Be the force behind the force. Your mission, should you choose to accept it, is to empower the U.S. Air Force and Space Force to protect our nation's interests in air, space, and cyberspace. This is more than a job; it's a calling to serve.
The Air Force Civilian Service (AFCS) is looking for full-time
The Air Force Civilian Service (AFCS) is looking for a full-time, Chief, Cyber Defense Branch - IT (INFOSEC) GG-2210-14 at Offutt Air Force Base in Bellevue, Nebraska.
Do you have any of these skills: CYSA+, CISSP, PMP, CASP+, Cyber threat analysis, incident response, vulnerability management, network defense, cyber forensics, SIEM, malware analysis, team leadership, policy development, risk management, insider threat mitigation? Then you maybe the one we have been looking for and would like to talk to you. Please apply with your 2-page resume.
Recruitment Incentives may be authorized
Salary Range: $107,446– $ 146,848 based on experience
REQUIREMENTS TO BE CONSIDERED:,Top Secret/SCI
This is a DoD Cyber Excepted Service (CES) Personnel System position aligned under authorities of Section 1599f, of Title 10, Chapter 81 United States Code and DOD Instruction 1400.25-V3007.
Required 3-year probationary period for new Federal government appointments.
CES applies and documents Veterans’ Preference IAW Department of Defense (DoDI) 1400.25, Volume 3005.
This position can close at any time. Apply Now!
Qualifications/Requirements
The primary purpose of this position: Lead a high-impact cyber defense team protecting critical national security networks at USSTRATCOM. As Chief, Cyber Defense Branch, you’ll oversee incident response, threat analysis, vulnerability management, and forensics. Drive innovation, shape policy, and collaborate with Department of War (DoW) and intelligence partners. Seeking a proven leader with deep technical expertise in cybersecurity, incident response, and team management. Top Secret/SCI required. Join us to defend the nation’s most vital cyber assets.
U.S. Citizenships Required.
Must be able to obtain and maintain a Top Secret, Sensitive Compartmented Information (SCI) Security Clearance. A non-disclosure agreement must be signed. Incumbent is required to undergo a counterintelligence-scope polygraph examination.
Drug Testing: This position has been designated by the Air Force as a Testing Designated Position (TDP) under the Air Force Civilian Testing Program. Employee must pass initial and periodic short notice drug testing.
Cyberspace Qualification is a condition of employment. This position includes Cyberspace work as a paramount duty requirement. Per DoDM 8140.03, para 4.2.a.(2)., requires foundational qualification requirements within 9 months of assignment to a cyberspace work role and resident qualification requirements within 12 months of assignment to a cyberspace work role.
This is a Mission-Essential position performing a Mission-Critical-Function which must continue uninterrupted after the occurrence of an emergency and continued through full resumption of all functions.
Knowledge of a full range of IT and cybersecurity principles, concepts, and methods as well as risk management processes (e.g., methods for assessing and mitigating risk), specific operational impacts of cybersecurity lapses and their application to the organization’s core mission processes, and emerging technologies that have potential for exploitation by adversaries sufficient to provide expert technical advice to management on a wide range of complex IT issues, to manage the evaluation of risks and vulnerabilities, to oversee the development of mitigating improvements, and to manage the dissemination of IT security tools and procedures.
Knowledge of computer networking concepts and protocols (e.g., TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services); network security methodologies and architecture concepts including topology, components, and principles (e.g., application of defense-in-depth); and related computer disciplines such as systems, communication lines, intrusion detection systems, firewalls, and routers as they relate to computer network defense (CND) operations and environments.
Knowledge of cyber threats, vulnerabilities, and attack methodologies and stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks); threat types and capabilities; different classes of attacks (e.g., passive, active, insider, close-in, distribution); and system and application threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, and malicious code).
Knowledge of complex cyber forensics, cyber threat, and intrusion detection concepts, disciplines, methodologies, and techniques for detecting host and network-based intrusions via intrusion detection technologies sufficient to oversee the development of countermeasures to classified and unclassified computer network and system attacks.
Knowledge of advanced incident management, analysis, and response concepts and procedures; incident categories, incident responses, and timelines for responses; incident response and handling methodologies; and computer security incident response processes including countermeasure mitigation strategies, malware analysis, network traffic analysis, and network system analysis/forensics.
Knowledge of vulnerability management processes and procedures; vulnerability categories, responses, and timelines for response; as well as computer network defense and vulnerability assessment tools (commercial and open source) and their capabilities, network traffic analysis tools, identification and authentication technologies, Security Information and Event Management (SIEM) tools, firewalls, malicious code identification tools, intrusion detection/prevention tools, proxies, email security filters, and vulnerability scanning tools among other technologies designed to protect systems and networks.
Skill in conducting technical and non-technical risk and vulnerability assessments, in administering and utilizing vulnerability scanning tools to protect systems and networks; in using network analysis tools to identify vulnerabilities; and in recognizing and categorizing types of vulnerabilities and associated attacks.
Ability to interpret, implement, and apply Federal cybersecurity and cyber defense laws, policies, regulations, procedures, standards, and compliance measures to command information systems and to the development of policy, plans, and strategies in support of cyber activities and the DoD Information Network (DODIN) security posture.
You will be evaluated for this job based on how well you meet the qualifications above.
Your application package (resume, supporting documents) will be used to determine your eligibility, and qualifications.
Click the apply button to complete an application and upload your two-page resume to comply with the Merit Hiring Plan (PDF or Word Doc) and/or additional documents (Transcripts, certifications, Vet Docs (DD214), SF-50). As of 27 September 2025, Federal agencies will only accept resumes up to two pages in length. To learn more about the new resume requirements visit https://afciviliancareers.com/resumetips/ OR https://www.opm.gov/policy-data-oversight/hiring-information/merit-hiring-plan-resources/agency-guidance-on-the-two-page-limit-on-resume-length.
To receive additional information about current and future job openings with AFCS via email notification, please subscribe at www.Afciviliancareers.com and sign up to “Get Career Updates.”
Candidates should be committed to improving the efficiency of the Federal government, passionate about the ideals of our American republic, and committed to upholding the rule of law and the United States Constitution.
U.S. citizenship required. Must be of legal work age.
AFCS is an Equal Opportunity Employer.
