Cybersecurity Principal Specialist #5301

Target Hiring Range: $126,373-$155,000

Department: Chief Information Officer Posting Date Range: 1/30/2025-2/13/2025 Pay Grade Range: $126372-$175868

Work Hours: 8:00am-5:00pm

FLSA Status: Exempt

Remote Work Status: Hybrid

Hybrid Schedule: 2-3 days a week onsite.

All remote or hybrid work arrangements must be performed from within the continental United States, subject to Sergeant at Arms approval.

This vacancy announcement closes at 7pm EST. Late applications will not be accepted.

Job Description

JOB OVERVIEW

The Target Salary Range for this position is: $126,373-$155,000

About Us

The Sergeant at Arms plays a crucial role in upholding the operational integrity of the Senate community. Our vision is to foster an environment of innovation, collaboration, and adaptability, ensuring uninterrupted legislative proceedings irrespective of time, place, or circumstance. The Cybersecurity department is responsible for protecting the systems and information used to create the legislation that underwrites our democracy. We create a resilient cybersecurity operation by pro-actively identifying, protecting, detecting, reacting, and recovering (IPDRR) the US Senate enterprise. We combine people, processes, and technology into a state of the art, continuous risk-reduction practice that is flexible, innovative, and effective

Role Overview

The role of the Hunt Principal Specialist is to be the subject matter expert for all technical analysis in the operations branch. They are responsible for leading proactive hunts based on advanced adversary tactics, techniques, and procedures (TTPs) and for evaluating anomalous activity to determine its maliciousness. Additionally, they will serve as technical leads during incident response, write custom detections based on proactive hunts or threat intelligence, and emulate adversary actions to ensure the efficacy of network controls.

Key Responsibilities

As a Hunt Principal Specialist, your role is crucial in protecting our organization's digital assets and supporting our cybersecurity initiatives. Your key responsibilities include:

• Proactive Hunt -Use threat intelligence or anomaly analysis to identify potential adversary activity on the network that may have evaded current detections. Use the results of these hunts to either update detections or make recommendations to enhance Senate security posture.
• Detection Creation – Use technical expertise and understanding of adversary TTPs to create detections that address current gaps in our detection posture. Implement these detections in the network, host, and cloud environments and ensure their fidelity and usability.
• Incident Response – In the case of compromise, Hunt Principal Specialists will serve as the technical leads in incident response actions. They will ensure that Tier 1 and Tier 2 have correctly discovered the entire scope of the compromise and will undertake the most technical detection and response actions. Additionally, at the conclusion of the incident, they will ensure that the Senate detection posture can accurately alert of every stage of the compromise.
• Threat Emulation – Hunt Principal Specialists will be able to emulate the activity of advanced adversaries, ensuring that alerts fire, telemetry collection is sufficient to identify sophisticated threats, and discovering further gaps in our detections posture.
  
  

Key Accountabilities/Essential Job Duties

Provides functional and/or technical skills for the assigned cybersecurity unit. Supports the unit’s work effort as required in preparing materials for collaborating with other sections, divisions, departments, and vendors to gather and disseminate information. Contributes to the unit’s work effort as required in preparing analysis and materials for providing expert level support in the assigned area of cybersecurity to SAA IT security branch staff, other SAA technical staff, SAA procurement staff, and other division or departments; and for identifying and resolving critical and complex issues in the assigned unit. Supports the unit’s work effort as directed in providing leadership to the unit’s project teams and contractors. Work includes helping to develop plans, assignments, and coordination of work efforts. Supports the unit’s work effort to develop governing policies, standards, and procedures. Other duties as assigned

JOB SPECIFICATIONS

Required Education

High School Diploma, GED, or an equivalent combination of education and work experience.

Required Work Experience

• Seven to ten years of progressively responsible experience in cybersecurity, with a track record of leading initiatives to resolve highly complex cybersecurity issues. Subject matter expertise in one or more cybersecurity domains. Strong leadership skills, including experience managing project teams and coordinating efforts across multiple departments. Demonstrated ability to develop and implement strategic cybersecurity policies, standards, and frameworks that align with organizational goals.
  
  

As part of our hiring process, we may conduct a skills assessment to better understand an applicant’s proficiency in key areas relevant to the role.

Desired Qualifications

We are seeking a candidate with basic knowledge in key areas of cybersecurity. The ideal candidate should have:

• Cybersecurity Experience: 7-10 years of experience in SOC Analysis, Threat Hunting, Threat Intelligence, Malware Analysis, Red Team, or Systems Administration.
• Excellent Communication Skills: The ability to communicate both verbally and in writing with audiences at varying levels of technical capability.
• Self-Learning: The ability to learn highly technical concepts with minimal instruction and without formal training.
• Abstract Thinking: The ability to abstract away from atomic events and indicators and contextualize them with larger attack chains or process flows.
  
  

Working Conditions

• This position directly supports essential services of the U.S. Senate. As such, this position requires the employee be available and prepared to work during government shutdowns, in inclement weather, on holidays, weekends, and during late nights to ensure essential services to the Senate continue without interruption. In the context of government furloughs, this position is considered excepted.
• The U.S. Senate network cannot be taken offline for maintenance during the workday, or while the Senate is in session. As such, maintenance windows may only occur at night, on weekends, and occasionally on holidays. Employees who perform systems upgrades, maintenance, wiring, backups, support our alternate data centers will have schedules that include working nights, weekends, and holidays.
• Sedentary.
  
  

Security Clearance

• This position requires that the applicant obtain and maintain a Secret U.S. Government security clearance.
• Applicants must be U.S. citizens in order for the SAA to submit your application for a security clearance.
  
  

CONDITIONS OF EMPLOYMENT

To be employed by a Senate employing office in a paid position in the continental United States an individual must:

• Be a U.S. citizen;
• Be lawfully admitted for permanent residence and seeking citizenship as outlined in 8 U.S.C.
• 1324b(a)(3)(B);
• Be (i) admitted as a refugee under 8 U.S.C.
• 1157 or granted asylum under 8 U.S.C.
• 1158 and (ii) have filed a declaration of intention to become a lawful permanent resident and then a citizen when eligible; or
• Owe allegiance to the U.S. (i.e., qualify as a non-citizen U.S. national under federal law).
  
  

Employment is contingent on background / security investigation results.

Benefits At-a-glance

The SAA provides a highly competitive benefits package for all SAA staff. Our benefits extend beyond health care coverage to help provide employees with student loan reimbursement, professional development, transportation subsidy, TSP/retirement savings, access to our Employee Assistance Program, and more! For more information regarding SAA’s benefits, please visit https://sen.gov/OPPW .

ACCOMMODATIONS

As an Equal Opportunity Employer, the SAA is committed to providing reasonable accommodations to applicants with disabilities. If you are interested in applying for employment with SAA and need special assistance or an accommodation to complete the application process, please submit your request to employment@saa.senate.gov email with “Accommodation” in the subject line.

VOLUNTARY SELF-IDENTIFICATION FOR VETERANS' PREFERENCE

If you are identifying as veterans' preference eligible under the VEOA, please use this link to complete your application for Veterans' Preference AFTER you apply for this position. The link will also be available on the "Thank You" page after you have submitted your job application.

Candidates only need to apply one time for veterans’ preference to be considered for all future veterans’ preference positions within the Senate Sergeant at Arms.

• All supporting documents must ONLY be provided within the Veterans’ Preference Application and within the stated deadline of the job announcement.
• Late applications for veterans’ preference will not be considered.
• Documentation to obtain veterans’ preference will not be considered if attached to the job application.
• If you need to revise or resubmit your Application for Veterans' Preference/documents, please withdraw your previous Application for Veterans' Preference and resubmit. If you require assistance, please email employment@saa.senate.gov .
• To view additional information regarding the VEOA, please click here .
  
  

An applicant who declines to self-identify as a disabled veteran and/or to provide information and documentation regarding his/her disabled veteran’s status will not be subjected to an adverse employment action, but the individual may be ruled ineligible for veterans’ preference.