INFORMATION TECHNOLOGY (IT) SPECIALIST (INFOSEC/SYSANALYSIS)

Full Job Description

You will serve as an IT Specialist in the NAVFAC HQ Command Information Office, Cybersecurity Policy and Governance Division of NAVFAC OSF.

Your resume must demonstrate at least one year of specialized experience at or equivalent to the (GS-12) grade level or pay band in the Federal service or equivalent experience in the private or public sector.

Specialized experience must demonstrate the following: 1) Supporting the execution of Cyber Supply Chain Risk Management (C-SCRM) strategies by analyzing threats, vulnerabilities, and sourcing risks associated with critical system components, software, and services, to inform acquisition and security decisions; 2) Developing and presenting C-SCRM risk assessments, mitigation reports, and program status briefings for leadership and key stakeholders to secure consensus and guide the implementation of security controls; and 3) Coordinating with internal and external partners to integrate C-SCRM principles throughout the system development lifecycle, ensuring that supply chain security controls are effectively implemented, assessed, and maintained in accordance with federal directives.

Additional qualification information can be found from the following Office of Personnel Management web site: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/#url=List-by-Occupational-Series and https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/ Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., professional, philanthropic, religious, spiritual, community, student, social).

Volunteer work helps build critical competencies, knowledge, and skills and can provide valuable training and experience that translates directly to paid employment. Major Duties:

• You will have the ability to formulate, develop and apply experimental theories, principles and concepts to resolve problems, conditions or issues.
• You will have knowledge of Industrial Control System shipboard, shore and/or aloft control systems and/or IT systems. Knowledge of and skill with systems production processes.
• You will have the ability to generate and alter standard practices, equipment, devices, processes, and known techniques as it relates to cybersecurity system engineering and analysis.
• You will have knowledge of computer networking concepts and protocols, and network security methodologies.
• You will have knowledge of the following areas: cybersecurity principles; cyber threats and vulnerabilities
• You will have knowledge of specific operational impacts of cybersecurity lapses, security system design tools, methods, and technique
• You will have knowledge of OT risk management policies, requirements, and procedures.