Cybersecurity Principal Specialist #5387

Required Work Experience Seven to ten years of progressively responsible experience within a Certified Information Systems Security Professional (CISSP)-type environment. As part of our hiring process, we may conduct a skills assessment to better understand an applicant’s proficiency in key areas relevant to the role. Desired Qualifications We are seeking a candidate with basic knowledge in key areas of cybersecurity. The ideal candidate should have: Cybersecurity Experience: 7-10 years of experience in SOC Analysis, Threat Hunting, Threat Intelligence, Malware Analysis, Red Team, or Systems Administration. Excellent Communication Skills: The ability to communicate both verbally and in writing with audiences at varying levels of technical capability. Self-Learning: The ability to learn highly technical concepts with minimal instruction and without formal training. Abstract Thinking: The ability to abstract away from atomic events and indicators and contextualize them with larger attack chains or process flows. Knowledge of Operating Systems: A deep understanding of the internal functionality of all major operating systems (Windows, Linux, MacOS). Preference given for understanding of less well-known OS’s such as Cisco IOS, Solaris, and mobile operating systems. Familiarity with all Major Rule Formats: Competence with all major rule formats such as Sigma, YARA, Snort, and Suricata. Analytical Abilities: Ability to evaluate, analyze, and synthesize large quantities of data (which may be fragmented and contradictory) into high quality, fused targeting/intelligence products. Basic Red Team Abilities: The ability to conduct basic red team activities to ensure that detections are validated and tuned correctly. Network Forensics: The ability to conduct in-depth packet capture and NetFlow analysis in order to discover attacks that may have evaded host detection mechanisms. Host Forensics: Familiarity with major host artifact locations on major OS’s and with major host forensic toolsets. Basic Malware Analysis: Ability to conduct triage-level malware analysis during incident response, including de-obfuscating scripts, basic binary analysis, and live process analysis. Scripting: Competence in at least one of the most common scripting languages (PowerShell, Python, Bash, Ruby, Perl). Documentation: Able to take the results of long and highly technical investigations and capture them in a manner that is clear, readable, and able to drive future operations. Working Conditions Sedentary. To meet the needs of the US Senate, the person in this position will be required to work extended hours, outside normal business hours, which includes but may not be limited to holidays and weekends, as necessary. To meet the needs of the US Senate, the person in this position will be required to be on call, or report on-site on a rotation, as needed by SAA. Security Clearance This position requires that the applicant obtain and maintain a Secret U.S. Government security clearance. Applicants must be U.S. citizens in order for the SAA to submit your application for a security clearance.
The Senate Sergeant at Arms is seeking a Cybersecurity Principal Specialist. The complete vacancy announcement and application can be found on the United States Senate Career Page at https://sen.gov/J5NY. This vacancy announcement closes at 7pm EST on the closing date. Late applications will not be accepted.