Information Technology Specialist (INFOSEC) Direct-Hire

Full Job Description

This position is located in the Office of the Chief Information Officer (OCIO).

The Chief Information Security Officer (CISO) serves as the agency's senior cybersecurity official and is responsible for overseeing enterprise-wide cybersecurity strategies, risk management, and compliance with federal mandates.

To qualify for this position, you must meet the following: Experience - Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.

For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below.

The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled. 1.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail. 2.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

3.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

4. Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

-AND- Specialized Experience: GS-15: You MUST have one year of specialized experience equivalent to at least the GS-14 grade level in the Federal service (experience may have been gained in the private sector).

Specialized experience is defined as: 1) Experience leading an enterprise-wide information security program and to serve as a principal advisor to executive leadership on cybersecurity strategy, risk, and compliance; 2) Skilled in developing and implementing agency-wide cybersecurity policies, strategies, and risk management frameworks aligned with federal requirements such as Federal Information Security Modernization Act ( FISMA), OMB Circular A-130, National Institute of Standards and Technology (NIST) standards, and Zero Trust Architecture principles; 3) Experience directing comprehensive cybersecurity compliance activities, overseeing security assessments and audits, managing FISMA reporting, and ensuring adherence to accreditation and authorization requirements.

4) Leading incident response operations, including the detection, investigation, and remediation of cyber threats, and coordinating with interagency partners, law enforcement, and external stakeholders to strengthen threat intelligence and response capabilities.

5) Overseeing enterprise security architecture, secure system design, cloud security, and the integration of cybersecurity into broader IT and organizational strategies.

6) Advising senior executives on emerging threats, legislative and regulatory changes, and the implications of cybersecurity risks on mission operations, as well as leading cybersecurity governance, awareness initiatives, and cross-functional teams to enhance organizational resilience and security posture.

For more information see link: Information Technology (IT) Management Series 2210 (Alternative A) NOTE: IN DESCRIBING YOUR EXPERIENCE, PLEASE BE CLEAR AND SPECIFIC.

WE WILL NOT MAKE ASSUMPTIONS REGARDING YOUR EXPERIENCE. Your resume must clearly show the specialized experience and competencies related to this position.

Failure to demonstrate how you possess the education, specialized experience and/or competencies will result in an "Ineligible" rating. Major Duties:

As a Information Technology Specialist (INFOSEC) Direct-Hire,GS-2210-15, you will perform the following major duties: -Develop and implement enterprise-wide cybersecurity strategy, policies, and risk management frameworks.

- Oversee agency-wide compliance with FISMA, OMB A-130, NIST guidelines, and Zero Trust Architecture requirements.

- Conduct and direct enterprise cybersecurity risk assessments to identify vulnerabilities and prioritize mitigation strategies.

- Lead the agency's incident response program, ensuring rapid detection, investigation, and remediation of cyber threats.

- Manage cybersecurity compliance reporting, audits, and accreditation activities, including FISMA program oversight.