Administrative Office of the U.S. Courts Logo
Position Title
IT Specialist (Cyber Threat Intelligence Analyst)
Agency
Administrative Office of the U.S. Courts
Announcement Number
25-DTS-12722190 Opens in new window
Open Period
Friday, April 11, 2025 to Friday, April 25, 2025
For preview purposes only. To apply, please return to the USAJOBS announcement and click the Apply button.
Eligibilities
1. Do you claim Veterans’ Preference? (limit characters)
2. Are you a veteran who separated from active duty under honorable conditions and you: 

• have a rating by the Department of Veterans Affairs showing a compensable service-connected disability of 10% or more OR
• retired from active military service with a service-connected disability rating of 10% or more (**TP or 5 point veterans please do not answer 'yes' to this question.**)

If eligible, submit a copy of your latest Certificate of Release or Discharge from Active Duty, DD-214 (copy indicating character of service) or other proof of your service which includes character of service. Please also provide the disability letter from the Department of Veterans Affairs or Armed Service and the Application for 10-Point Veteran Preference, Standard Form 15.

For more information, review USAJOBS Veterans resources. (limit characters)
3. Are you a current employee of the AO or the Federal Judiciary? (limit characters)
4. Are you a current or former Federal employee?

All applicants outside of the AO must submit a copy of your latest Notification of Personnel Action (SF-50) to verify current or former Federal employment status. (limit characters)
Assessment 1
Thank you for your interest in an IT Specialist (Cyber Threat Intelligence Analyst) position with the federal government. Applicants must have demonstrated experience as listed below. This requirement is according to the AO Classification, Compensation, and Recruitment Systems which include interpretive guidance and reference to the OPM Operating Manual for Qualification Standards for General Schedule Positions. WHEN MANDATORY NARRATIVE RESPONSES ARE REQUIRED, PLEASE DO NOT DUPLICATE INFORMATION YOU HAVE ALREADY PROVIDED IN YOUR RESUME AS A RESPONSE TO THIS QUESTION. WE ARE SEEKING AN ELABORATION OF THOSE DUTIES AND SKILLS YOU HAVE MENTIONED WHICH ADDRESS THE QUESTION MORE FULLY. THIS IS YOUR OPPORTUNITY TO EXPAND ON YOUR EXPERIENCE AND/OR EDUCATION AS IT RELATES TO THE QUESTION. FAILURE TO DO THIS WILL RESULT IN YOUR BEING CONSIDERED AS INELIGIBLE. (limit characters)
1. This announcement is open to applicants who currently live in the Washington, DC commuting area and/or federal judiciary employees nationwide. From the options listed below, please select how you meet this
requirement. (limit characters)
2. Applicants must have at least one full year (52 weeks) of specialized experience which is in or directly related to the line of work of this position. Specialized experience is demonstrated experience must demonstrate ALL areas defined below:
  • Extensive knowledge of advanced persistent threats tactics, techniques, and procedures.
  • Understanding of possible attack activities such as network probing/scanning, DDOS, malicious code activity, etc.
  • Understanding of basic networking protocols such as TCP/IP, DNS, and HTTP.
  • Understanding of global geopolitical dynamics and the ability to apply that knowledge to an information security context.
  • Ability to translate complex information sets into specific actionable recommendations to enhance customers' security posture. 
  • Knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce for the roles of All-Source Analyst (AN-ASA-001), Threat/Warning Analyst (AN-TWA-001), and All Source Collection Manager (CO-CLO-001).
 (limit characters)
3. If A is selected above, a narrative statement must be submitted in the space provided below addressing your extensive knowledge of advanced persistent threats tactics, techniques, and procedures. THIS IS A MANDATORY REQUIREMENT. Please limit your response to 1,000 characters or less. (limit 1,000 characters)
4. If A is selected above, a narrative statement must be submitted in the space provided below addressing your understanding of possible attack activities such as network probing/scanning, DDOS, malicious code activity, etc. THIS IS A MANDATORY REQUIREMENT. Please limit your response to 1,000 words or less. (limit 1,000 characters)
5. If A is selected above, a narrative statement must be submitted in the space provided below addressing your understanding of basic networking protocols such as TCP/IP, DNS, and HTTP. THIS IS A MANDATORY REQUIREMENT. Please limit your response to 1,000 words or less. (limit 1,000 characters)
6. If A is selected above, a narrative statement must be submitted in the space provided below addressing your understanding of global geopolitical dynamics and the ability to apply that knowledge to an information security context. THIS IS A MANDATORY REQUIREMENT. Please limit your response to 1,000 words or less. (limit 1,000 characters)
7. If A is selected above, a narrative statement must be submitted in the space provided below addressing your ability to translate complex information sets into specific actionable recommendations to enhance customers' security posture. THIS IS A MANDATORY REQUIREMENT. Please limit your response to 1,000 words or less. (limit 1,000 characters)
8. If A is selected above, a narrative statement must be submitted in the space provided below addressing your knowledge and abilities as described in NIST Special Publication 800-181 National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce for the roles of All-Source Analyst (AN-ASA-001), Threat/Warning Analyst (AN-TWA-001), and All Source Collection Manager (CO-CLO-001). THIS IS A MANDATORY REQUIREMENT. Please limit your response to 1,000 words or less. (limit 1,000 characters)
9. In the space provided below, please indicate the time frame and employer(s) where we can locate this information. THIS IS A MANDATORY REQUIREMENT. Please limit your response to 250 characters or less.
 (limit characters)
Select the one statement that most accurately describes your training and experience carrying out each task using the scale provided. (limit characters)
10. Which level description best describes your strong fundamental understanding of the TCP/IP stack, the OSI model, and troubleshooting concepts? (limit characters)
11. Which level description best describes your expertise developing and updating of open-source collection plans with the goal of automating feasible key components using Splunk and other technologies? (limit characters)
12. Which level description best describes your knowledge and experience conducting risk assessments on critical assets for a wide variety of scenarios? (limit characters)
13. From the options listed below, please select the IT Security certifications you currently possess. (SELECT ALL THAT APPLY) (limit characters)
14. If other certification was selected, what certification do you possess?
 (limit characters)
Select “Yes” or “No” to the following question(s). (limit characters)
15. I understand that failure to provide a written statement ("See Resume" or other non-descriptive response is not sufficient) for each essay question could result in non-consideration for this position.
 (limit characters)
  • Privacy & Cookies
© 2025 US Office of Personnel Management
This is a USA Staffing® System