Information Technology Specialist (INFOSEC)
As a GS-2210-14 Information Technology Specialist (INFOSEC), you will:
Oversee all Information Systems Security Officers activities for Authorizations and Assessments (A&A), Risk waiver, Interconnection Security Agreement (ISA)/Memorandum of Understanding (MOU), Business Impact Analysis (BIA), Federal Information Processing Standards (FIPS) categorization, corrective action plans, briefings and presentations. Manage the Continuous Monitoring program following National Institute of Standards and Technology (NIST) special publications. Oversee and enhance the vulnerability management program directly related to Cloud migration. Review, update, and author, as necessary, new and existing compliance governance for EITS Program Cyber Security Plan (PCSP). SPECIALIZED EXPERIENCE REQUIREMENTS Applicants must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. In addition to the competency requirements above, a qualified candidate's online application must demonstrate at least one year of specialized experience equivalent to the GS-13 level in the Federal Service. Specialized experience for this position is defined as:
Providing recommendations on all matters relating to system security controls to mitigate vulnerabilities and threats to information systems. Identifying and evaluating future and emerging technologies to coordinate IT security matters including monitoring of system components to include vulnerability scan result reviews, audit log reviews, and account management. Identifying and writing specifications to meet IT security requirements at the application, database, or operating system server level. Developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, applications, and data Your application and resume should demonstrate that you possess the following knowledge, skills and abilities (KSAs). Do not provide a separate narrative written statement. Rather, you must describe in your application how your past work experience demonstrates that you possess the KSAs identified below. Cite specific examples of employment or experience contained in your resume and describe how this experience has prepared you to successfully perform the duties of this position. DO NOT write see resume in your application! Knowledge of Federal IT security guidance, policies, and procedures with expertise in the full range of complex areas of Information Management, systems, and technologies to constantly improve the performance of security assurance throughout the program. Knowledge of FISMA, FIPS, and related government mandated requirements and policy. Knowledge of process, procedures and tactics related to continuous monitoring & compliance. Knowledge of NIST special publications relevant to authorizations and assessments (A&A) Skill in continuous monitoring capabilities to include vulnerability management. Knowledge of the Risk Management Framework and the Cybersecurity Framework. Knowledge of compliance activities associated with A&A process, artifacts and governance/policy. Skill and ability in writing governance, documents, presentations for senior leaders. Experience refers to paid and unpaid experience. Examples of qualifying unpaid experience may include:
volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations. Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.CTAP/ICTAP candidates:
To be considered well qualified you must meet all of the requirements as described in this section.You must meet all qualifications and eligibility requirements by the closing date of this announcement.
Estimated Salary: $20 to $28 per hour based on qualifications.
Oversee all Information Systems Security Officers activities for Authorizations and Assessments (A&A), Risk waiver, Interconnection Security Agreement (ISA)/Memorandum of Understanding (MOU), Business Impact Analysis (BIA), Federal Information Processing Standards (FIPS) categorization, corrective action plans, briefings and presentations. Manage the Continuous Monitoring program following National Institute of Standards and Technology (NIST) special publications. Oversee and enhance the vulnerability management program directly related to Cloud migration. Review, update, and author, as necessary, new and existing compliance governance for EITS Program Cyber Security Plan (PCSP). SPECIALIZED EXPERIENCE REQUIREMENTS Applicants must have IT-related experience demonstrating each of the four competencies listed below. Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. In addition to the competency requirements above, a qualified candidate's online application must demonstrate at least one year of specialized experience equivalent to the GS-13 level in the Federal Service. Specialized experience for this position is defined as:
Providing recommendations on all matters relating to system security controls to mitigate vulnerabilities and threats to information systems. Identifying and evaluating future and emerging technologies to coordinate IT security matters including monitoring of system components to include vulnerability scan result reviews, audit log reviews, and account management. Identifying and writing specifications to meet IT security requirements at the application, database, or operating system server level. Developing policies and procedures to ensure information systems reliability and accessibility and to prevent and defend against unauthorized access to systems, applications, and data Your application and resume should demonstrate that you possess the following knowledge, skills and abilities (KSAs). Do not provide a separate narrative written statement. Rather, you must describe in your application how your past work experience demonstrates that you possess the KSAs identified below. Cite specific examples of employment or experience contained in your resume and describe how this experience has prepared you to successfully perform the duties of this position. DO NOT write see resume in your application! Knowledge of Federal IT security guidance, policies, and procedures with expertise in the full range of complex areas of Information Management, systems, and technologies to constantly improve the performance of security assurance throughout the program. Knowledge of FISMA, FIPS, and related government mandated requirements and policy. Knowledge of process, procedures and tactics related to continuous monitoring & compliance. Knowledge of NIST special publications relevant to authorizations and assessments (A&A) Skill in continuous monitoring capabilities to include vulnerability management. Knowledge of the Risk Management Framework and the Cybersecurity Framework. Knowledge of compliance activities associated with A&A process, artifacts and governance/policy. Skill and ability in writing governance, documents, presentations for senior leaders. Experience refers to paid and unpaid experience. Examples of qualifying unpaid experience may include:
volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations. Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment. You will receive credit for all qualifying experience, including volunteer experience.CTAP/ICTAP candidates:
To be considered well qualified you must meet all of the requirements as described in this section.You must meet all qualifications and eligibility requirements by the closing date of this announcement.
- Department:
2210 Information Technology Management - Salary Range:
$121,316 to $157,709 per year
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
