
Information Technology Specialist (Security)
Administrative Office of the U.S. CourtsThis position is located within the Department of the Chief Information Officer (DCIO), Information Technology Security Office (ITSO). The incumbent is a recognized IT security expert with a strong defensive cyber background and "hands-on" experience in incident response. The incumbent will perform multiple and varying assignments under the direction of the Chief, Incident Response Branch - Security Operations Division.The Incident Response Subject Matter Expert (SME) under the direction of an Incident Commander, is responsible for analyzing intrusion alerts, assessing impact, implementing containment measures to limit threat propagation, and facilitating the recovery of compromised systems. This role supports 24x7x365 security operations and requires availability between 0600 and 2100 EST during incident response activities, with additional on-callresponsibilities for weekends and after-hours incidents. The incumbent must be able to perform the tasks and meet the knowledge and skill statements as described in NIST Special Publication 800-181 National Initiative for CybersecurityEducation (NICE) Cybersecurity Workforce for the roles of Defensive Cybersecurity (PD-WRL-001) and Incident Response (PD-WRL-003).Duties include, but are not limited to the following: Conducting thorough analysis of network, endpoint, and application logs to identify and assess intrusions, determine their impact, and implement appropriate containment strategies to mitigate threats. Providing timely and accurate incident status updates to key stakeholders, including the incident commander, SOC leaders, and executives. Developing and tests enterprise-wide detection and response capabilities, including endpoint artifact retrieval, isolation techniques, and Yara rule creation, to improve threat detection and containment at scale. Maintaining and enhances the organization's incident response framework by defining and refining incident declaration processes, updating the Judiciary's Incident Response Plan, and identifying gaps in existing procedures. Driving continuous improvement through the development and validation of readiness exercises, standard operating procedures, and playbooks, while pioneering innovative incident response techniques for PaaS and SaaS cloud environments and leveraging automation to streamline response efforts
Opens the company's application page
Listed via
USAJobs
usajobs.gov
Similar roles
Design & Tech
Related reads from TCHNX

The Quiet Revolution in Local-First Software
As major platforms face outages and data breaches, a new generation of developers is building applications that prioritise local data storage and peer-to-peer sync, challenging the cloud-first orthodoxy that's dominated tech for two decades.

The Quiet Revolution in Edge AI: Why Your Next Computer Might Not Need the Cloud
As neural processing units become standard in consumer devices, we're witnessing a fundamental shift in how AI applications work. Local processing is no longer a fallback; it's becoming the preferred architecture.

The Rise of AI-Assisted Code Generation 2: Are Developers Becoming Prompt Engineers?
As AI coding assistants reshape software development, the industry grapples with a fundamental question: is writing code giving way to writing prompts? We examine how London's tech scene is adapting to this seismic shift.

