Skip to main content

Vacancy Details

Grade: 14

No questions specified.

Grade: All Grades

1 I have one year of specialized experience equivalent to at least the grade 13 level in the Federal service as described below: Answer to this question is required
  • Yes
  • No
Specialized experience is experience pertaining to information security in the areas vulnerability assessments; and direct technical knowledge performing vulnerability assessments using automated tools, correlating the results, and reporting findings to system owners for remediation.
2 I have led a technical team in the area of vulnerability management to include vulnerability detection, vulnerability risk assessment, and remediation prioritization.  Answer to this question is required
  • Yes
  • No
3 Choose the responses that most accurately reflect your highest level of experience in vulnerability management for enterprise systems. Answer to this question is required
  • In depth knowledge of the vulnerability management lifecycle.
  • First-hand experience operating vulnerability detection tools in an operational environment.
  • First-hand experience analyzing and interpreting vulnerability information in order to improve security operations such as incident response.
  • Knowledge of the patch management life cycle.
  • Prioritized vulnerabilities for remediation based on factors such as risk and environment
  • None of the above.
4 Choose the response that most accurately reflects your highest level of experience with respect to the adoption of new vulnerability management technology. Answer to this question is required
  • I have managed or led efforts that resulted in the adoption of new vulnerability management technology.
  • I have managed or led efforts that evaluated and recommended the adoption of new vulnerability management technology
  • I have participated in efforts that resulted in the adoption of new vulnerability management technology.
  • I have participated in efforts that evaluated and recommended the adoption of new vulnerability management technology.
  • None of the above.
5 Choose the response that MOST accurately reflects your highest level of experience with respect to developing documentation related to a vulnerability management program. Answer to this question is required
  • I have developed standard operating procedures related to a vulnerability management program.
  • I have supported the development of documents at all levels to include policies, CONOPS, standard operating procedures related to a vulnerability management program.
  • I have led the development of documents at all levels to include policies, CONOPS, standard operating procedures related to a vulnerability management program.
  • None of the above.
6 Choose the response that best describes your experience with vulnerability scanning requiring hands-on technical work: Answer to this question is required
  • I have not had the education, training or experience in performing this task
  • I have performed this task on the job with assistance from a team leader, supervisor or senior employee to ensure compliance with proper procedures.
  • I have performed this task on the job independently with approval of the final product by a team leader or a supervisor.
  • I have instructed or assisted other workers in the performance of this task due to my expertise in this area.
7 From the list below select all of the activities in which you have engaged: Answer to this question is required
  • I have never managed an information security project or program
  • I have led a team on an information security project that lasted at least 6 months.
  • I have led a team on an information security project or program that lasted at least a year.
8 Select the response that BEST describes your experience with respect to communication vulnerability based risks. Answer to this question is required
  • I have supported the development of dashboards and reports in order to communicate the vulnerability based risks affecting the enterprise.
  • I have led the development of dashboards and reports in order to communicate the vulnerability based risks affecting the enterprise.
  • I have led the development of dashboards and reports in order to communicate the vulnerability based risks affecting the enterprise and presented findings to stakeholders.
  • None of the above.
9 Are you a current or former Executive Branch political appointee who served on a political Schedule A or Schedule C appointment within the past 5 years? Answer to this question is required
  • Yes
  • No