This position is located in the Monitoring Incident Response (MIR) Division, Office of Cyber Monitoring and Operations (CMO), Cyber and Technology Security Directorate (CTS), Bureau of Diplomatic Security.You will plan and direct the Department's Blue Team program. The Blue Team oversees and conducts cybersecurity posture assessments of Department systems, analyzes specific threats and vulnerabilities to assess Department impact.Applicants must meet all the required qualification requirements described below by the closing date of this announcement.NOTE: Applicants must meet time-in-grade and time after competitive appointment requirements, by the closing date of this announcement.Time-In-Grade Requirements: Federal applicants must have served 52 weeks at the next lower grade to satisfy time-in-grade restrictions, per 5CFR 300, Subpart F.Applicants applying for the GS-14 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND specialized experience listed below:Attention to Detail- Incumbent demonstrates a high level of attention to detail by applying personal knowledge and ability to provide expert technical analysis and consultation focused on reviewing and evaluating information systems in order to ensure the effectiveness of security controls against potential cyber threats and vulnerabilities.Customer Service- Incumbent demonstrates a high level of ability to serve customers by establishing and maintaining industry partnerships and providing expert guidance on complex and controversial cybersecurity issues which have long term impact on IT infrastructure security.Oral Communication- Incumbent demonstrates a high level of skill in communicating in order to provide expert advice and guidance, exchange information, brief senior officials, plan and coordinate activities, recommend new methods, approaches, and resolve problems.Problem Solving-Incumbent clearly demonstrates the ability to solve and prioritize problems by determining the most appropriate principles to apply and resolving a wide range of technical issues related to cybersecurity with limited supervisory involvement; ANDHave at least 1 full year of specialized experience equivalent to the GS-13 level in the Federal service which provided you with the particular knowledge, skills and abilities to perform the duties of the position. Qualifying specialized experience must demonstrate the following:Experience performing network security reviews, identifying gaps in security architecture, and making recommendations for risk mitigation strategies;Experience utilizing cyber defense tools (e.g., intrusion detection system alerts, firewalls, network traffic logs) in order to provide continual monitoring and analysis of system activity to identify malicious activity; andExperience identifying common attackers and methods, analyzing trends, and utilizing gathered data to create threat analysis reports for internal and external use.NOTE: In order to qualify for this position, your experience MUST be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.There is no substitute of education for specialized experience for the GS-14 position.#J-18808-Ljbffr