Information Technology Specialist (INFOSEC)

Full Job Description

This vacancy is for an Information Technology Specialist (INFOSEC) in the Office of the Chief Information Officer within the Department of Commerce.

Qualification requirements in the vacancy announcements are based on the U.S. Office of Personnel Management (OPM) Qualification Standards Handbook, which contains federal qualification standards.

This handbook is available on the Office of Personnel Management's website located at: https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/#url=Occupational-Series Applicants must possess one year of specialized experience equivalent in difficulty and responsibility to the next lower grade level in the Federal Service.

Specialized experience is experience that has equipped the applicant with the particular competencies/knowledge, skills and abilities to successfully perform the duties of the position.

This experience need not have been in the federal government.

Experience refers to paid and unpaid experience, including volunteer work done through National Service programs (e.g., Peace Corps, AmeriCorps) and other organizations e.g., professional; philanthropic, religious; spiritual; community, student, social).

Volunteer work helps build critical competencies; knowledge, and skills and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience.

To qualify at the GS-14 level, you must meet the following requirements: The Qualification Standards for Information Technology (IT) Management Series, 2210 (Alternative A) Individual Occupational Requirements.

Basic Requirements: In the Information Technology Specialist, GS-2210 occupation for the GS-5 through GS-15 (or equivalent) must have Information Technology (IT) related experience demonstrating each of the following competencies: Attention to Detail - Is thorough when performing work and conscientious about attending to detail; Customer Service - Works with clients and customers to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services; Oral Communication - Expresses information to individuals or groups effectively, taking into account the audience and nature of the information; makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately; and Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations .Your resume must clearly describe your relevant experience.

AND SPECIALIZED EXPERIENCE: You must possess one full year (52 weeks) of specialized experience equivalent to the GS-13 in the Federal service.

Specialized experience is defined as: Serves as an Information Technology (IT) consultant or advisor in mitigating vulnerabilities and breaches in information systems and networks within a business or organization; Administers information technology (IT) principles, methods, and security products to protect and maintain the availability, integrity, and confidentiality of information systems; Monitors and administer protection and preventive measures from cyber-attacks and threats of information transmitted through Local Area Networks (LAN), Wide Area Networks (WAN), and cloud-based systems; AND Writes reports containing analysis of cybersecurity events and incident responses.

Major Duties:

As an Information Technology Specialist (INFOSEC), you will perform the following duties: Document cybersecurity events and incidents.

Performs computer incident response investigations and evidentiary activities in defense of Department of Commerce (DOC) networks and information technology assets.

Develop analytical documents and recommend courses of action to remediate or mitigate identified threats.

Serve as a subject matter expert on cyber incident management and is responsible for leading the team that handles incident response investigations, evidentiary activities (handling, chain of custody and testimony) in defense of the DOC networks and critical information technology infrastructure.

Conduct vulnerability scanning to ascertain situational awareness of the threat level in order to derive network defense and hardening strategies and provide support, advice and direction to the Enterprise Security Operation Center Manager regarding ongoing and future Cyber-attack threat vectors.

Analyze and evaluate organization networks and recommend procedures and/or products to improve the overall security of these networks.

Monitor, identify, investigate, and document cybersecurity events and incidents; identify, document, and perform analysis of new and emerging threats; develop analytical documents and recommend course of action to remediate or mitigate identified threats.

Ensure the confidentiality, integrity, and availability of systems, networks, and data through the use of computer forensics to investigate computer incidents and to develop recommendations for the mitigation or remediation of such incidents Provide support in the development of Information Technology (IT) security policies, plans, and programs as it relates to risks to DOC systems and networks including but not limited to risks to cybersecurity incident response and management activities.

Serve on interagency committees and working groups to provide support in the development of IT security policies, plans, and programs as it relates to risks to DOC systems and networks including but not limited to risks to cybersecurity incident response and management activities.

Provide support, advice and direction to the Chief Information Security Officer regarding program progress, development, strategy and ongoing and future cyber-attack threat vectors.

Provide management briefings regarding incident investigations and respond to external and internal customer inquiries.

Provide support, advice and direction to the Chief Information Security Officer regarding program progress, development, strategy and ongoing and future cyber-attack threat vectors.

This Job Opportunity Announcement may be used to fill other Information Technology Specialist (INFOSEC) GS-2210-14, FPL 14 positions within the Department of Commerce in the same geographical location with the same qualifications and specialized experience.