Vacancy ID: 799634   Announcement Number: CIS-PJN-799634-OIT   USAJOBS Control Number: 332726900

Occupational/Assessment Questions:

Your responses to the on-line questionnaire must be supported by your resume.  Failure to do so may result in an ineligible rating.


1. There is a residency requirement for all applicants not currently employed by U.S. Citizenship and Immigration Services. This residency requirement states that candidates must have, for three of the last five years immediately prior to applying for this position(s); (1) resided in the United States; OR (2) worked for the United States Government as an employee overseas in a Federal or Military capacity; OR (3) been a dependent of a U.S. Federal or Military employee serving overseas. Do you meet these requirements?

A. Yes
B. No
C. The residency requirement does not apply to me because I am currently a U.S. Citizenship and Immigration Services employee.
D. No, however I do fall under the EXCEPTION of state-side coverage.  I understand that I must submit complete state-side coverage information required to make a suitability/security determination at a later time if deemed necessary.

The following questions will only be used to determine whether or not you meet the minimum qualification requirements for this position. You may wish to consult the vacancy announcement for a description of those requirements. Your responses to the on-line questionnaire must be supported by your resume.  Failure to do so may result in an ineligible rating.

2. Which of the following statements best describes your experience?

A. I have at least one year of specialized experience equivalent to the GS-13 grade level Coordinating the implementation of Information Technology security programs in a Security Operations Center; Establishing Information security vulnerability reporting criteria; Evaluating Information Technology security incident response policies; Identifying the need for Information Technology security changes based on new technologies or threats; Instituting measures to ensure Information Technology security awareness/compliance.
B. My experience does not meet the experience described above.

You must provide the position title(s) and dates of employment referenced in your resume that demonstrates the experience related to your response.

For each item, select the ONE response that most accurately describes your current level of experience and capability using the scale below.

A- I have no experience in performing this work activity.
B- I have limited experience in preforming this work activity. I have knowledge of this work activity, but would need additional guidance, instruction or experience to perform it at a satisfactory level.
C- I have moderate experience in performing this work activity across routine or predictable situations with minimal supervision or guidance.
D- I have performed this work activity independently in a wide range of situations and I have assisted others in carrying out this activity. I seek and require guidance in carrying out this work activity in only unusually complex situations.
E- I have extensive experience in performing this work activity. I am considered an expert and advise/instruct others in carrying out this work activity. I am consulted by my colleagues and/or supervisors to carry out this work activity in unusually complex situations.

3. Advise the Section Chief of information security actions and reporting.

4. Generate reports based on information received internally and externally that adds credence to an Information Security Incident.

5. Articulate orally and in writing to individuals, high-level officials and groups.

6. Provide information security reports, metrics, and statistics, as required by the section Chief.

7. Work collaborative across organizational boundaries and cross functional reporting relationships to achieve business and technology goals.

8. Working experience in applying routing protocols, i.e., IP4 and IPV6, to malware analysis, internal and external threat incident analysis and remediation.

9. Ensure effective and continuous monitoring is conducted at all times (24hrs x 7days x 365days).

10. Oversee coordination and collaboration of information security incident response teams.

11. Motivate people to accomplish the work through technical direction and administrative oversight of others such as coaching, mentoring, team building, problem solving.

12. Discern when and to whom information will be shared.

13. Perform duties of an Incident Response Manager.

14. Ensure Security Operations Center (SOC) Conops, Playbook, and Incident Response Policies and procedures are updated annually.

15. Ensure escalation processes are routed to appropriate parties.

16. Identify problematic trends and report to appropriate parties.

17. Restore service after a security event or incident has occurred.

18. Investigate information security intrusion events/attempts and proper analysis of exploits.

19. Monitor all information security incident response actions.

20. Listen to phone calls, review active processes, and orchestrate activities.

21. Ensures the rigorous application of information security policies, principles and practices is applied and adhered to in the development of processes and practices.

22. Working experience with routers, firewalls, IDS, VM, Nessus, Arc Sight, Net witness, Xdeedium, Fidelis (DLP), LANs, WANs, VPNs, network protocols, and other security and network operations.

23. Ensure equipment is operational and proper information security and operational procedures are followed.

24. As previously explained, your ratings in this Occupational Questionnaire are subject to evaluation and verification based on the documents and references you submit. Later steps in the selection process are specifically designed to verify your ratings. Deliberate attempts to falsify information may be grounds for not selecting you or for dismissing you from the position/agency.

Please take this opportunity to review your ratings to ensure their accuracy. By agreeing to the statement below, you are confirming that you: 1) understand this warning, 2) have reviewed your responses to this questionnaire for accuracy, and 3) verify that your responses accurately describe your current level of experience and capability.

Failure to agree to this statement will disqualify you from further consideration for the position.

A. Yes, I verify that all of my responses to this questionnaire are true and accurate. I accept that if my supporting documentation and/or later steps in the selection process do not support one or more of my responses to the questionnaire that I may be removed from consideration.
B. No, I do not accept this agreement and/or I no longer wish to be considered for this position.