INFORMATION TECHNOLOGY SPECIALIST (INFOSEC)

Full Job Description

Click on "Learn more about this agency" button below to view Eligibilities being considered and other IMPORTANT information.

The primary purpose of this position is: The primary purpose of this position is: To serve as Cybersecurity/Information Systems Security manager (ISSM), and Subject Matter Expert (SME) for Risk Management Framework (RMF) Assessment & Authorization of JBSA circuit-enclaves.

In order to qualify, you must meet the requirements described in the Office of Personnel Management (OPM) Qualification Standards for General Schedule Positions, Information Technology (IT) Management Series, GS-2210 (Alternate A).

https://www.opm.gov/policy-data-oversight/classification-qualifications/general-schedule-qualification-standards/2200/information-technology-it-management-series-2210-alternative-a/ EXPERIENCE: Must have IT-related experience demonstrating each of the four competencies listed below: Attention to Detail, Customer Service, Oral Communication, and Problem Solving AND one year of specialized experience at the next lower grade GS-12 (or equivalent in other pay systems) which includes: Proficient in applying advanced IT security principles, methods, policies, and tools to create specifications that ensure LAN-level security compliance and to plan and coordinate security awareness training for users across an organization.

Able to apply risk assessment and risk management techniques to identify and address threats, vulnerabilities, and potential impacts on business or mission operations.

In addition, understand security requirements for certification and accreditation, network operations and protocols, system testing and evaluation, and performance management.

Able to implement and coordinate efforts to safeguard and restore IT systems and services, monitor and assess compliance, advise on security policies and procedures for network system development and operation, conduct accreditation reviews, and recommend updated security measures based on review findings.

FEDERAL TIME-IN-GRADE (TIG) REQUIREMENT FOR GENERAL SCHEDULE (GS) POSITIONS: Merit promotion applicants must meet applicable time-in-grade requirements to be considered eligible.

One year at the GS-12 level is required to meet the time-in-grade requirements for the GS-13 level. TIG applies if you are in a current GS position or held a GS position within the previous 52 weeks.

NOTE: Applicants applying as VEOA candidates who are current GS civil service employees or are prior GS civil service employees within the past 52 weeks must also meet time-in-grade requirements.

KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas: 1.

Expert knowledge of a full range of IT security principles, concepts, practices, products and services (including systems software, database software, immediate access storage technology), and methods for evaluating risk and vulnerability, implementing mitigating improvement, and disseminating IT security tools and procedures.

2.

Expert knowledge of IT INFOSEC security requirements for assessment and authorization, network operations and protocols, systems testing and evaluation, and performance management methods sufficient to plan and conduct security accreditation reviews for installed systems or networks and assess and advise on new or revised security measures and countermeasures based on the results of accreditation reviews.

3. Knowledge of Local Area Network security requirements and techniques for protecting computer systems from viruses, data tampering, and unauthorized system entry. 4.

Comprehensive knowledge of a broad range of telecommunications concepts and principles, operating modes, systems, media, equipment, equipment configuration, and related software systems, processes and procedures to assess and advise on vulnerability to attack from a variety of sources (e.g., espionage, disruption of services, destructive programs/applications) and procedures and methods for protection of systems and applications.

5.

Ability to communicate effectively, both orally and in writing, clearly, concisely, and with technical accuracy, providing briefings, reports, recommendations, and training to AF senior leadership, program management, program office personnel, customers (AF system owner), and user community.

6. Skilled at developing and conducting training on information security. 7. Knowledge of safety and security regulations, practices and procedures.

PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work.

You must clearly identify the duties and responsibilities in each position held and the total number of hours per week.

VOLUNTEER WORK EXPERIENCE: Refers to paid and unpaid experience, including volunteer work done through National Service Programs (i.e., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student and social).

Volunteer work helps build critical competencies, knowledge and skills that can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. Major Duties:

• Serves as Cybersecurity/Information Systems Security Manager (ISSM). Administers the COMPUSEC Program. Conducts Cybersecurity Policy Compliance Inspections. Manages the Network Security Program.