Senior Cybersecurity & Defensive Cyber Analyst

For over sixty years, the NRO has developed, acquired, launched and operated the satellites that are the foundation for America's advantage and strength in space. Using a diversified architecture of spacecraft, NRO collects and delivers the best space-based intelligence, surveillance, and reconnaissance content on the planet. Learn more at nro.gov. Basic Eligibility For A Position With NRO U.S. Citizenship is required You must be able to obtain and maintain a TS/SCI security clearance You will be subject to preemployment and periodic drug testing You will be subject to preemployment and periodic polygraph examinations Where You Will Work Do you have experience in cybersecurity, threat analysis, and incident response? Are you passionate about protecting critical intelligence systems from cyber threats? Does analyzing and responding to security incidents for space-based reconnaissance systems interest you? If so, the National Reconnaissance Office (NRO) is looking for you! The NRO Cadre is collecting resumes via a continuous announcement for consideration against current and future opportunities for senior level (GG-14-15) Senior Cybersecurity & Defensive Cyber Analysts, occupational series 2210. For more information on the Office of Personnel Management (OPM) occupational series, click here. This position focuses on the following DoD 8140 Work Roles: Systems Security Analyst (461) Defense Cyber Analyst (511) Cyber Defense Incident Responder (531) Software Developer (621) Secure Software Assessor (622) Security Architect (652) This is a fulltime position. Your resume may be considered for other positions which your skills and experience may be a good match. Who May Apply This position is open to the public. Federal government employees MUST currently be at the grade level or higher as indicated in this announcement. This is NOT a promotion opportunity for current Federal government employees. If selected for the position, Federal government employees will transition laterally at their current grade level and step. Federal applicants who exceed the advertised grade may voluntarily request acceptance at the lower grade IAW DoD 1400.25 Volume 2006. The NRO is only accepting external applicants for this job announcement. Current NRO Cadre employees should apply internally. This position does not qualify for the appointment of a Reemployed Federal Annuitant IAW DoDI 1400.25 Volume 300. What You Will Be Doing Senior Cybersecurity & Defensive Cyber Analysts require expertise in one or more of the following areas: Systems Security Leadership - Serve as an expert security analyst and consultant, managing and directing the analysis and development of the integration, testing, operations, and maintenance of systems security at an enterprise level. Cyber Defense Leadership - Lead the analysis of data collected from a variety of cyber defense tools to identify and mitigate sophisticated threats. Develop advanced threat hunting methodologies and defensive strategies for critical systems. Incident Response Leadership - Direct the investigation, analysis, and response to complex cyber incidents within the network environment. Develop and implement incident response procedures and recovery strategies for enterprise systems. Software Security Leadership - Lead the development, creation, maintenance, and assessment of secure applications and software systems. Establish secure coding practices and security assessment methodologies for the organization. Security Architecture Leadership - Design enterprise and systems security throughout the development lifecycle at a strategic level. Translate technology and environmental conditions into comprehensive security designs and processes. Leadership to Ad Hoc Teams - Lead cross-functional teams at scale or in highly complex environments to develop innovative cybersecurity solutions. Focus team efforts towards current goals and priorities. Plan, develop, and execute largescale cybersecurity initiatives that transform the manner in which work is accomplished. Relationship Management - Work closely with customer agencies in senior leadership roles and navigate conflicting priorities from senior stakeholders or in complex environments. Reinforce, uphold, and advocate core principles for building secure IT services and systems. What You Need Highly desired: Bachelor's or Master's degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET accredited or CAE designated institution Minimum of 8 years of specialized experience in systems security analysis, cyber defense, incident response, software development, or security architecture Mastery of and directly applicable experience with advanced cybersecurity principles, concepts, methods, standards, and practices Experience developing and interpreting policies, procedures, and strategies governing the planning and delivery of cybersecurity services throughout the agency Proven ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical cybersecurity issues Significant experience applying new developments to previously unsolvable problems and making decisions or recommendations that significantly influence important agency cybersecurity policies or programs Proven ability to manage largescale cybersecurity initiatives from end to end to include leading cross-functional teams Demonstrated experience communicating with high-ranking stakeholders to resolve issues, provide executive briefings and status updates Experience delivering cybersecurity solutions using Agile and lean methodologies Specialized experience is defined as experience that equipped the applicant with the particular knowledge, skills, and abilities to perform successfully the duties of the position. To be creditable, specialized experience must have been equivalent to at least the next lower grade level in the normal line of progression for the occupation in the organization.Qualifying experience may have been acquired in any public or private sector job, but will clearly demonstrate past experience in the application of the particular competencies/knowledge, skills, and abilities necessary to successfully perform and is typically in or directly related to the duties of the position as described above. Experience must be reflected in your resume. Applicants submitting a resume that exceeds the two-page limit per OPM Memorandum, “Merit Hiring Plan,” dated May 29, 2025, https://www.opm.gov/chcoc/latest-memos/merit-hiring-plan.pdf will not be eligible for consideration. For more information regarding resume writing, see “Guidance for Applicants on 2-Page Resume” and visit the Resume Help Center. DoD 8140 Work Role Alignment This position aligns with the following DoD 8140 Work Roles at the advanced level: Systems Security Analyst (461) Defense Cyber Analyst (511) Cyber Defense Incident Responder (531) Software Developer (621) Secure Software Assessor (622) Security Architect (652) DoD 8140 Qualification Requirements Candidates must meet one of the following qualification options for their assigned work role: Systems Security Analyst (461) Education: Bachelor degree or higher from an accredited college or university; OR Training: Offerings listed in DoD 8140 Training Repository; OR Certification: CISSP-ISSEP or GSNA Defense Cyber Analyst (511) Education: BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET accredited or CAE designated institution; OR Training: Advanced-level 411C32255S (CP) or 4C255N (CP) or 4C255A (CP) or M0923W1 or A5310045 or A5310022 or A5314417 or WSS 012; OR Certification: CySA+, CBROPS, CFR, FITSPO, GCIA, GDSA, GICSP, or GCFA Cyber Defense Incident Responder (531) Education: BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET accredited or CAE designated institution; OR Training: Advanced level 411C32255S (CP) or 4C255N (CP) or 4C255A (CP) or A5310045 or A5310022; OR Certification: CySA+, CFR, GCFA, GCIA, GDSA, GCIH, GICSP, or CCE Software Developer (621) Education: Bachelor degree or higher from an accredited college or university; OR Training: Offerings listed in DoD 8140 Training Repository; OR Certification: CISSP-ISSAP Secure Software Assessor (622) Education: BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET accredited or CAE designated institution; OR Certification: CSC, GCSA, GCLD, or CISSP-ISSEP Security Architect (652) Education: BS degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET accredited or CAE designated institution; OR Certification: CISM, CISSO, FITSPD, GCIA, GCSA, GCLD, GDSA, GICSP, CISSP-ISSAP, or CISSPISSEP Other Information Cyberspace Workforce and Qualification Management Program: In accordance with DoDM8140.03, employees are required to achieve and maintain the appropriate foundational and residential qualification requirements within their associated work role qualification matrix. Foundational qualification requirements must be met within 9 months of assignment. Resident qualification requirements must be met within 12 months of assignment. Professional Development: In accordance with DoDM8140.03, employees are required to complete 20 hours of continuous professional development or education annually to maintain qualification in their cyber work role. Financial Management Certification: May be required to obtain the appropriate Financial Management certification level for the position within two years of assignment. Overtime Statement: May be required to work other than normal duty hours, which may include evenings, weekends, and/or holidays. Travel Statement: May be required to travel in military or commercial aircraft to perform temporary duty assignments. Financial Disclosure: May be required to file an OGE Form 450, Confidential Financial Disclosure Report, upon appointment and will be required to file annually. Defense Acquisition Workforce Improvement Act (DAWIA) coded positions: If selected for a DAWIA coded position, the incumbent must meet appropriate certification requirements IAW the Defense Acquisition Workforce Improvement Act (DAWIA) no later than 60 months after accepting this position. DAWIA requirements may be located at the Defense Acquisition University website. DAWIA Functional Area/Tier Required: GG-14-15: Engineering & Technical Management/Practitioner Critical Acquisition Positions (CAP): Employee must execute a written tenure agreement to maintain in Federal Service in this position for at least three years and must have four years acquisition experience. Geographic Mobility Agreement: May be subject to directed reassignment as required to address mission effectiveness, and/or career development. Emergency Essential: Certain positions are deemed emergency essential and incumbents must be willing to meet all position requirements. Location Washington D.C. area Salary This position meets the qualifications for Defense Civilian Intelligence Personnel System (DCIPS) Targeted Local Market Supplement (TLMS) STEM pay for NRO Cadre employees and candidates as authorized by the office of the Under Secretary of War for Intelligence and Security's (OUSW(I&S)). Cadre employees and candidates are eligible to receive STEM pay if they are currently serving in a STEM designated position. 2026 STEM Salary Ranges: GG-14: $148,275 - $192,764 GG-15: $167,446 - $197,200 For more information on STEM pay, visit https://dcips.defense.gov/Human-Resources/Compensation/ This position is a full performance level DCIPS position. The NRO is accepting applications from U.S. Citizens and current Federal Government employees for this position. To qualify for the position, Federal government employees MUST currently be at the GG-14-15 grade level and may ONLY apply for a lateral reassignment at their current grade level and step. Federal applicants who exceed the advertised grade may voluntarily request acceptance at the lower grade per IAW DoDI 1400.25 Volume 2006. Hiring Incentives The NRO may offer hiring incentives and other entitlements at management's discretion. Trial Period All new DCIPS employees will be required to serve a 2-year trial period. Veterans' Preference DoD Components with DCIPS positions apply Veterans' Preference to preference eligible candidates as defined by Section 2108 of Title 5 USC, in accordance with the procedures provided in DoD Instruction 1400.25, Vol 2005, DCIPS Employment and Placement. If you are a veteran claiming veterans' preference, as defined by section 2108 of Title 5 USC, you must submit documents verifying your eligibility upon request. Equal Employment Opportunity Policy The United States government does not discriminate in employment on the basis of race, color, religion, sex, pregnancy, national origin, political affiliation, sexual orientation, marital status, disability, genetic information, age, membership in an employee organization, retaliation, parental status, military service or other non-merit factor. Equal Employment Opportunity (EEO) for federal employees & job applicants Reasonable Accommodation Policy Federal agencies must provide reasonable accommodation to applicants with disabilities where appropriate. Applicants requiring reasonable accommodation for any part of the application process should follow the instructions in the job opportunity announcement. For any part of the remaining hiring process, applicants should contact the hiring agency directly. Determinations on requests for reasonable accommodation will be made on a case-by-case basis. A reasonable accommodation is any change to a job, the work environment, or the way things are usually done that enables an individual with a disability to apply for a job, perform job duties or receive equal access to job benefits. Under the Rehabilitation Act of 1973, federal agencies must provide reasonable accommodations when: An applicant with a disability needs an accommodation to have an equal opportunity to apply for a job. An employee with a disability needs an accommodation to perform the essential job duties or to gain access to the workplace. An employee with a disability needs an accommodation to receive equal access to benefits, such as details, training, and office-sponsored events. You can request a reasonable accommodation at any time during the application or hiring process or while on the job. Requests are considered on a case-by-case basis. Please send your request to [email protected]. Privacy Act Notice Privacy Act Notice (PL 93579): We use this information to determine qualifications for employment. This is authorized under Title 5 U.S.C. 3302 and 3361. Read more about the Privacy Act of 1974