|Work Schedule:||Full Time|
|Salary:||$62,303 – $145,629|
|Location:||Washington, DC metropolitan area|
As a Cyber Security Officer (CSO) for the CIA, you will protect Agency data and systems using sophisticated tools, instrumentation, and knowledge of CIA Information Technology (IT) and tradecraft to monitor, evaluate, and manage IT risk. You will identify current threats, mitigate vulnerabilities, and anticipate future cybersecurity challenges. Utilizing new technologies, you will increase the security of our existing and emerging IT systems.
Your career as a CSO will progress through tours of duty where you will apply and develop a broad range of technical, leadership, resource management, and communication skills. Senior positions for Subject Matter Experts with advanced levels of knowledge in specific cyber specialities exist. As an advanced level CSO, you will lead business areas/activities and be responsible for managing a diverse range of cyber security projects. You will ensure the development, deployment, operations, implementation and support of component information systems that are consistent with cyber security policies and procedures. You will also have leadership opportunities to supervise and manage employees, develop and manage a budget according to established strategic priorities, and represent your program area to senior officials at the Agency and the Intelligence Community.
As as CSO you will do the following work to support customers within the Agency:
- Analyze existing and future systems across the Agency, review security architectures, and develop engineering solutions that integrate information security requirements to proactively protect information
- Perform audit and security compliance checks, including network penetration testing, vulnerability scans, and other configuration analysis
- Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis and review and assessment of security events and logs via sophisticated cyber security /event management tools
- Implement and support network defense, identification/authentication/access control, data protection mechanisms, and data transfer mechanisms
- Develop threat models and security risk assessments, and recommend mitigations and countermeasures to address risks, vulnerabilities and threats
- Review and validate security documentation, including the system security requirements definition and System Security Plans
- Implement security designs in hardware, software, data and procedures
- Provide guidance to Agency customers on CIA’s and Intelligence Community’s information security policies and regulations
Most positions are located in the Washington, DC metropolitan area, but opportunities to serve overseas exist as your career and abilities develop.
Offices of the CIA - Directorate of Support
The Directorate of Support (DS) provides everything the CIA needs to accomplish its critical mission of defending our nation. The DS provides business operations support to Agency components including all aspects of security, logistics, facilities, finance, education, medical services and human resources. Learn more about the Directorate of Support.
Life at CIA:
In addition to a comprehensive benefits package, the CIA offers exciting career opportunities and a dynamic environment. We're on the forefront of world-altering events - as they happen. So working here isn't just a job, it's a mindset and a lifestyle.
- Bachelor's degree in one of the following fields or relevant verifiable work experience:
- Information Assurance
- Cyber Security
- Computer Science
- Computer Engineering
- Other related engineering fields
- GPA of at least 3.0 on a 4.0 scale is preferred, but exceptions may be made for extenuating circumstances
- Excellent verbal and written communication skills
- Strong commitment to continuous learning
- Ability to work both independently and in a team environment
- Track record of progressively responsible cyber experience in one or more of the following information security areas:
- Networks, operating system, application-layer, and cloud security expertise
- Hunt operations for malicious actors
- System evaluations
- System security penetration testing
- Big-data cyber analytics
- Security operations/network monitoring
- Security information management/security event management
- Network mapping
- Vulnerability scanners, firewalls, routers and other security tools
- Working knowledge of public key infrastructure and encryption systems
- Experience working on a cyber security incident response team
- Professional certifications
The following items must be attached to your on-line application (PDF format preferred):
- Cover letter in which you specify your qualifications for this position. Please address why you want to work in this role and what differentiates you from other applicants.
- Unofficial transcripts for all degrees
- Copies of any professional certification
ALL POSITIONS REQUIRE RELOCATION TO THE WASHINGTON DC METROPOLITAN AREA.
All applicants must successfully complete a thorough medical and psychological exam, a polygraph interview and an extensive background investigation. US citizenship is required.
To be considered suitable for Agency employment, applicants must generally not have used illegal drugs within the last twelve months. The issue of illegal drug use prior to twelve months ago is carefully evaluated during the medical and security processing.
Important Notice: Friends, family, individuals, or organizations may be interested to learn that you are an applicant for or an employee of the CIA. Their interest, however, may not be benign or in your best interest. You cannot control whom they would tell. We therefore ask you to exercise discretion and good judgment in disclosing your interest in a position with the Agency. You will receive further guidance on this topic as you proceed through your CIA employment processing.
Save the position(s) that interest you in the job cart. You can add up to four (4) positions. Job cart selections will only be retained during this site visit, so be sure to click “Apply Now” before closing the browser window. After clicking "Apply Now" you will be taken to the application account creation page. The positions will appear in the cart once you have created an account. DO NOT submit multiple applications; this will only slow the review of your application and delay processing. Please read the Application Instructions carefully before you begin the online application process.
An equal opportunity employer and a drug-free work force.
c_icm s_cs s_cys s_mat pro_ft pro_ex d_bus d_eng d_sci m_is m_com m_cs m_cys m_ddm m_fs m_mth m_smi m_web
Posted: Feb 01, 2011 08:58 AM
Last Updated: Mar 09, 2018 03:43 PM
ResponsibilitiesPerform full spectrum forensic analysis across multiple types of computer and network devices as assigned. Assist in the prioritization of their assigned forensics tasks and regularly provide updates on the status of assigned work. Responsible for the overall quality control of all assigned forensic investigations, data spill cleanup activities, and related assigned case reporting. Assist in setting investigative priorities in support of a wide client base, setting schedules and deliverables for assigned caseloads.Oversee all team activities and provide subject matter expert oversight support to all forensic examiners and malware reverse engineers.Support overall forensics activities, provide in-depth analysis of suspected malicious code and/or infected systems and network devices,Perform necessary inspection and reverse-engineering activities to understand the behavior of the software, the root cause for its presence, and develop recommendations on how to counter the threat.Expected to be up-to-date with industry forensics best practices, industry accepted forensic methodologies, in addition to being responsible for the overall quality control of all forensic investigations, data spill cleanup activities, and related case reporting.Lead and supports overall forensics activities. Strong experience performing forensic investigations, malware reverse engineering, cyber security incident response, and deep expertise conducting cyber forensic investigations.Lead and mentor a team of cyber forensic members.Assist all team members with forensic examinations and software reverse engineering.Reverse engineer malicious code using both behavioral and static code analysis.Write reports on the detailed technical analysis results of reverse engineering tasks.Provide recommendations for mitigating issue in the future, including the development of indicators of compromise to be used in cyber defense systems. Required QualificationsTS/SCI w/FSPBachelors Degree in Engineering, Computer Science, Cyber Security, Digital ForensicsMinimum 10 years of progressively responsible experience performing forensic investigations, malware reverse engineering, cyber security incident responseMinimum of 8 years of experience specifically conducting cyber forensic investigationsMinimum 3 years experience leading a team of cyber forensic examiners and reverse engineers Experience leading teams, preferably of cyber forensic examiners and reverse engineers.Knowledgeable with industry forensics best practices and industry accepted forensic methodologies Strong analytical and problem solving skillsDemonstrated experience using EnCase and Open Source methods and tools to perform Computer Forensic investigations.Demonstrated experience performing forensic investigations and cyber security incident responseCertifications: At least one of the following is required certification is required - EnCase Certified Examiner (EnCE), GIAC Certified Forensic Examiner (GCFE), or GIAC Certified Forensic Analyst (GCFA)Demonstrated experience using Commercial (EnCase, Blacklight, FTK, Cellebrite, XRY, Carbon Black, etc.) and Open Source (Autopsy, TCT, Bulk Extractor, etc.) methods and tools to perform Computer Forensic investigationsDemonstrated experience using commercial and open reverse engineering tools: IDA Pro, Hex-Rays, WinDbg, OllyDBG, Radare, and GDB Desired QualificationsMasters degree in cyber/digital forensics or cyber security.Desired to have experience with data recovery and data extraction tools and techniquesDesired to have experience with hardware test equipment (digital oscilloscopes, spectrum analyzers, multi-meters, logic analyzers, etc.) and in malware reverse engineering and analyzing disassembled code.Other relevant certifications (EnCe,GCFE, GCFA, GREM, etc.)Experience in hardware reverse engineering.Experience with data recovery tools (PC-3000) and techniques.Experience performing low-level data extraction (JTAG, chip-off, etc.)
Cyber Security firm based in Reston, Virginia. Serving Government and Commercial clients globally.
Associated topics: cybersecurity, forensic, identity, iam, idm, information assurance, protect, security analyst, threat, vulnerability
Cyber Defense Technologies