Posted today
Top Secret
$86,498 - $151,570
Unspecified
Intelligence
Fort Meade, MD (On-Site/Office)
Duties
Help
Cybersecurity testers at NSA play a vital role in the security of NSA's mission by conducting both security controls and adversarial testing against our state-of-the-art Information Technology (IT) systems executing NSA's SIGINT and Cybersecurity missions. NSA is advancing technology to deliver mission outcomes. As such, Cybersecurity testers have the opportunity to work across a broad set of technologies including commercial cloud fabrics, artificial intelligence, high performance computing, and advanced cryptographic systems. These personnel are involved in both developmental and operational testing so NSA systems can be protected from the most sophisticated nation state adversaries. Some examples of tasks include:
- Conducting security controls testing of NSA systems to ensure controls are properly implemented by system owner(s)
- Conducting testing against cloud fabrics, including various security configuration options of cloud services and a wide variety of different security configurations
- Assessing the effectiveness of security solutions against cybersecurity frameworks (e.g. MITRE Attack Framework)
- Operating within teams focused on implementing and evolving cybersecurity testing procedures and implementing automation to reduce testing time and improve consistent analysis
- Operating within a cybersecurity team for each of the life cycle steps of the Federal Government's Risk Management Framework (RMF), as maintained by the National Institute of Standards and Technology (NIST 800-53)
- Implementing automation across the cybersecurity testing processes
Depending on their education, training, and experience, Cybersecurity testers are hired into positions as a Testing and Evaluation Specialist and placed into functional positions performing cybersecurity testing functions commensurate with their skills. Entry-level cybersecurity professionals will take on the front-line control testing of our systems while beginning to learn the intricacies of secure system design. The most experienced testing personnel will have opportunities to formulate unconstrained cybersecurity testing to emulate cybersecurity adversary and rogue system administrator threats.
Please attach a copy of your transcripts from all schools attended when applying for this position. Providing a copy of your transcripts is especially critical since the minimum qualifications for this position require a degree that demonstrates a concentration of Computer Science (CS) courses in foundational CS areas.
Requirements
Help
Conditions of employment
ENTRY/DEVELOPMENTAL
Entry is with a Bachelor's degree and no experience. An Associate's degree plus 2 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.
FULL PERFORMANCE Entry is with a Bachelor's degree plus 3 years of relevant experience or a Master's degree plus 1 year of relevant experience or a Doctoral degree and no experience. An Associate's degree plus 5 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.
Education
The qualifications listed are the minimum acceptable to be considered for the position.
Degree must be in Computer Science (CS) or related field (e.g., Engineering, Mathematics). Degrees in Information Technology, Information Systems, Information Security, Networking (Systems Administration), Information Assurance, and Cybersecurity may be considered relevant if the programs contain, at minimum, a concentration of courses in the following foundational CS areas: algorithms; computer architecture (not network architecture); programming methodologies and languages; data structures; logic and computation; and upper-level mathematics.
Relevant experience must be in engineering of computer or information systems over their lifecycle (i.e., requirements analysis, design, development, implementation, testing, integration, deployment/installation, and maintenance), programming, vulnerability analysis, penetration testing, computer forensics, and/or systems engineering. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course) will be considered towards the relevant experience requirement (i.e., 24-week JCAC course will count as 6 months of experience).
Additional information
Pay: Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position.
Salary Range: $86,498 - $151,570 (Entry/Developmental, Full Performance) Salary range varies by location, work level, and relevant experience to the position.
On the job training, internal NSA courses, and external training will be made available based on the need and experience of the selectee.
Benefits: NSA offers a comprehensive benefits package.
Work Schedule: This is a full-time position, Monday - Friday, with basic 8hr/day work requirement between 6:00 a.m. and 6:00 p.m. (flexible).
Help
Cybersecurity testers at NSA play a vital role in the security of NSA's mission by conducting both security controls and adversarial testing against our state-of-the-art Information Technology (IT) systems executing NSA's SIGINT and Cybersecurity missions. NSA is advancing technology to deliver mission outcomes. As such, Cybersecurity testers have the opportunity to work across a broad set of technologies including commercial cloud fabrics, artificial intelligence, high performance computing, and advanced cryptographic systems. These personnel are involved in both developmental and operational testing so NSA systems can be protected from the most sophisticated nation state adversaries. Some examples of tasks include:
- Conducting security controls testing of NSA systems to ensure controls are properly implemented by system owner(s)
- Conducting testing against cloud fabrics, including various security configuration options of cloud services and a wide variety of different security configurations
- Assessing the effectiveness of security solutions against cybersecurity frameworks (e.g. MITRE Attack Framework)
- Operating within teams focused on implementing and evolving cybersecurity testing procedures and implementing automation to reduce testing time and improve consistent analysis
- Operating within a cybersecurity team for each of the life cycle steps of the Federal Government's Risk Management Framework (RMF), as maintained by the National Institute of Standards and Technology (NIST 800-53)
- Implementing automation across the cybersecurity testing processes
Depending on their education, training, and experience, Cybersecurity testers are hired into positions as a Testing and Evaluation Specialist and placed into functional positions performing cybersecurity testing functions commensurate with their skills. Entry-level cybersecurity professionals will take on the front-line control testing of our systems while beginning to learn the intricacies of secure system design. The most experienced testing personnel will have opportunities to formulate unconstrained cybersecurity testing to emulate cybersecurity adversary and rogue system administrator threats.
Please attach a copy of your transcripts from all schools attended when applying for this position. Providing a copy of your transcripts is especially critical since the minimum qualifications for this position require a degree that demonstrates a concentration of Computer Science (CS) courses in foundational CS areas.
Requirements
Help
Conditions of employment
- All applicants and employees are subject to random drug testing in accordance with Executive Order 12564.
ENTRY/DEVELOPMENTAL
Entry is with a Bachelor's degree and no experience. An Associate's degree plus 2 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.
FULL PERFORMANCE Entry is with a Bachelor's degree plus 3 years of relevant experience or a Master's degree plus 1 year of relevant experience or a Doctoral degree and no experience. An Associate's degree plus 5 years of relevant experience may be considered for individuals with in-depth experience that is clearly related to the position.
Education
The qualifications listed are the minimum acceptable to be considered for the position.
Degree must be in Computer Science (CS) or related field (e.g., Engineering, Mathematics). Degrees in Information Technology, Information Systems, Information Security, Networking (Systems Administration), Information Assurance, and Cybersecurity may be considered relevant if the programs contain, at minimum, a concentration of courses in the following foundational CS areas: algorithms; computer architecture (not network architecture); programming methodologies and languages; data structures; logic and computation; and upper-level mathematics.
Relevant experience must be in engineering of computer or information systems over their lifecycle (i.e., requirements analysis, design, development, implementation, testing, integration, deployment/installation, and maintenance), programming, vulnerability analysis, penetration testing, computer forensics, and/or systems engineering. Completion of military training in a relevant area such as JCAC (Joint Cyber Analysis course) will be considered towards the relevant experience requirement (i.e., 24-week JCAC course will count as 6 months of experience).
Additional information
Pay: Salary offers are based on candidates' education level and years of experience relevant to the position and also take into account information provided by the hiring manager/organization regarding the work level for the position.
Salary Range: $86,498 - $151,570 (Entry/Developmental, Full Performance) Salary range varies by location, work level, and relevant experience to the position.
On the job training, internal NSA courses, and external training will be made available based on the need and experience of the selectee.
Benefits: NSA offers a comprehensive benefits package.
Work Schedule: This is a full-time position, Monday - Friday, with basic 8hr/day work requirement between 6:00 a.m. and 6:00 p.m. (flexible).
group id: DODAF
