It Specialist (infosec)

Summary Please limit your resume to 5 pages. If more than 5 pages are submitted, only the first 5 pages will be reviewed to determine your eligibility/qualifications. This is a Direct Hire Authority (DHA) solicitation utilizing the DHA for Business and Technical Management to recruit and appoint qualified candidates to positions in the competitive service. Responsibilities Perform duties of an Information System Security Officer (ISSO) providing security control assessments against an established Risk Management Framework. Perform assessments of systems and identify where those systems deviate from acceptable configurations, enclave policy, or DoD policy. Use National Institute of Standards and Technology publications to assess baseline compliance, configuration best-practices and industry best-practices. Review network diagrams, topology, data-flow diagrams and other schematical means of determine an IT system's data flow and hardware/software functions. Establish and track cybersecurity-related project schedules. Track Security Plan of Action and Milestones (POA and M's) for system remediation, implementation and risk. Use an understanding of defense-in-depth, zero trust access control, and data-integrity to support organizational cybersecurity objectives. Participate in cybersecurity collaboration with Program Managers and sustainment organizations at various levels to achieve common goals. Support Information Assurance Vulnerability Management (IAVM) processes for monthly/quarterly deliverables affecting multiple baselines. Requirements Conditions of Employment Qualifications Who May Apply: US Citizens In order to qualify, you must meet the experience requirements described below. Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student; social). You will receive credit for all qualifying experience, including volunteer experience. Your resume must clearly describe your relevant experience; if qualifying based on education, your transcripts will be required as part of your application. Additional information about transcripts is in this document. Experience includes or was supplemented by information technology related experience (paid or unpaid experience and/or completion of specific, intensive training, as appropriate) which demonstrates each of the four competencies, as defined: (1) Attention to Detail - Is thorough when performing work and conscientious about attending to detail. Examples of IT-related experience demonstrating this competency include: completing thorough and accurate work independently, even in the most difficult or stressful situations; occasionally reviewing work completed by others; (2) Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. Examples of IT-related experience demonstrating this competency include: resolving routine and non-routine problems, questions, or complaints; developing and maintaining strong, mutually supportive working relationships with customers; conducting evaluation of support to determine quality of services and customer satisfaction, and recommending procedural changes based on customer need or changes in policy and/or regulation; (3) Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. Examples of IT-related experience demonstrating this competency include: convincingly conveying complex information to customers; presenting thoughts that are well-organized and demonstrating confidence in the facts and ideas; adjusting style when working with individuals with different levels of understanding; using various methods to explain and convey information; and (4) Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. Examples of IT-related experience demonstrating this competency include: solving complex or sensitive problems by developing and proposing strategic alternatives; identifying possible conflicts and shared benefits; helping team anticipate problems and identifying and evaluating potential sources of information; providing feedback and coaching to others to help solve problems; engaging appropriate stakeholders when developing solutions in order to understand and incorporate multiple perspectives and needs; evaluating the effectiveness of decisions and adjusting future decisions as appropriate. AND In addition to the competencies, resume one year of specialized experience equivalent to the next lower grade level (NH-2/GS-11) in the Federal service which includes: 1) Supporting necessary compliance activities (e.g., ensuring system security configuration guidelines are followed, compliance monitoring occurs); 2) Advising the appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture; and 3) Ensuring security improvement actions are evaluated, validated, or implemented as required. Education Some federal jobs allow you to substitute your education for the required experience in order to qualify. For this job, you must meet the qualification requirement using experience aloneno substitution of education for experience is permitted. Additional Information This position is subject to organizational compensation limits as identified in the organization's CCAS business rules or separate compensation management strategy. This is a Defense Cyberspace Workforce Framework (DCWF) position as outlined in DoDD 8140.01 -Cyberspace Workforce Management, Encl 2, Par 9(c)(d). Male applicants born after December 31, 1959, must complete a Pre-Employment Certification Statement for Selective Service Registration. You will be required to provide proof of U.S. Citizenship. One year trial/probationary period may be required. Direct Deposit of Pay is required. This position requires you to submit a Confidential Financial Disclosure Report (OGE450) upon entry, and annually thereafter. Selection is subject to restrictions resulting from Department of Defense referral system for displaced employees. If you have retired from federal service and you are interested in employment as a reemployed annuitant, see the information in the Reemployed Annuitant information sheet. This is an Information Technology/Cybersecurity Management Career Field position. Multiple positions may be filled from this announcement. Salary includes applicable locality pay or Local Market Supplement. Payment of Permanent Change of Station (PCS) costs is not authorized, based on a determination that a PCS move is not in the Government interest. Advance In-hire may be authorized. Recruitment incentive may be authorized. Advanced Leave Accrual may be authorized.