penetration-testing

Responsibilities

The professionals at the National Security Agency (NSA) have one common goal: to protect our nation. The mission requires a strong offense and a steadfast defense. The offense collects, processes and disseminates intelligence information derived from foreign signals for intelligence and counterintelligence purposes. The defense prevents adversaries from gaining access to sensitive classified national security information. NSA Cybersecurity mission is to prevent and eradicate threats to National Security Systems and critical infrastructure, with a focus on the Defense Industrial Base. This diverse team of problem solvers collaborate across industry and government to expose foreign cyber espionage, patch critical vulnerabilities, modernize encryption, and issue unique, timely, and actionable cybersecurity guidance. Here, you will have unique access to classified and unclassified data to solve hard problems and secure critical systems. If you enjoy creatively mission outcomes, cybersecurity at NSA is the place for you. Information System Security Professionals play a vital role in enabling security solutions by utilizing systems engineering and systems security engineering principles in: - defining information system security requirements and functionality - designing system architectures - developing security designs - assessing the effectiveness of security solutions against present and projected threats - producing formal and informal reports, briefings, and direct input to the customer regarding security and functionality requirements, system architecture and security designs Information System Security professionals are hired into positions directly supporting a technical mission office or into the Cybersecurity Engineering Development Program. The Cybersecurity Engineering Development Program is a 3 year program. To meet the Agency's evolving mission, NSA's core discipline of Information System Security and Cryptographic Engineering must remain strong and agile. Information System Security and Cryptographic Engineering integrates computer science, engineering and mathematics along with Information Assurance/Cybersecurity Analysis skills, so that the Agency can define the standards for high-assurance as the trusted authority for National Security System (NSS) communications. Our nation's security will be determined by NSA's ability to develop experts in these skills, in order to keep pace with the complex and powerful threats introduced by our adversaries. No academic course of study or university program provides the necessary depth of skills and practical hands-on experience required by the Agency, thus the Cybersecurity Engineering Development Program is the only program in the US government designed to develop and advance the core skillset essential to protecting the US's national security systems.

Job Summary

Are you a cyber professional with the drive and expertise to be on the forefront of the cyber fight; tackling NSA's complex mission to defend against cyber threats of today and tomorrow? NSA, the nation's leading cyber agency, has exciting and challenging positions in Cyber Security Engineering and Cyber and TEMPEST vulnerability analysis/mitigation. Are you ready to help secure our Nation's critical Infrastructure? If so, NSA is the place for you!

Qualifications

This job opening encompasses multiple positions, the minimum qualifications for each are listed below: Salary Range: $73,076 - $91,057 (Entry/Developmental) - Information System Security Designer *The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position. Entry is with a Bachelor's degree and no experience. An Associate's degree plus 2 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, Information Security, and Information Systems). Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering. Network and system administration may account for some, but not all, of the experience. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience). Salary Range: $84,529 - $113,362 (Full Performance) - Information System Security Designer *The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position. Entry is with a Bachelor's degree plus 3 years of relevant experience, or a Master's degree plus 1 year of relevant experience, or a Doctoral degree and no experience. An Associate's degree plus 5 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, Information Security, and Information Systems). Relevant experience must be in computer or information systems design/development. In addition, may include programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and/or system administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience). Salary Range: $103,690 - $159,286 (Senior) - Information System Security Designer *The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position. Entry is with a Bachelor's degree plus 6 years of relevant experience, or a Master's degree plus 4 years of relevant experience, or a Doctoral degree plus 2 years of relevant experience. An Associate's degree plus 8 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, Information Security, and Information Systems). Relevant experience must be in computer or information systems design/development. In addition, may include programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and/or system administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience). Salary Range: $73,076 - $91,057 (Entry/Developmental) - Information Systems Security Engineer *The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position. Entry is with a Bachelor's degree and no experience. An Associate's degree plus 2 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, Information Security, and Information Systems). Relevant experience must be in computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or updating information assurance documentation (e.g., System Security Plans, Risk Assessment Reports, Certification and Accreditation packages, and System Requirements Traceability Matrices). Network and system administration may account for some, but not all, of the experience. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience). Salary Range: $84,529 - $113,362 (Full Performance) - Information Systems Security Engineer *The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position. Entry is with a Bachelor's degree plus 3 years of relevant experience, or a Master's degree plus 1 year of relevant experience, or a Doctoral degree and no experience. An Associate's degree plus 5 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, Information Security, and Information Systems). Relevant experience must be in computer or information systems design/development and with information assurance and accreditation processes (e.g., System Security Plans, Risk Assessment Reports, Certification and Accreditation Packages, and System Requirements Traceability Matrices). In addition, experience may include programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and/or system administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience). Salary Range: $103,690 - $159,286 (Senior) - Information System Security Engineer *The qualifications listed are the minimum acceptable to be considered for the position. Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position. Entry is with a Bachelor's degree plus 6 years of relevant experience, or a Master's degree plus 4 years of relevant experience, or a Doctoral degree plus 2 years of relevant experience. An Associate's degree plus 8 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position. Degree must be in Computer Science or a related field (e.g., General Engineering, Computer Engineering, Electrical Engineering, Systems Engineering, Mathematics, Computer Forensics, Cyber Security, Information Technology, Information Assurance, Information Security, and Information Systems). Relevant experience must be in computer or information systems design/development and with information assurance and accreditation processes (e.g., System Security Plans, Risk Assessment Reports, Certification and Accreditation Packages, and System Requirements Traceability Matrices). In addition, experience may include programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, systems engineering, and/or network and/or system administration. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course), Undergraduate Cyber Training (UCT), Network Warfare Bridge Course (NWBC)/Intermediate Network Warfare Training (INWT), Cyber Defense Operations will be considered towards the relevant experience requirement (i.e., 20-24 weeks course will count as 6 months of experience, 10-14 weeks will count as 3 months of experience).

Competencies

The ideal candidate is someone with excellent problem-solving, communication and interpersonal skills who is/can: - motivated - flexible - innovative - well-organized - work effectively in diverse environments - handle multiple assignments Specialized skills may include preventing, assessing, and/or mitigating threats to information systems and infrastructures and the information contained in or transmitted by these systems. This may encompass: - threat and vulnerability analysis - risk mitigation - incident response - information assurance - penetration testing - preparing accreditation documentation Skills applying standards, policies, procedures and requirements for ensuring information security are also beneficial.

How to apply

To apply for this position, please click the 'Apply' button located at the top right of this posting. After completing the application for the first time, or reviewing previously entered information, and clicking the 'Submit' button, you will receive a confirmation email. Please ensure your spam filters are configured to accept emails from [email protected] . ***PLEASE NOTE: U.S. Citizenship is required for all applicants. Reasonable accommodations provided to applicants with disabilities during the application and hiring process where appropriate. NSA is an equal opportunity employer and abides by applicable employment laws and regulations. All applicants and employees are subject to random drug testing in accordance with Executive Order 12564. Employment is contingent upon successful completion of a security background investigation and polygraph. This position is a Defense Civilian Intelligence Personnel System (DCIPS) position in the Excepted Service under 10 U.S.C. 1601. DoD Components with DCIPS positions apply Veterans' Preference to eligible candidates as defined by Section 2108 of Title 5 USC, in accordance with the procedures provided in DoD Instruction 1400.25, Volume 2005, DCIPS Employment and Placement. If you are a veteran claiming veterans' preference, as defined by Section 2108 of Title 5 U.S.C., you may be asked to submit documents verifying your eligibility. Please note that you may be asked a series of questions depending on the position you apply for. Your responses will be used as part of the screening process of your application and will assist in determining your eligibility for the position. Be sure to elaborate on experiences in your resume. Failure to provide the required information or providing inaccurate information will result in your application not being considered for this position. Only those applicants who meet the qualifications for the position will be contacted to begin employment processing. Please Note: Job Posting could close earlier than the closing date due to sufficient number of applicants or position no longer available. We encourage you to apply as soon as possible.

DCIPS Disclaimer

The National Security Agency (NSA) is part of the DoD Intelligence Community Defense Civilian Intelligence Personnel System (DCIPS). All positions in the NSA are in the Excepted Services under 10 United States Codes (USC) 1601 appointment authority.