INFORMATION TECHNOLOGY SPECIALIST (INFOSEC)

Full Job Description

Click on "Learn more about this agency" button below for IMPORTANT additional information.

The primary purpose of an Information Technology Specialist (INFOSEC), GG-2210-13, is to serve as the Sensitive Compartmented Information (SCI) Site Information Systems Security Manager (ISSM) for the Air Force Life Cycle Management Center, Intelligence Division at Hill AFB (AFLCMC/INL).

In order to qualify, you must meet the quality experience requirements described in the Office of Personnel Management (OPM) Qualification Standards, Information Technology (IT) Management Series 2210 (Alternative A).

BASIC REQUIREMENT OR INDIVIDUAL OCCUPATIONAL REQUIREMENT: For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, considering the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

In addition to meeting the basic requirements above, to qualify for this position you must also meet the qualification requirements listed below: EXPERIENCE REQUIRED: Your resume must reflect the quality level of experience which demonstrates the possession of the knowledge, skills, abilities, and competencies necessary for successful job performance required for this position.

Examples of creditable experience include: Direct experience serving as an Information Systems Security Manager (ISSM) or Information System Security Officers (ISSO) or Intelligence Community (IC) information systems; Proven, hands-on experience managing the full Assessment & Authorization (A&A) lifecycle using the Risk Management Framework (RMF); Demonstrated experience developing and maintaining core RMF documentation, including the System Security Plan (SSP), security control assessments, and managing a Plan of Action & Milestones (POA&M); and expertise in interpreting and implementing security controls from NIST SP 800-53 and ICD 503 within classified environments.

KNOWLEDGE, SKILLS AND ABILITIES (KSAs): Your qualifications will be evaluated on the basis of your level of knowledge, skills, abilities and/or competencies in the following areas: 1.

Expert knowledge of a full range of IT security principles, concepts, practices, new and emerging products and services (including systems software, database software, immediate access storage technology, and firewalls), and methods for evaluating risk and vulnerability, implementing mitigating improvement, disseminating IT security tools and procedures, and integration techniques.

2.

Broad knowledge of IT INFOSEC security requirements for certification and accreditation, network operations and protocols, systems testing and evaluation, and performance management methods sufficient to plan and conduct security accreditation reviews for installed systems or networks and assess and advise on new revised security measures and countermeasures based on the results of accreditation reviews.

3.

Expert knowledge of a broad range of telecommunications concepts and principles, operating modes, systems, media, equipment, equipment configuration, related software systems, advise on vulnerability to attack from a variety of sources (e.g., espionage, disruption of services, destructive programs/applications) and procedures methods for protection of systems and applications.

4.

Knowledge of Cyberspace Workforce Management, extensive knowledge of existing cybersecurity policies, in-depth knowledge of the Assessment and Authorization (A&A) process and advanced skills in the tools and technology to automate the processes.

5.

Ability to communicate effectively, both orally and in writing, in order to produce technical reports and/or briefings for multiple forums and audiences and ability to make decisions independently in a self-directed manner in support of a team and/or organizational goals.

PART-TIME OR UNPAID EXPERIENCE: Credit will be given for appropriate unpaid and or part-time work.

You must clearly identify the duties and responsibilities in each position held and the total number of hours per week.

VOLUNTEER WORK EXPERIENCE: Refers to paid and unpaid experience, including volunteer work done through National Service Programs (i.e., Peace Corps, AmeriCorps) and other organizations (e.g., professional; philanthropic; religious; spiritual; community; student and social).

Volunteer work helps build critical competencies, knowledge and skills that can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience.

Additional Information: This position has been designated by the Air Force as a Testing Designated Position(TDP) under the Air Force Civilian Drug Demand Reduction Program.

Candidate must pass initial and periodic short notice drug testing.

Illegal drug use by employees in sensitive positions presents a clear threat to the mission of the Air Force, national security, and public safety.

Cyberspace Qualification is a condition of employment. This position includes Cyberspace work as a paramount duty requirement.

Per DoDM 8140.03, the incumbent must meet all foundational and resident qualification requirements.

This Information Systems Security Manager (ISSM) position has a primary designation aligned with the Cyberspace Workforce Framework (CWF) Work Role Code 722 "Information Systems Security Manager" (Advanced Proficiency).

The position also encompasses significant duties that align with WRC 805 "Cybersecurity Control Assessor" and WRC 801 "Program Manager." To meet foundational qualification requirements for the primary work role (722), candidates must demonstrate they meet the qualifications for this work role.

This is typically accomplished by possessing an approved professional certification (e.g., CISSP, CISM, GSLC).

However, in accordance with DoDM 8140.03, the hiring manager may also approve a candidate's qualification based on a combination of formal education, relevant training, and extensive, documented experience that is determined to be equivalent to the required certification.

If not already qualified upon entry, the selected candidate will be required to meet all foundational qualification requirements for the primary work role within 9 months of assignment.

Failure to achieve and maintain the proper Cyberspace Qualification may result in removal from this position.

Position is designated special-sensitive and requires eligibility to Sensitive Compartmented Information (SCI), other intelligence-related Specialist Sensitive information, or involvement in Top Secret Special Access Programs (SAP) to fully perform the duties and responsibilities of the position.

A non-disclosure agreement must be signed. Major Duties:

- Plan, develop, implement, and maintain the AFLCMC Enterprise Sensitive Compartmented Information (SCI) Cyber Security program at Hill AFB.

- Implement and manage the AFLCMC Enterprise SCI Information System Accreditation Program at Hill AFB pursuant to the Risk Management Framework (RMF) per Intelligence Community Directive (ICD) 503, National Institute of Standards and Technology (NIST) Special Publications, and other regulations and policies.

- Provide Information System/Network Security Management for Organizational Projects. - Perform duties as Communication Security and Information Technology Property Manager.