Protective Security Operations Specialist #5437

Target Hiring Range: $99,518-$112,000

Department: Office of Security, Emergency Preparedness, and Continuity

Posting Date Range: 11/21/2024-12/5/2024

Pay Grade Range: $99518-$168496

Work Hours: 8:30am-5:30pm

FLSA Status: Exempt

Remote Work Status: Hybrid

Hybrid Schedule: Ad hoc telework authorized based upon mission requirements and Senate session status.

All remote or hybrid work arrangements must be performed from within the continental United States, subject to Sergeant at Arms approval.

This vacancy announcement closes at 7pm EST. Late applications will not be accepted.

JOB OVERVIEW

The United States Senate Sergeant at Arms is looking for a Protective Services Operations Specialist (PSOS) to join its Member Outreach and Security Coordination (MOSC) team. This position serves as a liaison between Senate offices, the United States Capitol Police, and other law enforcement entities, by coordinating security services tailored to the needs of each Senator. The PSOS will work as part of a collaborative team to deliver timely, high quality support with a focus on exceptional customer service. Additionally, the MOSC team supports a variety of in-person events both on and off of Capitol Hill, making each day unique. Candidates with previous law enforcement and/or dignitary protection experience are desired.

• Engages in proactive threat discovery through research and analysis of security-related material in order to maintain situational awareness of adverse information, and to identify threat content against Senators, their families, staff, and associated locations.
• Reports on security risks/concerns/persons of interest involving possible or actual threats to Senate Members, staff, the Capitol, and/or offices, and provides regular updates and applicable advice regarding these incidents.
• Implements outreach efforts, security assessment initiatives, and law enforcement coordination to ensure Senators and their Chiefs of Staff receive the necessary guidance, tools, and support when planning and attending public events as well as conducting outside travel.
• Reviews publicly available information and conducts open-source research to identify trends, patterns, and relationships that provide insights into threat and security issues.
• Other duties as assigned.

Required Education

• Bachelor’s Degree.

Required Work Experience

• 5 years.

Required Special Skills/ Knowledge

• Knowledge of, or ability to learn, protective intelligence analysis, vulnerability assessment, threat analysis and security assessment processes.
• Knowledge of, or ability to learn, principles and current planning methods for continuity and recovery operations, and emergency management.
• Ability to conduct open-source searches.
• Familiarity with commercially available open-source software.
• Ability to develop effective working relationships with Senate staff and senior government officials.
• Ability to organize and coordinate resources to achieve organizational goals and objectives.
• Ability to work independently.
• Ability to proficiently write executive summaries of threat and intelligence information.
• Ability to exercise tact and discretion with others regarding sensitive and confidential issues.
• Ability to analyze difficult and complex issues and make recommendations for action.
• Ability to conduct research and prepare analyses and reports.

As part of our hiring process, we may conduct a skills assessment to better understand an applicant’s proficiency in key areas relevant to the role.

Working Conditions

• Since this position requires onsite presence in support of the U.S. Senate when in session, this position requires the employee to be available and prepared to work during government shutdowns, in inclement weather, on holidays, and during late night, overnight, and weekend sessions. In the context of government furloughs, this position is considered excepted.
• This position directly supports essential services of the U.S. Senate. As such, this position requires the employee be available and prepared to work during government shutdowns, in inclement weather, on holidays, weekends, and during late nights to ensure essential services to the Senate continue without interruption. In the context of government furloughs, this position is considered excepted.
• Sedentary (carrying items less than 25 pounds).

Security Clearance

• This position requires that the applicant obtain and maintain a Top Secret/Sensitive Compartmented Information (TS/SCI) U.S. Government security clearance.
• Applicants must be U.S. citizens in order for the SAA to submit your application for a security clearance.

CONDITIONS OF EMPLOYMENT

To be employed by a Senate employing office in a paid position in the continental United States an individual must:

1. Be a U.S. citizen;
2. Be lawfully admitted for permanent residence and seeking citizenship as outlined in 8 U.S.C. § 1324b(a)(3)(B);
3. Be (i) admitted as a refugee under 8 U.S.C. § 1157 or granted asylum under 8 U.S.C. § 1158 and (ii) have filed a declaration of intention to become a lawful permanent resident and then a citizen when eligible; or
4. Owe allegiance to the U.S. (i.e., qualify as a non-citizen U.S. national under federal law).

Employment is contingent on background / security investigation results.

BENEFITS AT-A-GLANCE

The SAA provides a highly competitive benefits package for all SAA staff. Our benefits extend beyond health care coverage to help provide employees with student loan reimbursement, professional development, transportation subsidy, TSP/retirement savings, access to our Employee Assistance Program, and more! For more information regarding SAA's benefits, please visit https://sen.gov/OPPW.

ACCOMMODATIONS

As an Equal Opportunity Employer, the SAA is committed to providing reasonable accommodations to applicants with disabilities. If you are interested in applying for employment with SAA and need special assistance or an accommodation to complete the application process, please submit your request to employment@saa.senate.gov email with “Accommodation” in the subject line.

VOLUNTARY SELF-IDENTIFICATION FOR VETERANS' PREFERENCE

If you are identifying as veterans' preference eligible under the VEOA, please use this link to complete your application for Veterans' Preference AFTER you apply for this position. The link will also be available on the "Thank You" page after you have submitted your job application.

Candidates only need to apply one time for veterans’ preference to be considered for all future veterans’ preference positions within the Senate Sergeant at Arms.

• All supporting documents must ONLY be provided within the Veterans’ Preference Application and within the stated deadline of the job announcement.
• Late applications for veterans’ preference will not be considered.
• Documentation to obtain veterans’ preference will not be considered if attached to the job application.
• If you need to revise or resubmit your Application for Veterans' Preference/documents, please withdraw your previous Application for Veterans' Preference and resubmit. If you require assistance, please email employment@saa.senate.gov.
• To view additional information regarding the VEOA, please click here.

An applicant who declines to self-identify as a disabled veteran and/or to provide information and documentation regarding his/her disabled veteran’s status will not be subjected to an adverse employment action, but the individual may be ruled ineligible for veterans’ preference.

Job Description

Firewall Engineer (F5)<br/><br/>W2 ONLY- NO C2C<br/><br/>Location: Charlotte, NC <br/>Duration: 12-months <br/>Contract: Hybrid <br/>Pay rate: $85/hr

NA

Basic/Required Qualifications:

• Bachelor’s degree preferably in Cybersecurity, Information Security, Computer Science, Management information Systems, or other closely related degree with high level understanding of network and application security and information systems, or equivalent experience.
• 4+ years of experience in Cybersecurity fields, or roles focused on cybersecurity or IT functions
• In lieu of Bachelor’s degree(s) AND four (4) years minimum related work experience listed above,
• 6+ years Cybersecurity and/or IT-related experience; military information security and/or system administration role

Desired Qualifications:

• 4+ years of Cybersecurity experience in a security operations center with strong understanding of Cybersecurity frameworks, incident and security event management, and endpoint security / antivirus products
• Engineering, support, and deployment experience in Endpoint Detection and Response (EDR), preferably with Carbon Black EDR
• Motivated self-starter with strong written and verbal communication skills, and the ability to create complex technical reports on analytic findings and provide briefings to various levels of staff / management.
• Ability to work in high pressure situations and within a team environment.
• Experience with writing and editing technical documentation and operational procedures.
• Demonstrated effective problem solving & analytical skills
• Knowledge of network monitoring, analysis, troubleshooting, and configuration control technologies
• General networking understanding and/or experience to include Understanding of TCP/IP communications & knowledge of how common protocols and applications work at the network level, including DNS, HTTP, and SMB
• Windows and UNIX/Linux command line scripting experience and programming experience.
• Demonstrated understanding of the life cycle of cybersecurity threats and tools used to mitigate risk.
• Demonstrated Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
• Experience with the maintenance, configuration and operation of Cybersecurity tools related to both on premise and cloud environment, mainly on premise
• Experience with forensics and malware analysis concepts and methods.
• Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
• Possession of multiple industry standard certifications such as SANS GIAC/GCIA/GCIH/GCFA, CISSP, CISA, CISM, etc. or other network / system security certifications.
• Familiar with Energy Delivery, Energy Management & Process Controls business functions.
• Experience with NERC CIP or other regulatory compliance frameworks
• Understanding of Operational Technology (OT) environments supporting ICS and SCADA systems
• Strong understanding of Cybersecurity frameworks
• Understanding of cybersecurity standards such as NIST CSF, NIST 800-53r5, NIST 800-82r2, ISA/IEC 62443, and ISO 27001
• Familiarity or experience with the Cyber Kill Chain® methodology and MITRE ATT&CK framework
• Innovative – ability to recognize and seek improvement and efficiency opportunities

"Beware of scams. S3 never asks for money during its onboarding process."

Summary

The Information Security Risk Lead is responsible for the oversight and execution of the company’s Information Security function, as it relates to the design, development, implementation, and monitoring of the Information Security Risk Management program. Additionally, this role will lead the maturation and evolution of the risk management tools and methods, as well as ensuring comprehensive reporting of all security risks. The Information Security Risk Lead will work across the security team to promote awareness of the risk management program and desired risk culture. The position requires a diverse background to understand a variety of systems, including new technologies and legacy systems considered business critical.

• Lead the execution and maturation of the information security risk management program
• Perform targeted risk assessments to identify and report on strengths and weaknesses in the program as they relate to privacy, security, business resiliency and compliance frameworks
• Manage and oversee the implementation and maintenance of an Enterprise GRC tool
• Work effectively with leads across the Information Security team to assist with identifying, measuring, and planning remedial action plans for information security risks
• Document and maintain workflows and design documents and procedures to identify gaps in risk posture and risk acceptability based on controls
• Create and present risk posture and recommendations to Information Security leadership
• Perform ad-hoc assessments, analysis, and reports as needed to support the team’s needs
• Foster and maintain good relationships with business partners and colleagues to meet expected service levels.
• Research and recommend new tools and technologies to gain efficiencies and enable functionalities.
• Deliver schedule milestones on-time to ensure project/program objectives are met.
• Performs other duties as assigned.

Required Qualifications

• Bachelor's degree required in Information Security, Information Technology, Management Information Systems
• Seven (7) years or more experience with technology risks and controls and deploying information governance, information technology risk management, compliance, information security, or privacy programs
• Seven (7) years or more experience with cybersecurity and information security program management and frameworks (e.g. NIST CSF, ISO/IEC 27000, etc.)
• Exposure to and familiarity with relevant standards such as ISO/IEC 27000 family - Information Security Management Systems, NIST Cybersecurity Framework, NIST 800, and applicable laws related to regulatory compliance, information security and privacy (e.g. SOX, HIPAA, GDPR, PCI-DSS) intermediate
• Knowledge of information security risk management and IT controls frameworks and methodologies (e.g. ISO/IEC 27005, COBIT, OCTAVE) intermediate
• Knowledge of Risk Management Principles (risk avoidance, transfer, mitigation, acceptance), Risk Assessment process intermediate
• Knowledge of Cloud Security - Cloud Control Matrix (CCM), Consensus Assessment Questionnaire (CAIQ) intermediate

Preferred Qualifications

• Master's degree preferred Information Security, Information Technology, Management Information Systems
• Knowledge of Common Controls Hub - Unified Compliance Framework (UCF) intermediate
• Knowledge of Standardized Information Gathering (SIG) Questionnaire intermediate
• Knowledge of AICPA SOC for Service Organizations intermediate
• Other Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) or Certified Cloud Security Professional (CCSP) credentials or International Association of Privacy Professionals (IAPP)

NA