an accredited or pre-accredited institution that provided a minimum of 24 semester hours in one or more of the fields identified above and required the development or adaptation of applications, systems, or networks.
GG-12: Specialized experience would be demonstrated by installing, operating, maintaining, configuring, testing, and/or securing hardware and software-based operating System (OS) environments (for example Microsoft Windows and Linux); analyzing network or host data and devices to recognize anomalous behavior/artifacts; determining the stage(s) of an intrusion (for example using network and/or host artifacts, along with possible use of software, to determine what stage of the cyber kill chain that a potential adversary is in); and creating threat reporting and/or briefing based on analysis.

Basic Requirements: The specialized experience must include, or be supplemented by, information technology related experience (paid or unpaid experience and/or completion of specific, intensive training, as appropriate) which demonstrates each of the four competencies, as defined:

(1) Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Examples of IT-related experience demonstrating this competency include: completing work independently that rarely requires editing or review by others.
(2) Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Examples of IT-related experience demonstrating this competency include: resolving simple and routine problems, questions, or complaints and providing support and guidance to customers on non-routine issues; serving as a primary resource for customers, requesting assistance with complex issues when necessary; and participating in meetings and providing advice to customers in own area of expertise.
(3) Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Examples of IT-related experience demonstrating this competency include: expressing facts and ideas in a clear, concise, convincing, and organized manner; clearly conveying moderately complex ideas, concepts, and information to customers; exhibiting active listening by demonstrating understanding of audience comments and/or questions.
(4) Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Examples of IT-related experience demonstrating this competency include: identifying and solving problems by gathering and applying information from a variety of materials or sources that provide several alternatives; recognizing and taking action to address non-routine problems; soliciting feedback from multiple stakeholders to understand an issue or problem and accurately assess its root causes and potential solutions; seeking supervisory review where appropriate.

Conditions of Employment

- Must be able to obtain and maintain TOP SECRET eligibility with access to Sensitive Compartmented Information (SCI).
- Three-year probationary period may be required.
- This position is classified as IT access level IT-I (Privileged User) and Sensitivity Matrix for TS/SCI is Special sensitive, Tier 5.
- Must successfully pass urinalysis screening for illegal drug use prior to appointment and periodically thereafter according to AR 600-85, Alcohol and Drug Abuse Prevention and Control Program.
- May be required to successfully complete an initial and periodic Counter Intelligence-scope Polygraph (CI Poly) examination with No Deception Indicated (NDI).
- Personnel assigned to work in an NSA facility must be able to obtain and maintain access to NSA facilities and networks.
- Duties of this position may entail alternative work schedules (AWS) such as variable or MAXIFLEX, including extended shifts; 24/7 rotating shifts, nights, weekends, and/or and holidays as required. The employee is subject to recall for urgent situations; and/or working extended overtime in response to surge situations.
- Temporary duty travel (TDY) may be required up to 30% annually and be CONUS or OCONUS. All Team employees are subject to extended TDY during crisis situations to perform mission essential functions as determined by management, which may include deployment, immunizations, passport, and related requirements. TDY may occur at austere or hazardous locations mission dependent.
- May be required to carry a cellular telephone/Portable Electronic Device (PED) and maintain a working personal telephone at all times.
- Employee is required to successfully complete all applicable preparation courses (i.e. Cyber Core Prep (CCP)), USCYBERCOM Cyber Mission Forces
(CMF) Training Pipeline and comply with the CMF training certification policy to obtain and maintain Army Job Qualification Record (JQR) Validation and Certification.
- This position is designated as IAT II for IA/cybersecurity certification. Employee must obtain and maintain appropriate certification compliance IAW Cyber Workforce Management Program (DoD Directive 8140.01 and DoD 8570.01-m) within six months of assignment to this position.
- Position is subject to situational or ad hoc telework. Telework agreement required.
- This position has been designated mission essential. Employee may be required to remain on duty or report for duty during severe weather or other installation closings. May be required to work overtime and other than normal duty hours which may include evenings, weekends, and/or holidays. Call back and emergency duty are regular requirements of this position.

Additional Information

Relocation Expenses (PCS) Expenses: May Be Authorized
Recruitment / Relocation
Incentive: May Be Authorized
Appointment Type / Service: Excepted /
Permanent Work Schedule: Full Time
Promotion Potential: Career Ladder from GG-07 to GG-12
Security Clearance / Position Sensitivity: Top Secret / SCI / Special Sensitive Drug Testing: Yes
Male applicants born after December 31, 1959, must complete a Pre-Employment Certification Statement for
Selective Service Registration.
You will be required to provide proof of U.S. Citizenship.
Salary includes applicable locality pay or local market supplement. This position is not eligible for Targeted Local Market Supplement (TLMS)
Multiple positions may be filled from this announcement

Statement of Excepted Service- This position is a DoD Cyber Excepted Service (CES) personnel system position in the Excepted Service under 10 U.S.C. 1599f.

--------------------------------------------------------------------------------------------------------------------

Required Documents- 1. Your resume: Your resume may be submitted in any format and must support the specialized experience described in this announcement. If your resume includes a photograph or other inappropriate material or content, you may not be considered for this vacancy. For qualifications determinations your resume must contain hours worked per week and the dates of employment (i.e., HRS per week and month/year to month/year or month/year to present). If your resume does not contain this information, you may not receive consideration for this position. 2. Other supporting documents: Transcripts (if using education to qualify), SF50, DD214, Veteran’s Administration letter with disability rating. Proof of Eligibility to Apply: Your application must include the documents which prove you are eligible to apply for the vacancy.

--------------------------------------------------------------------------------------------------------------------

CES Veteran's Preference- DoD Components with CES positions apply Veterans’ Preference to preference eligible candidates, as defined by Section 2108 of Title 5 U.S.C, in accordance with the procedures provided in DoD Instruction 1400.25, Volume 3005, “CES Employment and Placement.” If you are a veteran claiming veterans' preference, as defined by Section 2108 of Title 5 U.S.C., you must submit documents verifying your eligibility with your application package.

--------------------------------------------------------------------------------------------------------------------

Equal Opportunity Employer - The United States government does not discriminate in employment based on race, color, religion, sex (including pregnancy and gender identity), national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service or other non-merit factor.

--------------------------------------------------------------------------------------------------------------------

U.S. Army Cyber Command (ARCYBER) is the supporting Army headquarters under United States Cyber Command. ARCYBER is the U.S. Military's premiere data-centric force informing and enabling Army and Joint Force Commanders to achive Information Advantage throughout the spectrum of competition in a highly-contested, multi-domain environment. We operate and defend Army networks and deliver cyberspace effects against adversaries to defend the nation with over 16,500 Soldiers, civilians, and contractors working 24/7 across the globe.