Summary As a Senior Security Operations Center (SOC) Watch Officer in the Cybersecurity and Privacy Division, responsible for developing, reviewing, and executing NASA cybersecurity policies, procedures, schedules, resources, and communications. Lead a team of SOC Watch Officers supporting 24/7/365 operations, oversee a NASA SOC service element, and collaborate with team leads and the SOC Chief to strengthen cyber defense across NASA networks. Responsibilities Leads, assesses, and assures execution of end-to-end cyber security operations playbooks based on technical cybersecurity expertise, applicable policies, and rules of engagement. Leads other watch officers and contractors in analyzing data/information from one or multiple cyber threat sources to respond to requests for information and to lead actionable NASA defensive cyber operations. Tasks, follows-up, and coordinates analysis, interpretation, evaluation, integration, production, and dissemination of cybersecurity products including but not limited to briefings, white papers, and reports in support of the needs of enterprise. Oversees and maintains awareness of the status of the highly dynamic operating environment. Reviews, processes, analyzes, and leads dissemination of cyber threat/warning assessments. Reviews the use of technology and processes for other technical analysts who investigate, analyze, and respond to cyber incidents within the network environment or enclave. Leads work shifts performing cybersecurity triage, monitor and detection, event management, watch office, and cyber threat analysis to proactively monitor, detect, prevent, mitigate, and remediate security incidents. Utilizes in depth knowledge of Defensive Cyber Operations principles to track ongoing cyber threats against the NASA enterprise and respond to network/system breaches (actual or attempted intrusion, computer viruses, worms, Trojan horses, etc.). Executes the technical and tactical functions of a 24/7/365 cybersecurity operations center, serving nation-wide, and global assets. Requirements Conditions of Employment Qualifications Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work. To qualify for GS-14, you must have one year of directly related specialized experience equivalent to the GS-13 level: Analyzing cybersecurity intrusion alerts and their impacts, implementing cybersecurity measures, and facilitating the recovery of compromised systems; Leading a team of watch officers in a 24x7x365 security operations center, monitoring enterprise cybersecurity and responding to incidents; Utilizing and monitoring IT security management tools and procedures, ensuring compliance with policies and regulations. AND You MUST also have IT-related experience demonstrating each of the four competencies listed in the "How You Will Be Evaluated" section below. Your resume must include a clear and detailed narrative description, in your own words, of how you meet the required specialized experience. Experience statements copied from a position description, vacancy announcement or other reference material constitutes plagiarism and may result in disqualification and losing consideration for the job. NASA prohibits the use of artificial intelligence (AI) or AI-assisted tool in drafting application and assessment responses. Please visit https://www.nasa.gov/careers/how-to-apply/#Artificial-Intelligence to review NASA's guidance on the use of AI tools during the application process. Education Additional Information Additional selections may be made for similar positions across NASA within the local commuting area(s) of the location(s) identified in this announcement. By applying, you agree to have your application shared with interested selecting official(s) within NASA. CTAP/ICTAP will be cleared for any additional selection from this announcement. If you have special priority selection rights under the Agency Career Transition Assistance Program (CTAP) or the Interagency Career Transition Assistance Program (ICTAP), you must: - Indicate your eligibility when applying for a position. The questionnaire asks you to identify your ICTAP/CTAP eligibility. - Meet the minimum qualifications requirements for the position - Submit proof that you meet the requirements for CTAP/ICTAP as indicated in 'Required Documents' For additional information about CTAP/ICTAP eligibility, click here - https://www.opm.gov/policy-data-oversight/workforce-restructuring/employee-guide-to-career-transition/#ictap. Any applicant that received a Voluntary Separation Incentive Payment (VSIP) from the federal government within the last five years based of the closing date of this announcement, if selected, may be required to repay the full amount prior to establishing a start date. For additional information on the VSIP repayment requirement, click here - https://www.opm.gov/policy-data-oversight/workforce-restructuring/voluntary-separation-incentive-payments/. Per Executive Order 14343, this position is not part of a bargaining unit. Probationary Period You may be required to serve a one-year probationary period during which we will evaluate your fitness and whether your continued employment advances the public interest. If selected, the requirement to serve such period will be determined by Title 5 of the Code of Federal Regulations, Part 11. In determining if your employment advances the public interest, we may consider: your performance and conduct; the needs and interests of the agency; whether your continued employment would advance organizational goals of the agency or the Government; and whether your continued employment would advance the efficiency of the Federal service. Upon completion of your probationary period your employment will be terminated unless you receive certification, in writing, that your continued employment advances the public interest.
