Information Technology Specialist (Security)(Direct-Hire)

Full Job Description

Serves as the Security Engineer, responsible for ensuring the confidentiality, integrity, and availability of Goddard's critical data and IT assets.

Provides secure solutions to meet complex problems, works with organizations to enhance and strengthen information security and integrate it throughout the system life cycle.

Provides support to plan, design and implement security controls which safeguard/monitor anomalous events for networks, information systems, enterprise applications and data.

Specialized experience is experience that has equipped you with the particular ability, skill, and knowledge to successfully perform the duties of this position and is typically in or related to this line of work.

To qualify for GS-13, you must have one year of directly related specialized experience equivalent to the GS-12 level: Performing forensics analysis, systems security policies, guidelines, procedures and/or regulations for systems utilizing IT Security processes; Working with multi-disciplinary teams or groups utilizing information technology standards, policies, and handbooks, operating systems, IT system vulnerabilities, attack characteristics, and/or security monitoring products to evaluate the impact of cybersecurity products and services on operations; Programming and/or developing software tools to include: systems administration and security controls systems used for vulnerability scanning, patch management, incident response, and/or other cybersecurity operation tool sets.

ANDIF you are qualifying based on experience, you MUST also have IT-related experience demonstrating each of the four competencies listed below: Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

Your resume must include a clear and detailed narrative description, in your own words, of how you meet the required specialized experience.

Experience statements copied from a position description, vacancy announcement or other reference material constitutes plagiarism and may result in disqualification and losing consideration for the job.

NASA prohibits the use of artificial intelligence (AI) or AI-assisted tool in drafting application and assessment responses.

Please visit https://www.nasa.gov/careers/how-to-apply/#Artificial-Intelligence to review NASA's guidance on the use of AI tools during the application process. Major Duties:

• Maintain, configure, or analyze network and host-based security platforms and/or associated reports. Apply advanced statistical data and trends to interpret meaning and evaluate findings. Reconcile conflicts between basic policies and program goals.
• Develop long-range plans for IT security systems that anticipate, identify, evaluate, mitigate, and minimize risks associated with IT systems vulnerabilities and system exploitations.
• Develop/interpret policy and procedural controls covering physical security, application/data security, system software security, contingency planning, and compliance with clearance procedures, contractor/technical security education/training.
• Analyze, troubleshoot, and investigate security-related, information systems' anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts and provide mitigation strategies.
• Support Incident Response, Threat Management and Vulnerability Management teams. Respond to information security related events and requirements during the conduct of system forensic analysis often critical to civil and criminal investigations.
• Provide expert analysis and advice to technical community while maintaining strong relationships with senior executives, managers, and system/network engineers. Review proposed new systems, networks, and software designs for potential security risks.
• Serve as Center Alternate Communications Security (COMSEC) Manager. Oversee Center COMSEC inventory and its use; maintain COMSEC account files. Prepare/submit Destruction, Transfer, Inventory, and Possession Material Reports and other reports.