Your responses to the on-line questionnaire must be supported by your resume. Failure to do so may result in an ineligible rating.
FAILURE TO SELECT A RESPONSE TO THIS QUESTION WILL DEFAULT IN A NEGATIVE RESPONSE, WHICH WILL DISQUALIFY YOU FOR THIS POSITION.
1. There is a residency requirement for all applicants not currently employed by U.S. Citizenship and Immigration Services. This residency requirement states that candidates must have, for three of the last five years immediately prior to applying for this position(s); (1) resided in the United States; OR (2) worked for the United States Government as an employee overseas in a Federal or Military capacity; OR (3) been a dependent of a U.S. Federal or Military employee serving overseas. Do you meet these requirements?
The following questions will only be used to determine whether or not you meet the minimum qualification requirements for this position. You may wish to consult the vacancy announcement for a description of those requirements. Your responses to the on-line questionnaire must be supported by your resume. Failure to do so may result in an ineligible rating.
2. Which of the following statements best describes your experience?A. I have at least one year of specialized experience equivalent to the GS-13 grade level Coordinating the implementation of Information Technology security programs in a Security Operations Center; Establishing Information security vulnerability reporting criteria; Evaluating Information Technology security incident response policies; Identifying the need for Information Technology security changes based on new technologies or threats; Instituting measures to ensure Information Technology security awareness/compliance.
You must provide the position title(s) and dates of employment referenced in your resume that demonstrates the experience related to your response.
For each item, select the ONE response that most accurately describes your current level of experience and capability using the scale below.
3. Advise the Section Chief of information security actions and reporting.
4. Generate reports based on information received internally and externally that adds credence to an Information Security Incident.
5. Articulate orally and in writing to individuals, high-level officials and groups.
6. Provide information security reports, metrics, and statistics, as required by the section Chief.
7. Work collaborative across organizational boundaries and cross functional reporting relationships to achieve business and technology goals.
8. Working experience in applying routing protocols, i.e., IP4 and IPV6, to malware analysis, internal and external threat incident analysis and remediation.
9. Ensure effective and continuous monitoring is conducted at all times (24hrs x 7days x 365days).
10. Oversee coordination and collaboration of information security incident response teams.
11. Motivate people to accomplish the work through technical direction and administrative oversight of others such as coaching, mentoring, team building, problem solving.
12. Discern when and to whom information will be shared.
13. Perform duties of an Incident Response Manager.
14. Ensure Security Operations Center (SOC) Conops, Playbook, and Incident Response Policies and procedures are updated annually.
15. Ensure escalation processes are routed to appropriate parties.
16. Identify problematic trends and report to appropriate parties.
17. Restore service after a security event or incident has occurred.
18. Investigate information security intrusion events/attempts and proper analysis of exploits.
19. Monitor all information security incident response actions.
20. Listen to phone calls, review active processes, and orchestrate activities.
21. Ensures the rigorous application of information security policies, principles and practices is applied and adhered to in the development of processes and practices.
22. Working experience with routers, firewalls, IDS, VM, Nessus, Arc Sight, Net witness, Xdeedium, Fidelis (DLP), LANs, WANs, VPNs, network protocols, and other security and network operations.
23. Ensure equipment is operational and proper information security and operational procedures are followed.
24. As previously explained, your ratings in this Occupational Questionnaire are subject to evaluation and verification based on the documents and references you submit. Later steps in the selection process are specifically designed to verify your ratings. Deliberate attempts to falsify information may be grounds for not selecting you or for dismissing you from the position/agency.
Please take this opportunity to review your ratings to ensure their accuracy. By agreeing to the statement below, you are confirming that you: 1) understand this warning, 2) have reviewed your responses to this questionnaire for accuracy, and 3) verify that your responses accurately describe your current level of experience and capability.
Failure to agree to this statement will disqualify you from further consideration for the position.