IT Specialist (Security)

The IT Specialist (Security) serves as a Malware Analyst within the Security Operations Center (SOC). In this role, the incumbent performs advanced analysis of malicious software to determine functionality, execution behavior, persistence mechanisms, and attacker intent. The incumbent provides authoritative technical assessments that inform incident containment, remediation, and recovery efforts and contributes to high-confidence threat actor attribution by identifying unique tools, techniques, and behavioral patterns.

Key Duties and Responsibilities include, but are not limited to: Performing advanced static and dynamic analysis of complex malware, including binaries and scripts, to determine functionality, behavior, and malicious intent. Reverse engineering malicious executables, installers, and payloads to identify execution flow, persistence mechanisms, and embedded capabilities. Analyzing malware activity within enterprise and proprietary Judiciary systems to assess operational impact and risk.

Examining command-and-control (C2) communications, including protocols, encryption methods, obfuscation, and evasion techniques. Identifying, validating, and documenting indicators of compromise (IOCs) derived from reverse engineering and behavioral analysis. Performing sandboxing and instrumented runtime analysis to observe malware execution and system interactions.

Correlating malware artifacts with endpoint telemetry, network traffic, and log data to determine scope of compromise and attacker activity. Supporting forensic examinations of compromised systems to confirm malware presence, persistence, and post-exploitation behavior. Providing expert technical guidance to incident responders on attacker capabilities, risks, and recommended containment and mitigation strategies.

Producing detailed technical reports and concise summaries that translate complex malware findings into actionable intelligence. Monitoring and analyzing emerging malware families, tools, and techniques to enhance detection, attribution, and SOC response readiness.

CONDITIONS OF EMPLOYMENT All information is subject to verification. Applicants are advised that false answers or omissions of information on application materials or inability to meet the following conditions may be grounds for non-selection, withdrawal of an offer of employment, or dismissal after being employed. Selection for this position is contingent upon completion of OF-306, Declaration of Federal Employment during the pre-employment process and proof of U.S. citizenship for competitive status positions or conversion to a competitive status position with the AO.

If non-citizens are considered for hire into a temporary or any other position with non-competitive status or when it is confirmed by the AO Human Resources Office there are no qualified U.S. citizens for a competitive status position (unless prohibited by a law or statue), non-citizens must provide proof of authorization to work in the U.S. and proof of entitlement to receive compensation. Additional information on the employment of non-citizens can be found at USAJOBS Help Center | Employment of non-citizens/. For a list of documents that may be used to provide proof of citizenship or authorization to work in the United States, please refer to Form I-9, Employment Eligibility Verification.

All new AO employees will be required to complete an FBI fingerprint-based national criminal database and records check and pass a public trust suitability check. New employees to the AO will be required to successfully pass the E-Verify employment verification check. To learn more about E-Verify, including your rights/responsibilities, visit https://www.e-verify.gov/.

All new AO employees are required to identify a financial institution for direct deposit of pay before appointment.

You will be required to serve a trial period if selected for a first-time appointment to the Federal government, transferring from another Federal agency, or serving as a first-time supervisor. Failure to successfully complete the trial period may result in termination of employment. If appointed to a temporary position, management may have the discretion of converting the position to permanent depending upon funding and staffing allocation.

This position does not require education to qualify.

We will review your resume and supporting documentation and compare this information to your responses on the occupational questionnaire to determine if you meet the minimum qualifications for this job. If you meet the minimum qualifications for this job, we will evaluate your application package, to assess the quality, depth, and complexity of your accomplishments, experience, and education as they relate to the requirements listed in this vacancy announcement. You should be aware that your ratings are subject to evaluation and verification.

If a determination is made that you have rated yourself higher than is supported by your resume and/or narrative responses, you will be assigned a rating commensurate to your described experience. Failure to submit the mandatory narrative responses will result in not receiving full consideration and/or rating credit. Deliberate attempts to falsify information may be grounds for not selecting you, withdrawing an offer of employment, or dismissal after being employed.

The AO is an Equal Opportunity Employer.

To apply for this position, you must complete the online application and submit the documentation specified in the Required Documents section below.

The complete application package must be submitted by 05/22/2026 to receive consideration.To begin, click Apply Online to access an online application.

Follow the prompts to select your USAJOBS resume and/or other supporting documents.

You will need to be logged into your USAJOBS account or you may need to create a new account.

You will be taken to an online application.

Complete the online application, verify the required documentation, and submit the application.

You will receive an email notification when your application has been received for the announcement. To verify the status of your application, log into your USAJOBS account, https://my.usajobs.gov/Account/Login, select the Application Status link and then select the More Information link for this position. The Application Status page will display the status of your application, the documentation received and processed, and your responses submitted to the online application.

Your uploaded documents may take several hours to clear the virus scan process.

Click the following link to view and print the occupational questionnaire https://apply.usastaffing.gov/ViewQuestionnaire/12939666

For this job announcement the following documents and/or information are required: Resume - Any written format you choose to describe your job-related qualifications. Citizenship - Include country of citizenship on resume. Notification of Personnel Action (SF-50) - All applicants outside of the AO must submit a copy of your latest SF-50 to verify current or former Federal employment status.

Veterans Preference documentation - Certificate of Release or Discharge from Active Duty (DD Form 214), if applicable Application for 10-Point Veteran Preference (SF-15) and an official statement, dated 1991 or later, from the Department of Veterans Affairs or from a branch of the Armed Forces, certifying to the veteran's present receipt of compensation.