IT Cybersecurity Specialist

Full Job Description

This position is located with Bonneville Power Administration (BPA), in the Cyber Assessment, Verification, Remediation & Reporting (JBC) group of the Cyber Security Office (JB), Information Technology (J).

A successful candidate in this position will perform a variety of work involved in the development, implementation, maintenance and enforcement of BPA cyber security policies and standards and provisions of the security authorization process and other assessment activities.

BASIC REQUIREMENT: Experience must be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate.

For all positions individuals must have IT-related experience demonstrating each of the four competencies listed below.

The employing agency is responsible for identifying the specific level of proficiency required for each competency at each grade level based on the requirements of the position being filled.

Attention to Detail - Is thorough when performing work and conscientious about attending to detail.

Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services.

Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately.

Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations.

To meet this requirement, you must demonstrate proficiency in each of the four competencies listed above as follows: GS-12: Advanced - You can perform the actions associated with each of these competencies without assistance.

You are recognized within your immediate organization as "a person to ask" when difficult questions arise regarding each of these competencies.

Focus is on broad organizational/professional issues; You have consistently provided practical/relevant ideas and perspectives on process or practice improvements which may easily be implemented; You are capable of coaching others in the application of each of these competencies by translating complex nuances relating to each competency into easy to understand terms; You participate in senior level discussions regarding these competencies; You assist in the development of reference and resource materials in these competencies.

SPECIALIZED EXPERIENCE REQUIREMENTS: A qualified candidate's resume must demonstrate at least one year of specialized experience equivalent to the next lower grade level (GS-11) in the Federal service.

Specialized experience is defined as: 1) assisting with cybersecurity assessments, vulnerability identification, and remediation; 2) maintaining assessment documentation, security reports, and technical testing results; 3) utilizing cybersecurity assessment tools for data gathering and analysis; and 4) supporting IT system compliance with security frameworks and internal policies.

"Experience" refers to paid and unpaid experience.

Examples of qualifying unpaid experience may include volunteer work done through National Service programs (such as Peace Corps and AmeriCorps); as well as work for other community-based philanthropic and social organizations.

Volunteer work helps build critical competencies, knowledge, and skills; and can provide valuable training and experience that translates directly to paid employment.

You will receive credit for all qualifying experience, including volunteer experience. You must meet all qualifications and eligibility requirements by the closing date of this announcement.

Major Duties:

As an IT Cybersecurity Specialist, you will: Develop, implement, and coordinate activities designed to ensure, protect, and restore IT systems, services, and capabilities.

Monitor and evaluate systems' compliance with IT security requirements.

Provide advice and guidance in implementing IT security policies and procedures in the development and operation of network systems.

Evaluate, recommend the acquisition of, implement, and disseminate IT security tools, procedures, and practices to protect information assets.

Plan and conduct security control assessments for installed systems, devices, or networks, and recommend new or revised security measures and countermeasures based on the results of security control assessments.

Identify and specify information systems security requirements associated with migrations to new environments and provide guidance in planning and implementing migration activities.

Develop specifications to ensure compliance with security requirements at the systems or LAN level and the enterprise level.