The Public Defender Service for the District of Columbia (PDS) is a federally funded, independent organization governed by an eleven-member Board of Trustees. PDS provides legal representation to individuals facing a loss of freedom in the local criminal, delinquency, and mental health systems in the District of Columbia. PDS’s approximately 278 employees, most of whom work at the main office at 633 Indiana Avenue, N.W., Washington, D.C. PDS’s staff consists of approximately 100 attorneys and approximately 135 social workers, investigators, administrative, and technical staff. District of Columbia residency is not a requirement for employment. PDS is funded by federal appropriations, and all employees are entitled to participate in federal health and life insurance plans, federal retirement plans, and the Thrift Savings Plan. Transferring employees will receive recognition of creditable federal service for leave accrual and retirement purposes. Employment at the Public Defender Service is at-will and is considered excepted service.

This position is located in the Division of Information Technology of the Public Defender Service (PDS) for the District of Columbia. PDS’s Information Technology Division is responsible for the planning, development and management of all information technology systems and subsystems that support PDS programs and management operations and for the development, maintenance and oversight of policies, standards and procedures relating to agency information technology programs and activities. The Office assesses PDS technology requirements; analyzes potential return on technology investment for internal systems and for PDS interfaces with external systems; and designs and administers system configuration and architecture including hardware and software, telecommunications, network operations, desktop systems, and system security. The IT Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

Strategy & Planning


1. Participate in the planning and design of enterprise security architecture, under the direction of the Chief Information Officer, where appropriate.


2. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the Chief Information Officer, where appropriate.


3. Participate in the planning, design and implementation of an enterprise business continuity plan and disaster recovery plan, under the direction of the Chief Information Officer, where appropriate.


4. Create and manage an incident response plan.


Acquisition & Deployment


1. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.


2. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.


3. Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.


4. Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.


5. Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.


Operational Management


1. Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices).


2. Oversee and manage the vulnerability management program from the emergence of new security vulnerabilities to the remediation of vulnerabilities.


3. Ensure the enforcement of enterprise security documents.


4. Facilitate the deployment, management, and maintenance of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.


5. Maintain operational configurations of all in-place security solutions as per the established baselines.


6. Monitor all in-place security solutions for efficient and appropriate operations.


7. Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.


8. Recommend, schedule (where appropriate), and apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.


9. Design, implement, and report on security system and end user activity audits.


10. Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution.


11. Participate in investigations into problematic activity.


12. Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.


13. Provide on-call support for end users for all in-place security solutions.

1

AD-2210-13/14 

$112,015 - $172,075 per year

Open to US Citizens or persons authorized to work in the United States.

You must provide a complete application package which includes: (1) a cover letter and resume; (2) official college transcripts (if available); otherwise, (3) a copy of your most recent SF 50 Notice of Personnel Action (if available) with personally identifiable information redacted; (4) current performance appraisal, if available, and (5) a list of three references that include name, address, telephone number, and a statement of how each reference is able to evaluate your skills to Lead Human Resources Specialist, Miatta Johnson, Office of Human Resources, Public Defender Service for the District of Columbia, Job Announcement PDS#2023-46, 633 Indiana Avenue, NW, Washington, DC 20004 as MS Word or PDF document attachments to the following email address: [email protected] vacancy announcement # and title of the vacancy MUST APPEAR on the subject line of the email. 

All application materials become property of PDS and will not be returned. For questions or concerns regarding this vacancy announcement or hiring process, please contact Lead HR Specialist Miatta Johnson at (202) 824-2843 or via the email address listed above.


Rating: Your application package will be evaluated in the following areas: Technical, Analytical, and  Communication. Your application package will be rated and ranked among others, based on your experience, education, training, performance appraisal, and awards relevant to the duties of this position. Your rating can be lowered if your application package is not supported by the supporting documents.


Referral: If you are among the top qualified candidates, your application package will be referred to a hiring manager for consideration, at which time you may be invited to participate in a selection interview. Non-local candidates may be interviewed initially via Skype or other electronic means.


Interview Structure:  Those who are selected for interviews will be required to interview in person.