Senior IT Specialist (Data Loss Prevention Security Engineer)

Senior IT Specialist (Data Loss Prevention Security Engineer)

This is a full-time position with the Office of Information Technology at the Supreme Court of the United States in Washington, D.C. Closing Date: Monday, 11/11/2024, 11:59 PM EDT. Please note that this vacancy has a limit of 200 applicants. The job opportunity announcement will automatically close if that limit is reached prior to the closing date.

This position is a full-time position in the Office of Information Technology at the Supreme Court of the United States, in Washington, D.C. Under the guidance of the Court Information Security Officer, the incumbent will perform the full range of tasks and activities involved in developing, coordinating, implementing and maintaining standards, procedures and technical solutions to protect the confidentiality, integrity and availability of information systems and data.

The Data Loss Prevention (DLP) Security Engineer will have overall responsibility for the DLP program at the Court. The role requires working with all departments at the Court to identify sensitive data types, implementing technology to restrict access only to the business processes and roles which require them. The DLP Engineer serves a critical role in support of investigations and escalations of DLP alerts/breaches. As a Security Engineer within the Court Information Assurance Group, this role performs additional security engineering duties as assigned.

The incumbent will be responsible for the following duties:

1. Manage and evolve the DLP program over time according to business priorities.
2. Evaluate current and emerging DLP technologies and risks.
3. Install, configure, and maintain DLP software.
4. Develop and deliver data profiles for systems across the enterprise.
5. Enhance and tune standards-based rulesets and apply them to DLP Tools.
6. Implement DLP controls according to the Information Security Policy and the needs of Court offices.
7. Create and refine DLP tagging of sensitive information types.
8. Define and update DLP rules associated with tags.
9. Develop Incident Response playbooks for responding to DLP alerts.
10. Support the design and implementation of manual and automated response to DLP incidents.
11. Participate in On-Call rotation (approximately one week every two months).
12. Train cybersecurity personnel in daily DLP program operation.
13. Coordinate and conduct DLP training exercises with relevant stakeholders.

$117,962 - $181,216/year

• Meet Experience Requirements (see Qualifications)
• Employment is subject to successful completion of a security background check.
• If you are a male applicant born after December 31, 1959, you must certify that you have registered with the Selective Service System, or are exempt from having to do so under the Selective Service Law. See:

Candidate must possess the following knowledge, skills and abilities:

• At least 2 years of experience of management of enterprise DLP tools.
• Able to demonstrate the skill level needed to lead and build out a DLP program.
• Ability to work with stakeholders to determine information types, patterns, and boundaries, then translating those into enforcement and/or actionable alerts for the Incident Response team.
• Demonstrate the technical skills to deploy and maintain on-prem DLP components, to include server OS administrative skills, agent deployment, or troubleshooting various issues as the result of a DLP deployment.
• Ability to optimize systems to meet enterprise performance requirements.
• Ability to work with engineers/vendors to improve capabilities, resolve issues, and increase performance of security operation devices and configurations.
• Knowledge of operating system (Windows, Linux/Unix) command-line tools.
• Knowledge of endpoint security events and how they relate to possible attacks/intrusions.
• Ability to balance business needs with security policies.
• Organizational skills with the ability to multitask, take direction, prioritize, and manage multiple activities/tasks to achieve objectives.
• Ability to work in a fast-paced, technically challenging area; ability to anticipate and manage changes or problems; assess impacts and make sound recommendations.
• Proficiency in tailoring and/or recommending detection rules based on newly discovered IOCs and threats against government networks.
• CISSP, GCIA, GCIH, CASP, and other security certifications desired, but not required.

Candidate must have: Two years of demonstrated cyber security related experience and a college degree (computer related), or Five years of demonstrated cyber security experience.

Working for the Supreme Court of the United States offers a comprehensive benefits package that includes, in part, paid vacation, sick leave, holidays, life insurance, health benefits, and participation in the Federal Employees Retirement System. Additional benefits include flexible spending accounts, long-term care insurance, and the SmartBenefits transit subsidy.

The Court provides appropriate in-house and outside third-party technical training. Each staff member is provided with access to high levels of technical support; an in-house library of up-to-date commercially available technical books and software; a technology lab for development and testing of technology products; and a fully equipped computer training room. In addition, the Court provides all employees free access to an in-house exercise facility/weight training room.

Recruitment incentives may be authorized. If authorized, certain incentives will require you to sign a service agreement to remain an employee of the Supreme Court of the United States for a period of up to 2 years. This statement does not guarantee that an incentive will be offered and paid.

The following documents are required:

• A cover letter
• A resume

You must upload the cover letter and resume. These two documents are required and must be received by the closing date, 11/11/2024, in order to be considered. Please submit only these documents unless you have prior federal and/or military experience. In that case your most recent SF-50, Statement of Service, and/or DD-214 will also be required.

To begin, click Apply Online to create a USAJobs account or log in to your existing account. Follow the prompts to select your USAJobs resume and/or other supporting documents and complete the occupational questionnaire.

Click the Submit My Answers button to submit your application package. It is your responsibility to ensure your responses and appropriate documentation is submitted prior to the closing date.

To verify your application is complete, log into your USAJobs account, select the Application Status link and then select the More Information link for this position. The Details page will display the status of your application, the documentation received and processed, and any correspondence the agency has sent related to this application.

To return to an incomplete application, log into your USAJobs account and click Update Application in the vacancy announcement. You must re-select your resume and/or other documents from your USAJobs account or your application will be incomplete.

Review our benefits.